pyca · alex · Jul 4, 2025
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -157,9 +157,6 @@ jobs:
       fail-fast: false
       matrix:
         IMAGE:
-          - {IMAGE: "rhel8", NOXSESSION: "tests", RUNNER: "ubuntu-latest"}
-          - {IMAGE: "rhel8-fips", NOXSESSION: "tests", RUNNER: "ubuntu-latest", FIPS: true}
-          - {IMAGE: "bullseye", NOXSESSION: "tests", RUNNER: "ubuntu-latest"}
           - {IMAGE: "bookworm", NOXSESSION: "tests", RUNNER: "ubuntu-latest"}
           - {IMAGE: "trixie", NOXSESSION: "tests", RUNNER: "ubuntu-latest"}
           - {IMAGE: "sid", NOXSESSION: "tests", RUNNER: "ubuntu-latest"}

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -9,6 +9,9 @@ Changelog
 .. note:: This version is not yet released and is under active development.
 
 * **BACKWARDS INCOMPATIBLE:** Support for Python 3.7 has been removed.
+* **BACKWARDS INCOMPATIBLE:** Support for OpenSSL 1.1.x has been removed.
+  OpenSSL 3.0.0 or later is now required. LibreSSL, BoringSSL, and AWS-LC
+  continue to be supported.
 * Removed the deprecated ``get_attribute_for_oid`` method on
   :class:`~cryptography.x509.CertificateSigningRequest`. Users should use
   :meth:`~cryptography.x509.Attributes.get_attribute_for_oid` instead.

diff --git a/docs/development/c-bindings.rst b/docs/development/c-bindings.rst
@@ -189,9 +189,9 @@ Caveats
 Sometimes, a set of loosely related features are added in the same
 version, and it's impractical to create ``#ifdef`` statements for each
 one. In that case, it may make sense to either check for a particular
-version. For example, to check for OpenSSL 1.1.1 or newer::
+version. For example, to check for OpenSSL 3.2.0 or newer::
 
-    #if CRYPTOGRAPHY_OPENSSL_111_OR_GREATER
+    #if CRYPTOGRAPHY_OPENSSL_320_OR_GREATER
 
 Sometimes, the version of a library on a particular platform will have
 features that you thought it wouldn't, based on its version.

diff --git a/docs/faq.rst b/docs/faq.rst
@@ -107,14 +107,14 @@ If you have no other libraries using OpenSSL in your process, or they do not
 appear to be at fault, it's possible that this is a bug in ``cryptography``.
 Please file an `issue`_ with instructions on how to reproduce it.
 
-Installing cryptography with OpenSSL 0.9.8, 1.0.0, 1.0.1, 1.0.2, 1.1.0 fails
-----------------------------------------------------------------------------
+Installing cryptography with OpenSSL older than 3.0.0 fails
+------------------------------------------------------------
 
 The OpenSSL project has dropped support for the 0.9.8, 1.0.0, 1.0.1, 1.0.2,
-and 1.1.0 release series. Since they are no longer receiving security patches
+1.1.0, and 1.1.1 release series. Since they are no longer receiving security patches
 from upstream, ``cryptography`` is also dropping support for them. To fix this
-issue you should upgrade to a newer version of OpenSSL (1.1.1 or later). This
-may require you to upgrade to a newer operating system.
+issue you should upgrade to OpenSSL 3.0.0 or later. This may require you to 
+upgrade to a newer operating system.
 
 Installing ``cryptography`` fails with ``error: Can not find Rust compiler``
 ----------------------------------------------------------------------------

diff --git a/docs/installation.rst b/docs/installation.rst
@@ -24,15 +24,13 @@ Supported platforms
 Currently we test ``cryptography`` on Python 3.8+ and PyPy3 7.3.11+ on these
 operating systems.
 
-* x86-64 RHEL 8.x
 * x86-64 CentOS Stream 9, 10
 * x86-64 Fedora (latest)
 * x86-64 macOS 13 Ventura
 * ARM64 macOS 14 Sonoma
 * x86-64 Ubuntu 22.04, 24.04, and rolling
 * ARM64, ARMv7l, and ``ppc64le`` Ubuntu rolling
-* x86-64 Debian Bullseye (11.x), Bookworm (12.x), Trixie (13.x), and
-  Sid (unstable)
+* x86-64 Debian Bookworm (12.x), Trixie (13.x), and Sid (unstable)
 * x86-64 and ARM64 Alpine (latest)
 * 32-bit and 64-bit Python on 64-bit Windows Server 2022
 
@@ -206,7 +204,7 @@ available from your system package manager.
 Then, paste the following into a shell script. You'll need to populate the
 ``OPENSSL_VERSION`` variable. To do that, visit `openssl.org`_ and find the
 latest non-FIPS release version number, then set the string appropriately. For
-example, for OpenSSL 1.1.1k, use ``OPENSSL_VERSION="1.1.1k"``.
+example, for OpenSSL 3.0.9, use ``OPENSSL_VERSION="3.0.9"``.
 
 When this shell script is complete, you'll find a collection of wheel files in
 a directory called ``wheelhouse``. These wheels can be installed by a

diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py
@@ -5,9 +5,9 @@
 from __future__ import annotations
 
 INCLUDES = r"""
-/* define our OpenSSL API compatibility level to 1.1.0. Any symbols older than
+/* define our OpenSSL API compatibility level to 3.0.0. Any symbols older than
    that will raise an error during compilation. */
-#define OPENSSL_API_COMPAT 0x10100000L
+#define OPENSSL_API_COMPAT 0x30000000L
 
 #if defined(_WIN32)
 #ifndef WIN32_LEAN_AND_MEAN
@@ -49,8 +49,11 @@
 #endif
 
 
-#if OPENSSL_VERSION_NUMBER < 0x10101050
-    #error "pyca/cryptography MUST be linked with Openssl 1.1.1e or later"
+#if !CRYPTOGRAPHY_IS_LIBRESSL && !CRYPTOGRAPHY_IS_BORINGSSL && \
+    !CRYPTOGRAPHY_IS_AWSLC
+    #if OPENSSL_VERSION_NUMBER < 0x30000000
+        #error "pyca/cryptography MUST be linked with OpenSSL 3.0.0 or later"
+    #endif
 #endif
 """
 

diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py
@@ -476,8 +476,8 @@
 static const long Cryptography_HAS_GET_EXTMS_SUPPORT = 1;
 #endif
 
-/* in OpenSSL 1.1.0 the SSL_ST values were renamed to TLS_ST and several were
-   removed */
+/* The SSL_ST values were renamed to TLS_ST in OpenSSL and several were
+   removed, but are still available in LibreSSL, BoringSSL, and AWS-LC */
 #if CRYPTOGRAPHY_IS_LIBRESSL || CRYPTOGRAPHY_IS_BORINGSSL \
     || CRYPTOGRAPHY_IS_AWSLC
 static const long Cryptography_HAS_SSL_ST = 1;

diff --git a/src/cryptography/hazmat/bindings/_rust/openssl/__init__.pyi b/src/cryptography/hazmat/bindings/_rust/openssl/__init__.pyi
@@ -48,7 +48,6 @@ __all__ = [
 CRYPTOGRAPHY_IS_LIBRESSL: bool
 CRYPTOGRAPHY_IS_BORINGSSL: bool
 CRYPTOGRAPHY_IS_AWSLC: bool
-CRYPTOGRAPHY_OPENSSL_300_OR_GREATER: bool
 CRYPTOGRAPHY_OPENSSL_309_OR_GREATER: bool
 CRYPTOGRAPHY_OPENSSL_320_OR_GREATER: bool
 CRYPTOGRAPHY_OPENSSL_330_OR_GREATER: bool

diff --git a/src/rust/Cargo.toml b/src/rust/Cargo.toml
@@ -38,4 +38,4 @@ name = "cryptography_rust"
 crate-type = ["cdylib"]
 
 [lints.rust]
-unexpected_cfgs = { level = "warn", check-cfg = ['cfg(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER)', 'cfg(CRYPTOGRAPHY_OPENSSL_309_OR_GREATER)', 'cfg(CRYPTOGRAPHY_OPENSSL_320_OR_GREATER)', 'cfg(CRYPTOGRAPHY_OPENSSL_330_OR_GREATER)', 'cfg(CRYPTOGRAPHY_OPENSSL_350_OR_GREATER)', 'cfg(CRYPTOGRAPHY_IS_LIBRESSL)', 'cfg(CRYPTOGRAPHY_IS_BORINGSSL)', 'cfg(CRYPTOGRAPHY_IS_AWSLC)', 'cfg(CRYPTOGRAPHY_BUILD_OPENSSL_NO_LEGACY)', 'cfg(CRYPTOGRAPHY_OSSLCONF, values("OPENSSL_NO_IDEA", "OPENSSL_NO_CAST", "OPENSSL_NO_BF", "OPENSSL_NO_CAMELLIA", "OPENSSL_NO_SEED", "OPENSSL_NO_SM4", "OPENSSL_NO_RC4"))'] }
+unexpected_cfgs = { level = "warn", check-cfg = ['cfg(CRYPTOGRAPHY_OPENSSL_309_OR_GREATER)', 'cfg(CRYPTOGRAPHY_OPENSSL_320_OR_GREATER)', 'cfg(CRYPTOGRAPHY_OPENSSL_330_OR_GREATER)', 'cfg(CRYPTOGRAPHY_OPENSSL_350_OR_GREATER)', 'cfg(CRYPTOGRAPHY_IS_LIBRESSL)', 'cfg(CRYPTOGRAPHY_IS_BORINGSSL)', 'cfg(CRYPTOGRAPHY_IS_AWSLC)', 'cfg(CRYPTOGRAPHY_BUILD_OPENSSL_NO_LEGACY)', 'cfg(CRYPTOGRAPHY_OSSLCONF, values("OPENSSL_NO_IDEA", "OPENSSL_NO_CAST", "OPENSSL_NO_BF", "OPENSSL_NO_CAMELLIA", "OPENSSL_NO_SEED", "OPENSSL_NO_SM4", "OPENSSL_NO_RC4"))'] }
diff --git a/src/rust/build.rs b/src/rust/build.rs
@@ -11,9 +11,6 @@ fn main() {
     if let Ok(version) = env::var("DEP_OPENSSL_VERSION_NUMBER") {
         let version = u64::from_str_radix(&version, 16).unwrap();
 
-        if version >= 0x3_00_00_00_0 {
-            println!("cargo:rustc-cfg=CRYPTOGRAPHY_OPENSSL_300_OR_GREATER");
-        }
         if version >= 0x3_00_09_00_0 {
             println!("cargo:rustc-cfg=CRYPTOGRAPHY_OPENSSL_309_OR_GREATER");
         }

diff --git a/src/rust/cryptography-openssl/Cargo.toml b/src/rust/cryptography-openssl/Cargo.toml
@@ -15,4 +15,4 @@ foreign-types = "0.3"
 foreign-types-shared = "0.1"
 
 [lints.rust]
-unexpected_cfgs = { level = "warn", check-cfg = ['cfg(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER)', 'cfg(CRYPTOGRAPHY_OPENSSL_320_OR_GREATER)', 'cfg(CRYPTOGRAPHY_IS_LIBRESSL)', 'cfg(CRYPTOGRAPHY_IS_BORINGSSL)', 'cfg(CRYPTOGRAPHY_IS_AWSLC)'] }
+unexpected_cfgs = { level = "warn", check-cfg = ['cfg(CRYPTOGRAPHY_OPENSSL_320_OR_GREATER)', 'cfg(CRYPTOGRAPHY_IS_LIBRESSL)', 'cfg(CRYPTOGRAPHY_IS_BORINGSSL)', 'cfg(CRYPTOGRAPHY_IS_AWSLC)'] }
diff --git a/src/rust/cryptography-openssl/build.rs b/src/rust/cryptography-openssl/build.rs
@@ -9,9 +9,6 @@ fn main() {
     if let Ok(version) = env::var("DEP_OPENSSL_VERSION_NUMBER") {
         let version = u64::from_str_radix(&version, 16).unwrap();
 
-        if version >= 0x3_00_00_00_0 {
-            println!("cargo:rustc-cfg=CRYPTOGRAPHY_OPENSSL_300_OR_GREATER");
-        }
         if version >= 0x3_02_00_00_0 {
             println!("cargo:rustc-cfg=CRYPTOGRAPHY_OPENSSL_320_OR_GREATER");
         }

diff --git a/src/rust/cryptography-openssl/src/fips.rs b/src/rust/cryptography-openssl/src/fips.rs
@@ -2,14 +2,11 @@
 // 2.0, and the BSD License. See the LICENSE file in the root of this repository
 // for complete details.
 
-#[cfg(all(
-    CRYPTOGRAPHY_OPENSSL_300_OR_GREATER,
-    not(any(
-        CRYPTOGRAPHY_IS_LIBRESSL,
-        CRYPTOGRAPHY_IS_BORINGSSL,
-        CRYPTOGRAPHY_IS_AWSLC
-    ))
-))]
+#[cfg(not(any(
+    CRYPTOGRAPHY_IS_LIBRESSL,
+    CRYPTOGRAPHY_IS_BORINGSSL,
+    CRYPTOGRAPHY_IS_AWSLC
+)))]
 use std::ptr;
 
 #[cfg(not(any(
@@ -19,25 +16,34 @@ use std::ptr;
 )))]
 use openssl_sys as ffi;
 
-#[cfg(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER)]
+#[cfg(not(any(
+    CRYPTOGRAPHY_IS_LIBRESSL,
+    CRYPTOGRAPHY_IS_BORINGSSL,
+    CRYPTOGRAPHY_IS_AWSLC
+)))]
 use crate::{cvt, OpenSSLResult};
 
 pub fn is_enabled() -> bool {
     cfg_if::cfg_if! {
         if #[cfg(any(CRYPTOGRAPHY_IS_LIBRESSL, CRYPTOGRAPHY_IS_BORINGSSL))] {
             false
-        } else if #[cfg(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER)] {
+        } else if #[cfg(CRYPTOGRAPHY_IS_AWSLC)] {
+            openssl::fips::enabled()
+        } else {
+            // OpenSSL case
             // SAFETY: No pre-conditions
             unsafe {
                 ffi::EVP_default_properties_is_fips_enabled(ptr::null_mut()) == 1
             }
-        } else {
-            openssl::fips::enabled()
         }
     }
 }
 
-#[cfg(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER)]
+#[cfg(not(any(
+    CRYPTOGRAPHY_IS_LIBRESSL,
+    CRYPTOGRAPHY_IS_BORINGSSL,
+    CRYPTOGRAPHY_IS_AWSLC
+)))]
 pub fn enable() -> OpenSSLResult<()> {
     // SAFETY: No pre-conditions
     unsafe {

diff --git a/src/rust/src/backend/aead.rs b/src/rust/src/backend/aead.rs
@@ -446,21 +446,12 @@ impl EvpAead {
 struct ChaCha20Poly1305 {
     #[cfg(any(CRYPTOGRAPHY_IS_BORINGSSL, CRYPTOGRAPHY_IS_AWSLC))]
     ctx: EvpAead,
-    #[cfg(any(
-        CRYPTOGRAPHY_OPENSSL_320_OR_GREATER,
-        CRYPTOGRAPHY_IS_LIBRESSL,
-        not(any(
-            CRYPTOGRAPHY_OPENSSL_300_OR_GREATER,
-            CRYPTOGRAPHY_IS_BORINGSSL,
-            CRYPTOGRAPHY_IS_AWSLC
-        ))
-    ))]
+    #[cfg(any(CRYPTOGRAPHY_OPENSSL_320_OR_GREATER, CRYPTOGRAPHY_IS_LIBRESSL))]
     ctx: EvpCipherAead,
     #[cfg(not(any(
         CRYPTOGRAPHY_IS_LIBRESSL,
         CRYPTOGRAPHY_IS_BORINGSSL,
         CRYPTOGRAPHY_IS_AWSLC,
-        not(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER),
         CRYPTOGRAPHY_OPENSSL_320_OR_GREATER
     )))]
     ctx: LazyEvpCipherAead,
@@ -496,8 +487,7 @@ impl ChaCha20Poly1305 {
                 })
             } else if #[cfg(any(
                 CRYPTOGRAPHY_IS_LIBRESSL,
-                CRYPTOGRAPHY_OPENSSL_320_OR_GREATER,
-                not(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER),
+                CRYPTOGRAPHY_OPENSSL_320_OR_GREATER
             ))] {
                 Ok(ChaCha20Poly1305 {
                     ctx: EvpCipherAead::new(
@@ -581,17 +571,15 @@ struct AesGcm {
         CRYPTOGRAPHY_OPENSSL_320_OR_GREATER,
         CRYPTOGRAPHY_IS_LIBRESSL,
         CRYPTOGRAPHY_IS_BORINGSSL,
-        CRYPTOGRAPHY_IS_AWSLC,
-        not(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER),
+        CRYPTOGRAPHY_IS_AWSLC
     ))]
     ctx: EvpCipherAead,
 
     #[cfg(not(any(
         CRYPTOGRAPHY_OPENSSL_320_OR_GREATER,
         CRYPTOGRAPHY_IS_LIBRESSL,
         CRYPTOGRAPHY_IS_BORINGSSL,
-        CRYPTOGRAPHY_IS_AWSLC,
-        not(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER),
+        CRYPTOGRAPHY_IS_AWSLC
     )))]
     ctx: LazyEvpCipherAead,
 }
@@ -619,8 +607,7 @@ impl AesGcm {
                 CRYPTOGRAPHY_OPENSSL_320_OR_GREATER,
                 CRYPTOGRAPHY_IS_BORINGSSL,
                 CRYPTOGRAPHY_IS_LIBRESSL,
-                CRYPTOGRAPHY_IS_AWSLC,
-                not(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER),
+                CRYPTOGRAPHY_IS_AWSLC
             ))] {
                 Ok(AesGcm {
                     ctx: EvpCipherAead::new(cipher, key_buf.as_bytes(), 16, false)?,
@@ -858,7 +845,7 @@ impl AesSiv {
         };
 
         cfg_if::cfg_if! {
-            if #[cfg(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER)] {
+            if #[cfg(not(any(CRYPTOGRAPHY_IS_LIBRESSL, CRYPTOGRAPHY_IS_BORINGSSL, CRYPTOGRAPHY_IS_AWSLC)))] {
                 if cryptography_openssl::fips::is_enabled() {
                     return Err(CryptographyError::from(
                         exceptions::UnsupportedAlgorithm::new_err((

diff --git a/src/rust/src/backend/cipher_registry.rs b/src/rust/src/backend/cipher_registry.rs
@@ -258,7 +258,11 @@ fn get_cipher_registry(
             m.add(&sm4, &ofb, Some(128), Cipher::sm4_ofb())?;
             m.add(&sm4, &ecb, Some(128), Cipher::sm4_ecb())?;
 
-            #[cfg(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER)]
+            #[cfg(not(any(
+                CRYPTOGRAPHY_IS_LIBRESSL,
+                CRYPTOGRAPHY_IS_BORINGSSL,
+                CRYPTOGRAPHY_IS_AWSLC
+            )))]
             if let Ok(c) = Cipher::fetch(None, "sm4-gcm", None) {
                 m.add(&sm4, &gcm, Some(128), c)?;
             }
@@ -270,8 +274,11 @@ fn get_cipher_registry(
         // Don't register legacy ciphers if they're unavailable. In theory
         // this shouldn't be necessary but OpenSSL 3 will return an EVP_CIPHER
         // even when the cipher is unavailable.
-        if cfg!(not(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER))
-            || types::LEGACY_PROVIDER_LOADED.get(py)?.is_truthy()?
+        if cfg!(any(
+            CRYPTOGRAPHY_IS_LIBRESSL,
+            CRYPTOGRAPHY_IS_BORINGSSL,
+            CRYPTOGRAPHY_IS_AWSLC
+        )) || types::LEGACY_PROVIDER_LOADED.get(py)?.is_truthy()?
         {
             #[cfg(not(CRYPTOGRAPHY_OSSLCONF = "OPENSSL_NO_BF"))]
             {

diff --git a/src/rust/src/backend/ec.rs b/src/rust/src/backend/ec.rs
@@ -233,12 +233,20 @@ impl ECPrivateKey {
         // If `set_peer_ex` is available, we don't validate the key. This is
         // because we already validated it sufficiently when we created the
         // ECPublicKey object.
-        #[cfg(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER)]
+        #[cfg(not(any(
+            CRYPTOGRAPHY_IS_LIBRESSL,
+            CRYPTOGRAPHY_IS_BORINGSSL,
+            CRYPTOGRAPHY_IS_AWSLC
+        )))]
         deriver
             .set_peer_ex(&peer_public_key.pkey, false)
             .map_err(|_| pyo3::exceptions::PyValueError::new_err("Error computing shared key."))?;
 
-        #[cfg(not(CRYPTOGRAPHY_OPENSSL_300_OR_GREATER))]
+        #[cfg(any(
+            CRYPTOGRAPHY_IS_LIBRESSL,
+            CRYPTOGRAPHY_IS_BORINGSSL,
+            CRYPTOGRAPHY_IS_AWSLC
+        ))]
         deriver
             .set_peer(&peer_public_key.pkey)
             .map_err(|_| pyo3::exceptions::PyValueError::new_err("Error computing shared key."))?;