| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
3.16.0
New features
Build wheels for musl Linux. Thanks to Ben Raz.
Resolved issues
ARC4 now also works with ‘keys’ as short as 8 bits.
fix segfaults when running in a manylinux2010 i686 image.
|
|
|
|
|
|
3.15.0
New features
------------
* Add support for curves Ed25519 and Ed448, including export and import of keys.
* Add support for EdDSA signatures.
* Add support for Asymmetric Key Packages (RFC5958) to import private keys.
Resolved issues
---------------
* GH-620: for ``Crypto.Util.number.getPrime`` , do not sequentially
scan numbers searching for a prime.
|
|
3.14.1
Resolved issues
* Fixed memory leak for GMP integers.
|
|
3.14.0
New features
------------
* Add support for curve NIST P-192.
|
|
3.13.0
New features
------------
* Add support for curve NIST P-224.
Resolved issues
---------------
* Fixed typing info for ``Crypto.PublicKey.ECC``.
Other changes
-------------
* Relaxed ECDSA requirements for FIPS 186 signatures and accept any SHA-2 or SHA-3 hash.
``sign()`` and ``verify()`` will be performed even if the hash is stronger than the ECC key.
|
|
They now have a tool dependency on py-setuptools instead of a DEPENDS
|
|
3.12.0
New features
ECC keys in the SEC1 format can be exported and imported.
Add support for KMAC128, KMAC256, TupleHash128, and TupleHash256 (NIST SP-800 185).
Add support for KangarooTwelve.
Resolved issues
An asymmetric key could not be imported as a memoryview.
cSHAKE128/256 generated a wrong output for customization strings longer than 255 bytes.
CBC decryption generated the wrong plaintext when the input and the output were the same buffer.
|
|
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
|
|
3.11.0
Resolved issues
Especially for very small bit sizes, Crypto.Util.number.getPrime() was occasionally generating primes larger than given the bit size.
Correct typing annotations for PKCS115_Cipher.decrypt().
decrypt() method of a PKCS#1v1.5 cipher returned a bytearray instead of bytes.
External DSA domain parameters were accepted even when the modulus (p) was not prime. This affected Crypto.PublicKey.DSA.generate() and Crypto.PublicKey.DSA.construct().
|
|
|
|
3.10.4 (25 September 2021)
Resolved issues
Output of Crypto.Util.number.long_to_bytes() was not always a multiple of blocksize.
3.10.3 (22 September 2021)
Resolved issues
Fixed symbol conflict between different versions of libgmp.
Improved robustness of PKCS#1v1.5 decryption against timing attacks.
Fixed segmentation faults on Apple M1 and other Aarch64 SoCs, when the GMP library add accessed via ctypes. Do not use GMP's own sscanf and snprintf routines: instead, use simpler conversion routines.
Workaround for cffi calling ctypes.util.find_library(), which invokes gcc and ld on Linux, considerably slowing down all imports. On certain configurations, that may also leave temporary files behind.
Fix RSAES-OAEP, as it didn't always fail when zero padding was incorrect.
New features
Added support for SHA-3 hash functions to HMAC.
|
|
|
|
The upstream project decided to add an extra "abi3" suffix to shared
objects when this is built with Python 3.x; these are simply omitted
when Python 2.7 is involved.
|
|
3.10.1 (9 February 2021)
Other changes
Python 3 wheels use abi3 ABI tag.
Remove Appveyor CI.
3.10.0 (6 February 2021)
Resolved issues
Fixed a potential memory leak when initializing block ciphers.
* Crypto.Math.miller_rabin_test() was still using the system random source and not the one provided as parameter.
* RSA objects have the method public_key() like ECC objects. The old method publickey() is still available for backward compatibility.
* Crypto.Util.Padding.unpad() was raising an incorrect exception in case of zero-length inputs. Thanks to Captainowie.
* better exception message when Counter.new() is called with an integer initial_value than doesn't fit into nbits bits.
* added missing block_size member for ECB cipher objects. Thanks to willem.
* nonce member of an XChaCha20 cipher object was not matching the original nonce. Thanks to Charles Machalow.
Other changes
The bulk of the test vectors have been moved to the separate package pycryptodome-test-vectors. As result, packages pycryptodome and pycryptodomex become significantly smaller (from 14MB to 3MB).
Moved CI tests and build service from Travis CI to GitHub Actions.
Breaks in compatibility
Drop support for Python 2.6 and 3.4.
|
|
3.9.9:
Resolved issues
* Fixed ``Crypto.Util.number.size`` for negative numbers.
New features
* Build Python 3.9 wheels on Windows.
|
|
It isn't extracted properly by archivers/pax, which leads to
packaging errors on some platforms, e.g. some Solaris derivatives.
(gtar works too, but the common approach here seems to be to just
keep it simple and specify bsdtar universally.) This should address
PR pkg/55448 from Hauke Fath.
|
|
3.9.8:
Resolved issues
* The Shamir's secret sharing implementation is not actually compatible with ``ssss``.
Added an optional parameter to enable interoperability.
* Skip altogether loading of ``gmp.dll`` on Windows.
* Fix incorrect CFB decryption when the input and the output are the same buffer.
|
|
3.9.7:
* Make notarization possible again on OS X when using wheels.
|
|
3.9.6:
Resolved issues
* Fix building of wheels for OSX by explicitly setting `sysroot` location.
3.9.5:
Resolved issues
* RSA OAEP decryption was not verifying that all ``PS`` bytes are zero.
* GH-372: fixed memory leak for operations that use memoryviews when `cffi` is not installed.
* Fixed wrong ASN.1 OID for HMAC-SHA512 in PBE2.
New features
* Updated Wycheproof test vectors to version 0.8r12.
|
|
3.9.4:
Resolved issues
* Prevent ``key_to_english`` from creating invalid data when fed with
keys of length not multiple of 8.
* Fix blocking RSA signing/decryption when key has very small factor.
|
|
3.9.3:
* Align stack of functions using SSE2 intrinsics to avoid crashes,
when compiled with gcc on 32-bit x86 platforms.
3.9.2:
New features
* Add Python 3.8 wheels for Mac.
Resolved issues
* Avoid allocating arrays of ``__m128i`` on the stack, to cope with buggy compilers.
* Remove blanket ``-O3`` optimization for gcc and clang, to cope with buggy compilers.
* Fix typing stubs for signatures.
* Deal with gcc installations that don't have ``x86intrin.h``.
|
|
3.9.1:
New features
* Add Python 3.8 wheels for Linux and Windows.
Resolved issues
* Minor speed-up when importing RSA.
|
|
3.9.0:
New features
* Add support for loading PEM files encrypted with AES256-CBC.
* Add support for XChaCha20 and XChaCha20-Poly1305 ciphers.
* Add support for bcrypt key derivation function (`Crypto.Protocol.KDF.bcrypt`).
* Add support for left multiplication of an EC point by a scalar.
* Add support for importing ECC and RSA keys in the new OpenSSH format.
Resolved issues
* it was not possible to invert an EC point anymore.
* fix printing of DSA keys.
* `DSA.generate()` was not always using the `randfunc` input.
* the MD2 hash had block size of 64 bytes instead of 16; as result the HMAC construction gave incorrect results.
|
|
3.8.2:
Resolved issues
* fix strict aliasing problem, emerged with GCC 9.1.
|
|
3.8.1:
New features
* Add support for loading PEM files encrypted with AES192-CBC, AES256-CBC, and AES256-GCM.
* When importing ECC keys, ignore EC PARAMS section that was included by some openssl commands.
|
|
|
|
3.8.0:
New features
* Speed-up ECC performance. ECDSA is 33 times faster on the NIST P-256 curve.
* Added support for NIST P-384 and P-521 curves.
* EccKey has new methods size_in_bits() and size_in_bytes().
* Support HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, and HMAC-SHA512 in PBE2/PBKDF2.
Resolved issues
* DER objects were not rejected if their length field had a leading zero.
* Allow legacy RC2 ciphers to have 40-bit keys.
* ASN.1 Object IDs did not allow the value 0 in the path.
Breaks in compatibility
* point_at_infinity() becomes an instance method for Crypto.PublicKey.ECC.EccKey, from a static one.
|
|
3.7.3:
Resolved issues
False positive on PSS signatures when externally provided salt is too long.
Include type stub files for Crypto.IO and Crypto.Util.
|
|
3.7.2:
Fixed compilation problem on ARM platforms.
|
|
3.7.1:
New features
Added type stubs to enable static type checking with mypy.
New update_after_digest flag for CMAC.
Resolved issues
Fixed problem with gcc 4.x when compiling ghash_clmul.c.
Incorrect digest value produced by CMAC after cloning the object.
Method update() of an EAX cipher object was returning the underlying CMAC object, instead of the EAX object itself.
Method update() of a CMAC object was not throwing an exception after the digest was computed (with digest() or verify()).
|
|
3.7.0:
New features
* Added support for Poly1305 MAC (with AES and ChaCha20 ciphers for key derivation).
* Added support for ChaCha20-Poly1305 AEAD cipher.
* New parameter output for Crypto.Util.strxor.strxor, Crypto.Util.strxor.strxor_c,
encrypt and decrypt methods in symmetric ciphers (Crypto.Cipher package).
output is a pre-allocated buffer (a bytearray or a writeable memoryview)
where the result must be stored.
This requires less memory for very large payloads; it is also more efficient when
encrypting (or decrypting) several small payloads.
Resolved issues
* AES-GCM hangs when processing more than 4GB at a time on x86 with PCLMULQDQ instruction.
Breaks in compatibility
* Drop support for Python 3.3.
* Remove Crypto.Util.py3compat.unhexlify and Crypto.Util.py3compat.hexlify.
* With the old Python 2.6, use only ctypes (and not cffi) to interface to native code.
|
|
3.6.6:
Resolved issues
Fix vulnerability on AESNI ECB with payloads smaller than 16 bytes.
|
|
3.6.5:
Fixed incorrect AES encryption/decryption with AES acceleration on x86 due to gcc’s optimization and strict aliasing rules.
More prime number candidates than necessary where discarded as composite due to the limited way D values were searched in the Lucas test.
Fixed ResouceWarnings and DeprecationWarnings.
Workaround for Python 3.7.0 bug on Windows
|
|
3.6.4:
New features
* Build Python 3.7 wheels on Linux, Windows and Mac.
Resolved issues
* Rename _cpuid module to make upgrades more robust.
* More meaningful exceptions in case of mismatch in IV length (CBC/OFB/CFB modes).
* Fix compilation issues on Solaris 10/11.
|
|
3.6.3:
Resolved issues
GH175: Fixed incorrect results for CTR encryption/decryption with more than 8 blocks.
3.6.2:
New features
ChaCha20 accepts 96 bit nonces (in addition to 64 bit nonces) as defined in RFC7539.
Accelerate AES-GCM on x86 using PCLMULQDQ instruction.
Accelerate AES-ECB and AES-CTR on x86 by pipelining AESNI instructions.
As result of the two improvements above, on x86 (Broadwell):
AES-ECB and AES-CTR are 3x faster
AES-GCM is 9x faster
Resolved issues
On Windows, MPIR library was stilled pulled in if renamed to gmp.dll.
Breaks in compatibility
In Crypto.Util.number, functions floor_div and exact_div have been removed. Also, ceil_div is limited to non-negative terms only.
|
|
3.6.1:
New features
Added Google Wycheproof tests (https://github.com/google/wycheproof) for RSA, DSA, ECDSA, GCM, SIV, EAX, CMAC.
New parameter mac_len (length of MAC tag) for CMAC.
Resolved issues
In certain circumstances (at counter wrapping, which happens on average after 32 GBi) AES GCM produced wrong ciphertexts.
Method encrypt() of AES SIV cipher could be still called, whereas only encrypt_and_digest() should be allowed.
|
|
3.6.0:
New features
Introduced export_key and deprecated exportKey for DSA and RSA key objects.
Ciphers and hash functions accept memoryview objects in input.
Added support for SHA-512/224 and SHA-512/256.
Resolved issues
Reintroduced Crypto.__version__ variable as in PyCrypto.
Fixed compilation problem with MinGW.
|
|
3.5.1:
Fix mismatch with declaration and definition of addmul128.
|
|
New features
* Import and export of ECC curves in compressed form.
* The initial counter for a cipher in CTR mode can be a byte string (in addition to an integer).
* Faster PBKDF2 for HMAC-based PRFs (at least 20x for short passwords, more for longer passwords). Thanks to Christian Heimes for pointing out the implementation was under-optimized.
* The salt for PBKDF2 can be either a string or bytes.
Resolved issues
* Without libgmp, modular exponentiation (since v3.4.8) crashed on 32-bit big-endian systems.
Breaks in compatibility
* Removed support for Python < 2.6.
|
|
3.4.11:
Resolved issues
* GH-121. the record list was still not correct due to PEP3147
and __pycache__ directories.
3.4.10:
Resolved issues
* When creating ElGamal keys, the generator wasn't a square residue:
ElGamal encryption done with those keys cannot be secure under
the DDH assumption.
3.4.9:
New features
* More meaningful error messages while importing an ECC key.
Resolved issues
* GH-123 and #125. The SSE2 command line switch was not always passed on 32-bit x86 platforms.
* GH-121. The record list (--record) was not always correctly filled for the
pycryptodomex package.
|
|
3.4.8:
New features
* Added a native extension in pure C for modular exponentiation, optimized for SSE2 on x86.
In the process, we drop support for the arbitrary arithmetic library MPIR
on Windows, which is painful to compile and deploy.
The custom modular exponentiation is 130% (160%) slower on an Intel CPU in 32-bit (64-bit) mode,
compared to MPIR. Still, that is much faster that CPython's own `pow()` function which
is 900% (855%) slower than MPIR. Support for the GMP library on Unix remains.
* Added support for *manylinux* wheels.
* Support for Python 3.7.
Resolved issues
* The DSA parameter 'p' prime was created with 255 bits cleared
(but still with the correct strength).
* Not all docs were included in the tar ball.
* ECDSA verification failed for DER encoded signatures.
* Human-friendly messages for padding errors with ECB and CBC.
|
|
3.4.7:
New features
* API documentation is made with sphinx instead of epydoc.
* Start using ``importlib`` instead of ``imp``` where available.
Resolved issues
* Fixed PEM header for RSA/DSA public keys.
|
|
The library can also be compiled using MinGW.
Removed use of alloca().
[Security] Removed implementation of deprecated "quick check" feature of PGP block cipher mode.
Improved the performance of scrypt by converting some Python to C.
|
|
|
|
for configuration files only.
|
|
${PYSITELIB}/Crypto/Cipher/AES.py
|
|
Pointed out by kamil, thanks.
|
|
Pointed out by leot - thanks!
|
