summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDwayne C. Litzenberger <dlitz@dlitz.net>2009-08-03 21:12:18 -0400
committerDwayne C. Litzenberger <dlitz@dlitz.net>2009-08-03 21:12:18 -0400
commit405a9743045c44ec6cc0b99fd1c41f4847c947db (patch)
treea303daaeb762019b305088a7871caa5ece484a7d
parent9df50513c6d401656d26c87937c63b6e9e77a0df (diff)
downloadpycrypto-405a9743045c44ec6cc0b99fd1c41f4847c947db.tar.gz
Update ChangeLog and TODO
-rw-r--r--ChangeLog137
-rw-r--r--TODO11
2 files changed, 72 insertions, 76 deletions
diff --git a/ChangeLog b/ChangeLog
index 651c212..29eb74f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,93 +4,74 @@
* This version supports Python versions 2.1 through 2.6.
- * Added Crypto.version_info, which from now on will contain version
- information in a format similar to Python's sys.version_info.
-
- * Fixed a DeprecationWarning when using the HMAC module under
- Python 2.6.
-
- * Crypto.PublicKey: Raise ValueError/TypeError/RuntimeError
- instead of the various custom "error" exceptions
-
- * Added a new random numbers API (Crypto.Random), and deprecated the
- old one (Crypto.Util.randpool.RandomPool), which was misused more
- often than not.
-
- The new API is used by invoking Crypto.Random.new() and then just
- reading from the file-like object that is returned.
-
- Note: To maintain the security of the PRNG, you MUST call
- Crypto.Random.atfork() in both the parent and the child processes
- whenever you use os.fork(). Otherwise, the parent and child will
- share copies of the same entropy pool, causing them to return the
- same results! This is a limitation of Python, which does not
- provide readily-accessible hooks to os.fork(). It's also a
- limitation caused by the failure of operating systems to provide
- sufficiently fast, trustworthy sources of cryptographically-strong
- random numbers.
-
- * Replaced the test suite with a new, comprehensive package
- (Crypto.SelfTest) that includes documentation about where its test
- vectors came from, or how they were derived.
-
- * Added Crypto.Random.random, a strong version of the standard Python
- 'random' module.
-
- * Removed the IDEA and RC5 modules due to software patents.
-
* Clarified copyright status of much of the existing code by tracking
down Andrew M. Kuchling, Barry A. Warsaw, Jeethu Rao, Joris Bontje,
Mark Moraes, Paul Swartz, Robey Pointer, and Wim Lewis and getting
their permission to clarify the license/public-domain status of their
contributions. Many thanks to all involved!
- * Replaced RIPEMD.c with a new implementation (RIPEMD160.c) to
- alleviate copyright concerns.
+ * Replaced the test suite with a new, comprehensive package
+ (Crypto.SelfTest) that includes documentation about where its test
+ vectors came from, or how they were derived.
- * Replaced the DES/DES3 modules with ones based on libtomcrypt-1.16 to
- alleviate copyright concerns.
+ Use "python setup.py test" to run the tests after building.
- * Replaced Blowfish.c with a new implementation to alleviate copyright
- concerns.
+ * API changes:
- * Fix padding bug in SHA256; this resulted in bad digests whenever
- (the number of bytes hashed) mod 64 == 55.
+ - Added Crypto.version_info, which from now on will contain version
+ information in a format similar to Python's sys.version_info.
- * Fix a 32-bit limitation on the length of messages the SHA256 module
- could hash.
+ - Added a new random numbers API (Crypto.Random), and deprecated the
+ old one (Crypto.Util.randpool.RandomPool), which was misused more
+ often than not.
- * Converted documentation to reStructured Text.
+ The new API is used by invoking Crypto.Random.new() and then just
+ reading from the file-like object that is returned.
- * Added epydoc configuration Doc/epydoc-config
+ CAVEAT: To maintain the security of the PRNG, you must call
+ Crypto.Random.atfork() in both the parent and the child processes
+ whenever you use os.fork(). Otherwise, the parent and child will
+ share copies of the same entropy pool, causing them to return the
+ same results! This is a limitation of Python, which does not
+ provide readily-accessible hooks to os.fork(). It's also a
+ limitation caused by the failure of operating systems to provide
+ sufficiently fast, trustworthy sources of cryptographically-strong
+ random numbers.
- * Added a string-XOR implementation written in C (Crypto.Util.strxor)
- and used it to speed up Crypto.Hash.HMAC
+ - Crypto.PublicKey now raises ValueError/TypeError/RuntimeError
+ instead of the various custom "error" exceptions
- * Fixed the winrandom module, which had previously been omitted from
- the build process, causing security problems for programs that misuse
- RandomPool.
+ - Removed the IDEA and RC5 modules due to software patents. Debian
+ has been doing this for a while
- * Fixed infinite loop when attempting to generate RSA keys with an odd
- number of bits in the modulus. (But why would anyone do that?)
+ - Added Crypto.Random.random, a strong version of the standard Python
+ 'random' module.
- * setup.py now warns when not building _fastmath.
+ - Added Crypto.Util.Counter, providing fast counter implementations
+ for use with CTR-mode ciphers.
- * Cleaned up the code in several places.
+ * Bug fixes:
- * Added Crypto.Util.Counter, providing fast counter implementations for
- use with CTR-mode ciphers.
+ - Fixed padding bug in SHA256; this resulted in bad digests whenever
+ (the number of bytes hashed) mod 64 == 55.
- * AllOrNothing: Fixed padding bug in digest()
+ - Fixed a 32-bit limitation on the length of messages the SHA256 module
+ could hash.
- * DSA: Added code to enforce FIPS 186-2 requirements on the size of the
- prime p
+ - AllOrNothing: Fixed padding bug in digest()
- * Reduced symbol table pollution in native modules by declaring most
- things "static".
+ - Fixed a bad behaviour of the XOR cipher module: It would silently
+ truncate all keys to 32 bytes. Now it raises ValueError when the
+ key is too long.
- * Added pct-speedtest.py to the source tree for doing performance
- testing on the new code.
+ - DSA: Added code to enforce FIPS 186-2 requirements on the size of
+ the prime p
+
+ - Fixed the winrandom module, which had been omitted from the build
+ process, causing security problems for programs that misuse RandomPool.
+
+ - Fixed infinite loop when attempting to generate RSA keys with an
+ odd number of bits in the modulus. (Not that you should do that.)
* Clarified the documentation for Crypto.Util.number.getRandomNumber.
@@ -100,9 +81,29 @@
Note that getRandomNumber is for internal use only and may be
renamed or removed in future releases.
- * Fixed a bad behaviour of the XOR cipher module: It would silently
- truncate all keys to 32 bytes. Now it raises ValueError when the
- key is too long.
+ * Replaced RIPEMD.c with a new implementation (RIPEMD160.c) to
+ alleviate copyright concerns.
+
+ * Replaced the DES/DES3 modules with ones based on libtomcrypt-1.16 to
+ alleviate copyright concerns.
+
+ * Replaced Blowfish.c with a new implementation to alleviate copyright
+ concerns.
+
+ * Added a string-XOR implementation written in C (Crypto.Util.strxor)
+ and used it to speed up Crypto.Hash.HMAC
+
+ * Converted documentation to reStructured Text.
+
+ * Added epydoc configuration Doc/epydoc-config
+
+ * setup.py now emits a warning when building without GMP.
+
+ * Added pct-speedtest.py to the source tree for doing performance
+ testing on the new code.
+
+ * Cleaned up the code in several places.
+
2.0.1
=====
diff --git a/TODO b/TODO
index d01e98e..b597011 100644
--- a/TODO
+++ b/TODO
@@ -22,12 +22,7 @@
defining a certain subdirectory to be a place where pycrypto looks for these
drivers at startup time.
-Documentation:
-- Document chaff/winnow better
-- Add more docstrings.
-- Document the functions and macros for adding a new algorithm
- Hash functions:
- hash_init(), hash_copy(), DIGEST_SIZE, hash_update(), hash_digest()
- Block functions:
- ...
+- Merge Crypto.Cipher.XOR and Crypto.Util.strxor somehow
+
+- Document our experiences with RandomPool and why it was bad.