diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 609b58c73..56cba75a2 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -2,6 +2,33 @@ Changelog ********* +4.0.0 -- 2024-10-29 +=================== + +Features +-------- +* Add support for constructs from the `AWS Cryptographic Material Providers Library (MPL) `_. + The MPL contains new constructs for encrypting and decrypting your data. + We highly recommend installing the MPL. See `Installing `_ for instructions. + +Breaking Changes +^^^^^^^^^^^^^^^^ +* The MPL introduces the Required Encryption Context Cryptographic Materials Manager + ("required EC CMM") as a new construct for protecting your data. + On encrypt, the required EC CMM will use specific configured + encryption context key-value pairs to calculate the message signature, + but will not store those pairs in the ESDK message. + On decrypt, decryptors must supply these same pairs that were used when encrypting the message. + All messages that have been encrypted with versions of the ESDK <4.0.0 are forward compatible with this change. + However, messages that are constructed with the required EC CMM are not backward compatible with ESDK <4.0.0, + as no version of ESDK <4.0.0 supports reading messages encrypted with the required EC CMM. + A message that is encrypted with the required EC CMM from the MPL must be decrypted with a CMM from the MPL. + +Fixes +----------- +* fix: MKPs attempt to decrypt with remaining keys if a preceding raw RSA key failed to decrypt + `#707 `_ + 3.3.0 -- 2024-05-20 =================== diff --git a/src/aws_encryption_sdk/identifiers.py b/src/aws_encryption_sdk/identifiers.py index a06030889..3e5a9940b 100644 --- a/src/aws_encryption_sdk/identifiers.py +++ b/src/aws_encryption_sdk/identifiers.py @@ -17,7 +17,7 @@ # We only actually need these imports when running the mypy checks pass -__version__ = "3.3.0" +__version__ = "4.0.0" USER_AGENT_SUFFIX = "AwsEncryptionSdkPython/{}".format(__version__)