Accepting request 915237 from home:glaubitz:branches:devel:languages:python

- Update to 0.17.0
  * Keys that use explicit curve parameters can now be read and written.
    Reading of explicit curves can be disabled by using the
    `valid_curve_encodings` keyword argument in `VerifyingKey.from_pem()`,
    `VerifyingKey.from_der()`, `SigningKey.from_pem()`, and
    `SigningKey.from_der()`.
  * Keys can now be written with use of explicit curve parameters,
    use `curve_parameters_encoding` keyword argument of `VerifyingKey.to_pem()`,
    `VerifyingKey.to_der()`, `SigningKey.to_pem(), or `SigningKey.to_der()` to
    specify the format. By default `named_curve` will be used, unless the
    curve doesn't have an associated OID (as will be the case for an unsupported
    curve), then `explicit` encoding will be used.
  * Allow specifying acceptable point formats when loading public keys
    (this also fixes a minor bug where python-ecdsa would accept raw
    encoding for points in PKCS#8 files). Set of accepted encodings is controlled
    by `valid_encodings` keyword argument in
    `ECDH.load_received_public_key_bytes()`, `VerifyingKey.from_string()`,
    `VerifyingKey.from_pem()`, VerifyingKey.from_der()`.
  * `PointJacobi` and `Point` now inherit from `AbstractPoint` that implements
    the methods for parsing points. That added `from_bytes()` and
    `to_bytes()` methods to both of them.
  * Curve parameters can now be read and written to PEM and DER files. The
    `Curve` class supports new `to_der()`, `from_der()`, `to_pem()`, and
    `from_pem()` methods.
  * Describe in detail which methods can raise `RSZeroError`, and that
    `SigningKey.sign_deterministic()` won't raise it.
  * Correctly truncate hash values larger than the curve order (only impacted
    custom curves and the curves added in this release).
  * Correctly handle curves for which the order is larger than the prime
    (only impacted custom curves and the secp160r1 curve added in this release).

OBS-URL: https://build.opensuse.org/request/show/915237
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-ecdsa?expand=0&rev=29

ecdsa-0.16.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:cfc046a2ddd425adbd1a78b3c46f0d1325c657811c0f45ecc3a0a6236c1e50ff
-size 126935

ecdsa-0.17.0.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b9f500bb439e4153d0330610f5d26baaf18d17b8ced1bc54410d189385ea68aa
+size 158486

python-ecdsa.changes

@@ -1,3 +1,55 @@
+-------------------------------------------------------------------
+Tue Aug 31 10:18:41 UTC 2021 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
+
+- Update to 0.17.0
+  * Keys that use explicit curve parameters can now be read and written.
+    Reading of explicit curves can be disabled by using the
+    `valid_curve_encodings` keyword argument in `VerifyingKey.from_pem()`,
+    `VerifyingKey.from_der()`, `SigningKey.from_pem()`, and
+    `SigningKey.from_der()`.
+  * Keys can now be written with use of explicit curve parameters,
+    use `curve_parameters_encoding` keyword argument of `VerifyingKey.to_pem()`,
+    `VerifyingKey.to_der()`, `SigningKey.to_pem(), or `SigningKey.to_der()` to
+    specify the format. By default `named_curve` will be used, unless the
+    curve doesn't have an associated OID (as will be the case for an unsupported
+    curve), then `explicit` encoding will be used.
+  * Allow specifying acceptable point formats when loading public keys
+    (this also fixes a minor bug where python-ecdsa would accept raw
+    encoding for points in PKCS#8 files). Set of accepted encodings is controlled
+    by `valid_encodings` keyword argument in
+    `ECDH.load_received_public_key_bytes()`, `VerifyingKey.from_string()`,
+    `VerifyingKey.from_pem()`, VerifyingKey.from_der()`.
+  * `PointJacobi` and `Point` now inherit from `AbstractPoint` that implements
+    the methods for parsing points. That added `from_bytes()` and
+    `to_bytes()` methods to both of them.
+  * Curve parameters can now be read and written to PEM and DER files. The
+    `Curve` class supports new `to_der()`, `from_der()`, `to_pem()`, and
+    `from_pem()` methods.
+  * Describe in detail which methods can raise `RSZeroError`, and that
+    `SigningKey.sign_deterministic()` won't raise it.
+  * Correctly truncate hash values larger than the curve order (only impacted
+    custom curves and the curves added in this release).
+  * Correctly handle curves for which the order is larger than the prime
+    (only impacted custom curves and the secp160r1 curve added in this release).
+  * Fix the handling of `==` and `!=` for `Public_key`, `Private_key`, `Point`,
+    `PointJacobi`, `VerifyingKey`, and `SigningKey` so that it behaves
+    consistently and in the expected way both in Python 2 and Python 3.
+  * Implement lock-less algorithm inside PointJacobi for keeping shared state
+    so that when a calculation is aborted with KeyboardInterrupt, the state
+    doesn't become corrupted (this fixes the occasional breakage of ecdsa in
+    interactive shells).
+  * The `speed.py` script now provides performance for signature verification
+    without the use of precomputation.
+  * New curves supported: secp112r1, secp112r2, secp128r1, secp160r1.
+  * Use 2-ary Non-Adjacent Form for the combined multiply-add. This speeds up
+    single-shot verify (i.e. without precomputation) by about 4 to 5%.
+  * Use native Python 3.8 support for calculating multiplicative inverses.
+  * Include Python 3.9 in PyPI keywords.
+  * More realistic branch coverage counting (ignore Python version-specific
+    branches).
+  * Additional test coverage to many parts of the library.
+  * Migrate to Github Actions for Continuous Testing.
+
 -------------------------------------------------------------------
 Sun Dec 20 09:21:59 UTC 2020 - Dirk Müller <dmueller@suse.com>
 

python-ecdsa.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package python-ecdsa
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 Name:           python-ecdsa
-Version:        0.16.1
+Version:        0.17.0
 Release:        0
 Summary:        ECDSA cryptographic signature library (pure python)
 License:        MIT