71f4cd84df
- update to 3.23.0: * Added cipher modes Key Wrap (KW, RFC3394) and Key Wrap with Padding (KWP, RFC5649). Both are defined also in NIST SP 800-38F. * GH#862: For HashEdDSA and Ed448, sign() and verify() modified the state of the XOF.
Dirk Mueller2025-09-14 18:33:41 +00:00
c30b89a050
- update to 3.22.0: * Added support for HPKE (RFC 9180). * GH#812: CCM ciphers will now fail before encrypting (or decrypting) data beyond the limit imposed by the nonce length. * GH#846: fix infinite loop with RC4 for data larger than 4GB. * GH#852: handle correctly invalid PEM files with less than 3 lines.
Dirk Mueller2025-04-10 17:38:22 +00:00
ae4dfb349d
Accepting request 1208824 from devel:languages:python
Ana Guerrero2024-10-18 13:58:16 +00:00
422d0e73b7
- update to 3.21.0: * By setting the PYCRYPTODOME_DISABLE_GMP environment variable, the GMP library will not be used even if detected. * Add support for Curve25519 / X25519. * Add support for Curve448 / X448. * Add attribute curve to EccPoint and EccXPoint classes, with the canonical name of the curve. * GH#781: the label for the SP800_108_Counter KDF may now contain zero bytes. Thanks to Julien Rische. * GH#814: RSA keys for PSS can be imported. * GH#810: fixed negation of Ed25519 points. * GH#819: accept an RFC5916 ECPrivateKey even if it doesn't contain any of the optional elements (parameters [0] and publicKey[1]). * Remove support for Python 3.5.
Dirk Mueller2024-10-18 08:53:08 +00:00
05360aaeee
Accepting request 1141810 from devel:languages:python
Ana Guerrero2024-01-28 18:39:51 +00:00
2f9eed33c8
- update to 3.20.0: * Added support for TurboSHAKE128 and TurboSHAKE256. * Added method Crypto.Hash.new() to generate a hash object given a hash name. * Added support for AES-GCM encryption of PBES2 and PKCS#8 containers. * Added support for SHA-2 and SHA-3 algorithms in PBKDF2 when creating PBES2 and PKCS#8 containers. * Export of RSA keys accepts the prot_params dictionary as parameter to control the number of iterations for PBKDF2 and scrypt. * C unit tests also run on non-x86 architectures. * GH#787: Fixed autodetect logic for GCC 14 in combination with LTO.
Dirk Mueller2024-01-26 21:17:59 +00:00
4f443f16bb
Accepting request 1137746 from devel:languages:python
Ana Guerrero2024-01-09 19:51:35 +00:00
ac612e811b
- update to 3.19.1: * Fixed a side-channel leakage with OAEP decryption that could be exploited to carry out a Manger attack. Thanks to Hubert Kario.
Dirk Mueller2023-12-30 16:58:06 +00:00
d064db119d
Accepting request 1129189 from devel:languages:python
Ana Guerrero2023-11-27 21:44:40 +00:00
3dab46945a
- update to 3.19.0: * The `update() methods of TupleHash128 and TupleHash256 objects can now hash multiple items (byte strings) at once. * Added support for ECDH, with Crypto.Protocol.DH. * GH#754: due to a bug in cffi`, do not use it on Windows with Python 3.12+. - Update to 3.16.0 * New parameter output for Crypto.Util.strxor.strxor, Crypto.Util.strxor.strxor_c, encrypt and decrypt methods in symmetric ciphers (Crypto.Cipher package). output is a pre-allocated buffer (a bytearray or a writeable memoryview) where the result must be stored. This requires less memory for very large payloads; it is also more efficient when encrypting * Fix vulnerability on AESNI ECB with payloads smaller than * Fixed incorrect AES encryption/decryption with AES acceleration on x86 due to gcc’s optimization and strict * More prime number candidates than necessary where discarded as composite due to the limited way D values were searched * More meaningful exceptions in case of mismatch in IV length
Dirk Mueller2023-11-27 15:58:33 +00:00
c0f6c4cba6
- update to 3.18.0: * Added support for DER BOOLEAN encodings. * The library now compiles on Windows ARM64. Thanks to Niyas Sait. * Resolved issues * GH#722: `nonce` attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber. * GH#728: Workaround for a possible x86 emulator bug in Windows for ARM64. * GH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James. * Correctly check that the scalar matches the point when importing an ECC private key.
Dirk Mueller2023-06-01 20:03:55 +00:00
ab85310cdc
- update to 3.15.0: * Add support for curves Ed25519 and Ed448, including export and import of keys. * Add support for EdDSA signatures. * Add support for Asymmetric Key Packages (RFC5958) to import private keys. * GH#620: for Crypto.Util.number.getPrime , do not sequentially scan numbers searching for a prime.
Dirk Mueller2022-06-29 07:21:45 +00:00
00f680e5ef
- update to 3.14.1: * GH#595: Fixed memory leak for GMP integers. * Add support for curve NIST P-192. * Add support for curve NIST P-224. * GH#590: Fixed typing info for `Crypto.PublicKey.ECC. * Relaxed ECDSA requirements for FIPS 186 signatures and accept any SHA-2 or * SHA-3 hash. sign() and verify()` will be performed even if the hash is stronger than the ECC key.
Dirk Mueller2022-02-15 08:57:37 +00:00
533cf5395a
- update to 3.12.0: * ECC keys in the SEC1 format can be exported and imported. * Add support for KMAC128, KMAC256, TupleHash128, and TupleHash256 (NIST SP-800 185). * Add support for KangarooTwelve. * GH#563: An asymmetric key could not be imported as a `memoryview`. * GH#566: cSHAKE128/256 generated a wrong output for customization strings * GH#582: CBC decryption generated the wrong plaintext when the input and the output were the same buffer.
Dirk Mueller2021-12-11 20:45:03 +00:00
ea7c863b6f
- update to 3.11.0: * GH#512: Especially for very small bit sizes, `Crypto.Util.number.getPrime() was occasionally generating primes larger than given the bit size. * GH#552: Correct typing annotations for PKCS115_Cipher.decrypt(). * GH#555: decrypt() method of a PKCS#1v1.5 cipher returned a bytearray instead of bytes. * GH#557: External DSA domain parameters were accepted even when the modulus (p) was not prime. This affected Crypto.PublicKey.DSA.generate() and Crypto.PublicKey.DSA.construct(). * Added cSHAKE128 and cSHAKE256 (of SHA-3 family). * GH#558: The flag RTLD_DEEPBIND passed to dlopen() is not well supported by address sanitizers <https://github.com/google/sanitizers/issues/611>_. It is now possible to set the environment variable PYCRYPTDOME_DISABLE_DEEPBIND` to drop that flag and allow security testing.
Dirk Mueller2021-10-16 22:40:47 +00:00
1e3b370b31
- update to 3.9.8: * GH#426: The Shamir's secret sharing implementation is not actually compatible with `ssss. Added an optional parameter to enable interoperability. * GH#427: Skip altogether loading of gmp.dll` on Windows. * GH#420: Fix incorrect CFB decryption when the input and the output are the same buffer. * Speed up Shamir's secret sharing routines. Thanks to ncarve.
Dirk Mueller2020-08-04 14:40:58 +00:00
588722651c
- update to 3.9.7: * GH#381: Make notarization possible again on OS X when using wheels. Thanks to Colin Atkinson. * RSA OAEP decryption was not verifying that all `PS bytes are zero. * GH#372: fixed memory leak for operations that use memoryviews when cffi is not installed. * Fixed wrong ASN.1 OID for HMAC-SHA512 in PBE2. * GH#341: Prevent key_to_english` from creating invalid data when fed with keys of length not multiple of 8. Thanks to vstoykovbg. * GH#347: Fix blocking RSA signing/decryption when key has very small factor. Thanks to Martijn Pieters. * GH#308: Align stack of functions using SSE2 intrinsics to avoid crashes, when compiled with gcc on 32-bit x86 platforms.
Dirk Mueller2020-02-28 21:57:19 +00:00
ae3f344e87
- Update to 3.9.0: * Add support for loading PEM files encrypted with AES256-CBC. * Add support for XChaCha20 and XChaCha20-Poly1305 ciphers. * Add support for bcrypt key derivation function (Crypto.Protocol.KDF.bcrypt). * Add support for left multiplication of an EC point by a scalar. * Add support for importing ECC and RSA keys in the new OpenSSH format.
Tomáš Chvátal
2019-09-10 12:28:04 +00:00
Ana Guerrero
Dirk Mueller
Dominique Leuenberger
Markéta Machová
Matej Cepl
Ludwig Nussel
Thomas Bechtold
Tomáš Chvátal