Revisions of python-pycryptodome
Ana Guerrero (anag+factory)
accepted
request 1141807
from
Dirk Mueller (dirkmueller)
(revision 30)
- update to 3.20.0: * Added support for TurboSHAKE128 and TurboSHAKE256. * Added method Crypto.Hash.new() to generate a hash object given a hash name. * Added support for AES-GCM encryption of PBES2 and PKCS#8 containers. * Added support for SHA-2 and SHA-3 algorithms in PBKDF2 when creating PBES2 and PKCS#8 containers. * Export of RSA keys accepts the prot_params dictionary as parameter to control the number of iterations for PBKDF2 and scrypt. * C unit tests also run on non-x86 architectures. * GH#787: Fixed autodetect logic for GCC 14 in combination with LTO.
Ana Guerrero (anag+factory)
accepted
request 1137745
from
Dirk Mueller (dirkmueller)
(revision 29)
- update to 3.19.1 (bsc#1218564, CVE-2023-52323):
Dominique Leuenberger (dimstar_suse)
accepted
request 1136275
from
Dirk Mueller (dirkmueller)
(revision 28)
- update to 3.19.1: * Fixed a side-channel leakage with OAEP decryption that could be exploited to carry out a Manger attack
Ana Guerrero (anag+factory)
accepted
request 1129188
from
Dirk Mueller (dirkmueller)
(revision 27)
- update to 3.19.0: * The ``update()`` methods of TupleHash128 and TupleHash256 objects can now hash multiple items (byte strings) at once. * Added support for ECDH, with ``Crypto.Protocol.DH``. * GH#754: due to a bug in ``cffi``, do not use it on Windows with Python 3.12+. - Update to version 3.16.0 * Align stack of functions using SSE2 intrinsics to avoid crashes, * fixed memory leak for operations that use memoryviews when cffi fix the build on older distros * Add support for loading PEM files encrypted with AES192-CBC, * When importing ECC keys, ignore EC PARAMS section that was * Speed-up ECC performance. ECDSA is 33 times faster on the * Support HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, and HMAC-SHA512 * DER objects were not rejected if their length field had * point_at_infinity() becomes an instance method for * GH#258: False positive on PSS signatures when externally * New parameter output for Crypto.Util.strxor.strxor, Crypto.Util.strxor.strxor_c, encrypt and decrypt methods in symmetric ciphers (Crypto.Cipher package). output is a pre-allocated buffer (a bytearray or a writeable memoryview) where the result must be stored. This requires less memory for very large payloads; it is also more efficient when encrypting * Fix vulnerability on AESNI ECB with payloads smaller than * Fixed incorrect AES encryption/decryption with AES acceleration on x86 due to gcc’s optimization and strict * More prime number candidates than necessary where discarded as composite due to the limited way D values were searched * More meaningful exceptions in case of mismatch in IV length
Dominique Leuenberger (dimstar_suse)
accepted
request 1096020
from
Matej Cepl (mcepl)
(revision 26)
- Add %{?sle15_python_module_pythons}
Dominique Leuenberger (dimstar_suse)
accepted
request 1090246
from
Dirk Mueller (dirkmueller)
(revision 25)
- update to 3.18.0: * Added support for DER BOOLEAN encodings. * The library now compiles on Windows ARM64. Thanks to Niyas Sait. * GH#722: ``nonce`` attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber. * GH#728: Workaround for a possible x86 emulator bug in Windows for ARM64. * GH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James. * Correctly check that the scalar matches the point when importing an ECC private key.
Dominique Leuenberger (dimstar_suse)
accepted
request 1085158
from
Matej Cepl (mcepl)
(revision 24)
- Fix %%files to work with %pyproject_ style building. - update to 3.17.0: * Added support for the Counter Mode KDF defined in SP 800-108 Rev 1. * Reduce the minimum tag length for the EAX cipher to 2 bytes. * An RSA object has 4 new properties for the CRT coefficients: ``dp``, ``dq``, ``invq`` and ``invq`` (``invp`` is the same value as the existing ``u``). * GH#526: improved typing for ``RSA.construct``. * GH#534: reduced memory consumption when using a large number of cipher objects. * GH#598: fixed missing error handling for ``Util.number.inverse``. * GH#629: improved typing for ``AES.new`` and the various mode-specific types it returns. Thanks to Greg Werbin. * GH#653: added workaround for an alleged GCC compiler bug that affected Ed25519 code compiled for AVX2. * GH#658: attribute ``curve`` of an ECC key was not always the preferred curve name, as it used to be in v3.15.0 (independently of the curve name specified when generating the key). * GH#637: fixed typing for legacy modules ``PKCS1_v1_5`` and ``PKCS1_PSS``, as their ``verify()`` returned a boolean. * GH#664: with OCB mode, nonces of maximum length (15 bytes) were actually used as 14 bytes nonces. After this fix, data that was encrypted in past using the (default) nonce length of 15 bytes can still be decrypted by reducing the nonce to its first 14 bytes. * GH#705: improved typing for ``nonce``, ``iv``, and ``IV`` parameters of cipher objects. - update to 3.17.0: * ++++++++++++++++++++++++++ * New features * Added support for the Counter Mode KDF defined in SP 800-108 Rev 1. * Reduce the minimum tag length for the EAX cipher to 2 bytes. * An RSA object has 4 new properties for the CRT coefficients * ``dp``, ``dq``, ``invq`` and ``invq`` (``invp`` is the same value * as the existing ``u``). * Resolved issues * GH#526: improved typing for ``RSA.construct``. * GH#534: reduced memory consumption when using a large number * of cipher objects. * GH#598: fixed missing error handling for ``Util.number.inverse``. * GH#629: improved typing for ``AES.new`` and the various * mode-specific types it returns. Thanks to Greg Werbin. * GH#653: added workaround for an alleged GCC compiler bug * hat affected Ed25519 code compiled for AVX2. * GH#658: attribute ``curve`` of an ECC key was not always * he preferred curve name, as it used to be in v3.15.0 * independently of the curve name specified when generating * he key). * GH#637: fixed typing for legacy modules ``PKCS1_v1_5`` and ``PKCS1_PSS``, * as their ``verify()`` returned a boolean. * GH#664: with OCB mode, nonces of maximum length (15 bytes * were actually used as 14 bytes nonces. * After this fix, data that was encrypted in past using the * default) nonce length of 15 bytes can still be decrypted * by reducing the nonce to its first 14 bytes. * GH#705: improved typing for ``nonce``, ``iv``, and ``IV`` parameters * of cipher objects. * Other changes * Build PyPy wheels only for versions 3.8 and 3.9, and not for 3.7 anymore.
Dominique Leuenberger (dimstar_suse)
accepted
request 1040742
from
Dirk Mueller (dirkmueller)
(revision 23)
Dominique Leuenberger (dimstar_suse)
accepted
request 985709
from
Dirk Mueller (dirkmueller)
(revision 22)
Dominique Leuenberger (dimstar_suse)
accepted
request 954656
from
Dirk Mueller (dirkmueller)
(revision 20)
- update to 3.14.1: * GH#595: Fixed memory leak for GMP integers. * Add support for curve NIST P-192. * Add support for curve NIST P-224. * GH#590: Fixed typing info for ``Crypto.PublicKey.ECC``. * Relaxed ECDSA requirements for FIPS 186 signatures and accept any SHA-2 or * SHA-3 hash. ``sign()`` and ``verify()`` will be performed even if the hash is stronger than the ECC key.
Dominique Leuenberger (dimstar_suse)
accepted
request 939588
from
Dirk Mueller (dirkmueller)
(revision 19)
- update to 3.12.0: * ECC keys in the SEC1 format can be exported and imported. * Add support for KMAC128, KMAC256, TupleHash128, and TupleHash256 (NIST SP-800 185). * Add support for KangarooTwelve. * GH#563: An asymmetric key could not be imported as a ``memoryview``. * GH#566: cSHAKE128/256 generated a wrong output for customization strings * GH#582: CBC decryption generated the wrong plaintext when the input and the output were the same buffer.
Dominique Leuenberger (dimstar_suse)
accepted
request 925769
from
Dirk Mueller (dirkmueller)
(revision 18)
- update to 3.11.0: * GH#512: Especially for very small bit sizes, ``Crypto.Util.number.getPrime()`` was occasionally generating primes larger than given the bit size. * GH#552: Correct typing annotations for ``PKCS115_Cipher.decrypt()``. * GH#555: ``decrypt()`` method of a PKCS#1v1.5 cipher returned a ``bytearray`` instead of ``bytes``. * GH#557: External DSA domain parameters were accepted even when the modulus (``p``) was not prime. This affected ``Crypto.PublicKey.DSA.generate()`` and ``Crypto.PublicKey.DSA.construct()``. * Added cSHAKE128 and cSHAKE256 (of SHA-3 family). * GH#558: The flag RTLD_DEEPBIND passed to ``dlopen()`` is not well supported by `address sanitizers <https://github.com/google/sanitizers/issues/611>`_. It is now possible to set the environment variable ``PYCRYPTDOME_DISABLE_DEEPBIND`` to drop that flag and allow security testing.
Richard Brown (RBrownSUSE)
accepted
request 878405
from
Factory Maintainer (factory-maintainer)
(revision 17)
Automatic submission by obs-autosubmit
Dominique Leuenberger (dimstar_suse)
accepted
request 852357
from
Dirk Mueller (dirkmueller)
(revision 16)
Dominique Leuenberger (dimstar_suse)
accepted
request 824348
from
Dirk Mueller (dirkmueller)
(revision 15)
- update to 3.9.8: * GH#426: The Shamir's secret sharing implementation is not actually compatible with ``ssss``. Added an optional parameter to enable interoperability. * GH#427: Skip altogether loading of ``gmp.dll`` on Windows. * GH#420: Fix incorrect CFB decryption when the input and the output are the same buffer. * Speed up Shamir's secret sharing routines. Thanks to ncarve.
Dominique Leuenberger (dimstar_suse)
accepted
request 786476
from
Tomáš Chvátal (scarabeus_iv)
(revision 14)
Dominique Leuenberger (dimstar_suse)
accepted
request 747336
from
Tomáš Chvátal (scarabeus_iv)
(revision 13)
Dominique Leuenberger (dimstar_suse)
accepted
request 729873
from
Tomáš Chvátal (scarabeus_iv)
(revision 12)
- Update to 3.9.0: * Add support for loading PEM files encrypted with AES256-CBC. * Add support for XChaCha20 and XChaCha20-Poly1305 ciphers. * Add support for bcrypt key derivation function (Crypto.Protocol.KDF.bcrypt). * Add support for left multiplication of an EC point by a scalar. * Add support for importing ECC and RSA keys in the new OpenSSH format.
Dominique Leuenberger (dimstar_suse)
accepted
request 706523
from
Tomáš Chvátal (scarabeus_iv)
(revision 11)
Displaying revisions 1 - 20 of 30