diff options
-rw-r--r-- | Doc/pycrypt.rst | 6 | ||||
-rw-r--r-- | lib/Crypto/Cipher/PKCS1_OAEP.py | 8 | ||||
-rw-r--r-- | lib/Crypto/Hash/RIPEMD160.py (renamed from lib/Crypto/Hash/RIPEMD.py) | 4 | ||||
-rw-r--r-- | lib/Crypto/Hash/SHA1.py (renamed from lib/Crypto/Hash/SHA.py) | 4 | ||||
-rw-r--r-- | lib/Crypto/Hash/__init__.py | 2 | ||||
-rw-r--r-- | lib/Crypto/Protocol/KDF.py | 2 | ||||
-rw-r--r-- | lib/Crypto/PublicKey/_DSA.py | 8 | ||||
-rw-r--r-- | lib/Crypto/SelfTest/Cipher/test_pkcs1_oaep.py | 4 | ||||
-rw-r--r-- | lib/Crypto/SelfTest/Hash/__init__.py | 14 | ||||
-rw-r--r-- | lib/Crypto/SelfTest/Hash/test_HMAC.py | 2 | ||||
-rw-r--r-- | lib/Crypto/SelfTest/Hash/test_RIPEMD160.py (renamed from lib/Crypto/SelfTest/Hash/test_RIPEMD.py) | 8 | ||||
-rw-r--r-- | lib/Crypto/SelfTest/Hash/test_SHA1.py (renamed from lib/Crypto/SelfTest/Hash/test_SHA.py) | 6 | ||||
-rw-r--r-- | lib/Crypto/SelfTest/Protocol/test_KDF.py | 2 | ||||
-rw-r--r-- | lib/Crypto/SelfTest/Signature/test_pkcs1_15.py | 6 | ||||
-rw-r--r-- | lib/Crypto/SelfTest/Signature/test_pkcs1_pss.py | 16 | ||||
-rw-r--r-- | lib/Crypto/Signature/PKCS1_PSS.py | 8 | ||||
-rw-r--r-- | pct-speedtest.py | 15 |
17 files changed, 60 insertions, 55 deletions
diff --git a/Doc/pycrypt.rst b/Doc/pycrypt.rst index 2a48f4c..f8df9fb 100644 --- a/Doc/pycrypt.rst +++ b/Doc/pycrypt.rst @@ -117,8 +117,8 @@ Hash function Digest length Security MD2 128 bits Insecure, do not use MD4 128 bits Insecure, do not use MD5 128 bits Insecure, do not use -RIPEMD 160 bits Secure. This is RIPEMD-160. -SHA 160 bits SHA1 is shaky. Walk, do not run, away from SHA1. +RIPEMD160 160 bits Secure. +SHA1 160 bits SHA1 is shaky. Walk, do not run, away from SHA1. SHA256 256 bits Secure. ============= ============= ======== @@ -1069,7 +1069,7 @@ with ASCII. Unfortunately, it's difficult for humans to remember 16 or 32 hex digits. One solution is to request a lengthy passphrase from the user, and -then run it through a hash function such as SHA or MD5. Another +then run it through a hash function such as SHA1 or MD5. Another solution is discussed in RFC 1751, "A Convention for Human-Readable 128-bit Keys", by Daniel L. McDonald. Binary keys are transformed into a list of short English words that should be easier to remember. diff --git a/lib/Crypto/Cipher/PKCS1_OAEP.py b/lib/Crypto/Cipher/PKCS1_OAEP.py index 9afe176..f0754e4 100644 --- a/lib/Crypto/Cipher/PKCS1_OAEP.py +++ b/lib/Crypto/Cipher/PKCS1_OAEP.py @@ -55,7 +55,7 @@ __revision__ = "$Id$" __all__ = [ 'new', 'PKCS1OAEP_Cipher' ] import Crypto.Signature.PKCS1_PSS -import Crypto.Hash.SHA +import Crypto.Hash.SHA1 from Crypto.Util.py3compat import * import Crypto.Util.number @@ -75,7 +75,7 @@ class PKCS1OAEP_Cipher: hashAlgo : hash object The hash function to use. This can be a module under `Crypto.Hash` or an existing hash object created from any of such modules. If not specified, - `Crypto.Hash.SHA` (that is, SHA-1) is used. + `Crypto.Hash.SHA1` is used. mgfunc : callable A mask generation function that accepts two parameters: a string to use as seed, and the lenth of the mask to generate, in bytes. @@ -93,7 +93,7 @@ class PKCS1OAEP_Cipher: if hashAlgo: self._hashObj = hashAlgo else: - self._hashObj = Crypto.Hash.SHA + self._hashObj = Crypto.Hash.SHA1 if mgfunc: self._mgf = mgfunc @@ -238,7 +238,7 @@ def new(key, hashAlgo=None, mgfunc=None, label=b('')): hashAlgo : hash object The hash function to use. This can be a module under `Crypto.Hash` or an existing hash object created from any of such modules. If not specified, - `Crypto.Hash.SHA` (that is, SHA-1) is used. + `Crypto.Hash.SHA1` is used. mgfunc : callable A mask generation function that accepts two parameters: a string to use as seed, and the lenth of the mask to generate, in bytes. diff --git a/lib/Crypto/Hash/RIPEMD.py b/lib/Crypto/Hash/RIPEMD160.py index 33099cb..3abed5d 100644 --- a/lib/Crypto/Hash/RIPEMD.py +++ b/lib/Crypto/Hash/RIPEMD160.py @@ -22,9 +22,9 @@ RIPEMD-160_ produces the 160 bit digest of a message. - >>> from Crypto.Hash import RIPEMD + >>> from Crypto.Hash import RIPEMD160 >>> - >>> h = RIPEMD.new() + >>> h = RIPEMD160.new() >>> h.update(b'Hello') >>> print h.hexdigest() diff --git a/lib/Crypto/Hash/SHA.py b/lib/Crypto/Hash/SHA1.py index 0bc5917..334ae18 100644 --- a/lib/Crypto/Hash/SHA.py +++ b/lib/Crypto/Hash/SHA1.py @@ -22,9 +22,9 @@ SHA-1_ produces the 160 bit digest of a message. - >>> from Crypto.Hash import SHA + >>> from Crypto.Hash import SHA1 >>> - >>> h = SHA.new() + >>> h = SHA1.new() >>> h.update(b'Hello') >>> print h.hexdigest() diff --git a/lib/Crypto/Hash/__init__.py b/lib/Crypto/Hash/__init__.py index 4582c66..b9f9525 100644 --- a/lib/Crypto/Hash/__init__.py +++ b/lib/Crypto/Hash/__init__.py @@ -49,7 +49,7 @@ The hashing modules here all support the interface described in `PEP :undocumented: _MD2, _MD4, _RIPEMD160, _SHA224, _SHA256, _SHA384, _SHA512 """ -__all__ = ['HMAC', 'MD2', 'MD4', 'MD5', 'RIPEMD', 'SHA', +__all__ = ['HMAC', 'MD2', 'MD4', 'MD5', 'RIPEMD160', 'SHA1', 'SHA224', 'SHA256', 'SHA384', 'SHA512'] __revision__ = "$Id$" diff --git a/lib/Crypto/Protocol/KDF.py b/lib/Crypto/Protocol/KDF.py index 973b7af..b13562a 100644 --- a/lib/Crypto/Protocol/KDF.py +++ b/lib/Crypto/Protocol/KDF.py @@ -39,7 +39,7 @@ import math import struct from Crypto.Util.py3compat import * -from Crypto.Hash import SHA as SHA1, HMAC +from Crypto.Hash import SHA1, HMAC from Crypto.Util.strxor import strxor def PBKDF1(password, salt, dkLen, count=1000, hashAlgo=None): diff --git a/lib/Crypto/PublicKey/_DSA.py b/lib/Crypto/PublicKey/_DSA.py index 6b7a964..f027d92 100644 --- a/lib/Crypto/PublicKey/_DSA.py +++ b/lib/Crypto/PublicKey/_DSA.py @@ -30,7 +30,7 @@ __revision__ = "$Id$" from Crypto.PublicKey.pubkey import * from Crypto.Util import number from Crypto.Util.number import bytes_to_long, long_to_bytes -from Crypto.Hash import SHA +from Crypto.Hash import SHA1 from Crypto.Util.py3compat import * class error (Exception): @@ -38,8 +38,8 @@ class error (Exception): def generateQ(randfunc): S=randfunc(20) - hash1=SHA.new(S).digest() - hash2=SHA.new(long_to_bytes(bytes_to_long(S)+1)).digest() + hash1=SHA1.new(S).digest() + hash2=SHA1.new(long_to_bytes(bytes_to_long(S)+1)).digest() q = bignum(0) for i in range(0,20): c=bord(hash1[i])^bord(hash2[i]) @@ -77,7 +77,7 @@ def generate_py(bits, randfunc, progress_func=None): powL1=pow(bignum(2), bits-1) while C<4096: for k in range(0, n+1): - V[k]=bytes_to_long(SHA.new(S+bstr(N)+bstr(k)).digest()) + V[k]=bytes_to_long(SHA1.new(S+bstr(N)+bstr(k)).digest()) W=V[n] % powb for k in range(n-1, -1, -1): W=(W<<160L)+V[k] diff --git a/lib/Crypto/SelfTest/Cipher/test_pkcs1_oaep.py b/lib/Crypto/SelfTest/Cipher/test_pkcs1_oaep.py index 7ca5c15..86c38a3 100644 --- a/lib/Crypto/SelfTest/Cipher/test_pkcs1_oaep.py +++ b/lib/Crypto/SelfTest/Cipher/test_pkcs1_oaep.py @@ -31,7 +31,7 @@ from Crypto.SelfTest.st_common import list_test_cases, a2b_hex, b2a_hex from Crypto.Util.py3compat import * from Crypto.PublicKey import RSA from Crypto.Cipher import PKCS1_OAEP as PKCS -from Crypto.Hash import MD2,MD5,SHA as SHA1,SHA256,RIPEMD +from Crypto.Hash import MD2,MD5,SHA1,SHA256,RIPEMD160 from Crypto import Random def rws(t): @@ -327,7 +327,7 @@ class PKCS1_OAEP_Tests(unittest.TestCase): asked += N return self.rng(N) # Verify that OAEP is friendly to all hashes - for hashmod in (MD2,MD5,SHA1,SHA256,RIPEMD): + for hashmod in (MD2,MD5,SHA1,SHA256,RIPEMD160): # Verify that encrypt() asks for as many random bytes # as the hash output size asked = 0 diff --git a/lib/Crypto/SelfTest/Hash/__init__.py b/lib/Crypto/SelfTest/Hash/__init__.py index bb19f9b..d6c8e57 100644 --- a/lib/Crypto/SelfTest/Hash/__init__.py +++ b/lib/Crypto/SelfTest/Hash/__init__.py @@ -28,13 +28,13 @@ __revision__ = "$Id$" def get_tests(config={}): tests = [] - from Crypto.SelfTest.Hash import test_HMAC; tests += test_HMAC.get_tests(config=config) - from Crypto.SelfTest.Hash import test_MD2; tests += test_MD2.get_tests(config=config) - from Crypto.SelfTest.Hash import test_MD4; tests += test_MD4.get_tests(config=config) - from Crypto.SelfTest.Hash import test_MD5; tests += test_MD5.get_tests(config=config) - from Crypto.SelfTest.Hash import test_RIPEMD; tests += test_RIPEMD.get_tests(config=config) - from Crypto.SelfTest.Hash import test_SHA; tests += test_SHA.get_tests(config=config) - from Crypto.SelfTest.Hash import test_SHA256; tests += test_SHA256.get_tests(config=config) + from Crypto.SelfTest.Hash import test_HMAC; tests += test_HMAC.get_tests(config=config) + from Crypto.SelfTest.Hash import test_MD2; tests += test_MD2.get_tests(config=config) + from Crypto.SelfTest.Hash import test_MD4; tests += test_MD4.get_tests(config=config) + from Crypto.SelfTest.Hash import test_MD5; tests += test_MD5.get_tests(config=config) + from Crypto.SelfTest.Hash import test_RIPEMD160; tests += test_RIPEMD160.get_tests(config=config) + from Crypto.SelfTest.Hash import test_SHA1; tests += test_SHA1.get_tests(config=config) + from Crypto.SelfTest.Hash import test_SHA256; tests += test_SHA256.get_tests(config=config) try: from Crypto.SelfTest.Hash import test_SHA224; tests += test_SHA224.get_tests(config=config) from Crypto.SelfTest.Hash import test_SHA384; tests += test_SHA384.get_tests(config=config) diff --git a/lib/Crypto/SelfTest/Hash/test_HMAC.py b/lib/Crypto/SelfTest/Hash/test_HMAC.py index c01c97b..85bdf47 100644 --- a/lib/Crypto/SelfTest/Hash/test_HMAC.py +++ b/lib/Crypto/SelfTest/Hash/test_HMAC.py @@ -203,7 +203,7 @@ hashlib_test_data = [ def get_tests(config={}): global test_data - from Crypto.Hash import HMAC, MD5, SHA as SHA1, SHA256 + from Crypto.Hash import HMAC, MD5, SHA1, SHA256 from common import make_mac_tests hashmods = dict(MD5=MD5, SHA1=SHA1, SHA256=SHA256, default=None) try: diff --git a/lib/Crypto/SelfTest/Hash/test_RIPEMD.py b/lib/Crypto/SelfTest/Hash/test_RIPEMD160.py index 6673a93..d476249 100644 --- a/lib/Crypto/SelfTest/Hash/test_RIPEMD.py +++ b/lib/Crypto/SelfTest/Hash/test_RIPEMD160.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# SelfTest/Hash/test_RIPEMD.py: Self-test for the RIPEMD-160 hash function +# SelfTest/Hash/test_RIPEMD160.py: Self-test for the RIPEMD-160 hash function # # Written in 2008 by Dwayne C. Litzenberger <dlitz@dlitz.net> # @@ -22,7 +22,7 @@ # SOFTWARE. # =================================================================== -#"""Self-test suite for Crypto.Hash.RIPEMD""" +#"""Self-test suite for Crypto.Hash.RIPEMD160""" __revision__ = "$Id$" @@ -59,9 +59,9 @@ test_data = [ ] def get_tests(config={}): - from Crypto.Hash import RIPEMD + from Crypto.Hash import RIPEMD160 from common import make_hash_tests - return make_hash_tests(RIPEMD, "RIPEMD", test_data, + return make_hash_tests(RIPEMD160, "RIPEMD160", test_data, digest_size=20, oid="\x06\x05\x2b\x24\x03\02\x01") diff --git a/lib/Crypto/SelfTest/Hash/test_SHA.py b/lib/Crypto/SelfTest/Hash/test_SHA1.py index 7d72e77..83bd6d2 100644 --- a/lib/Crypto/SelfTest/Hash/test_SHA.py +++ b/lib/Crypto/SelfTest/Hash/test_SHA1.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# SelfTest/Hash/SHA.py: Self-test for the SHA-1 hash function +# SelfTest/Hash/SHA1.py: Self-test for the SHA-1 hash function # # Written in 2008 by Dwayne C. Litzenberger <dlitz@dlitz.net> # @@ -50,9 +50,9 @@ test_data = [ ] def get_tests(config={}): - from Crypto.Hash import SHA + from Crypto.Hash import SHA1 from common import make_hash_tests - return make_hash_tests(SHA, "SHA", test_data, + return make_hash_tests(SHA1, "SHA1", test_data, digest_size=20, oid="\x06\x05\x2B\x0E\x03\x02\x1A") diff --git a/lib/Crypto/SelfTest/Protocol/test_KDF.py b/lib/Crypto/SelfTest/Protocol/test_KDF.py index 119836b..f0a44d1 100644 --- a/lib/Crypto/SelfTest/Protocol/test_KDF.py +++ b/lib/Crypto/SelfTest/Protocol/test_KDF.py @@ -26,7 +26,7 @@ import unittest from binascii import unhexlify from Crypto.SelfTest.st_common import list_test_cases -from Crypto.Hash import SHA as SHA1,HMAC +from Crypto.Hash import SHA1, HMAC from Crypto.Protocol.KDF import * diff --git a/lib/Crypto/SelfTest/Signature/test_pkcs1_15.py b/lib/Crypto/SelfTest/Signature/test_pkcs1_15.py index bc36696..d56ba95 100644 --- a/lib/Crypto/SelfTest/Signature/test_pkcs1_15.py +++ b/lib/Crypto/SelfTest/Signature/test_pkcs1_15.py @@ -123,7 +123,7 @@ class PKCS1_15_Tests(unittest.TestCase): '''4a700a16432a291a3194646952687d5316458b8b86fb0a25aa30e0dcecdb 442676759ac63d56ec1499c3ae4c0013c2053cabd5b5804848994541ac16 fa243a4d''', - SHA + SHA1 ), # @@ -146,7 +146,7 @@ class PKCS1_15_Tests(unittest.TestCase): A9D20970C54E6651070B0144D43844C899320DD8FA7819F7EBC6A7715287332E C8675C136183B3F8A1F81EF969418267130A756FDBB2C71D9A667446E34E0EAD 9CF31BFB66F816F319D0B7E430A5F2891553986E003720261C7E9022C0D9F11F''', - SHA + SHA1 ) ) @@ -197,7 +197,7 @@ class PKCS1_15_Tests(unittest.TestCase): rng = Random.new().read key = RSA.generate(1024, rng) - for hashmod in (MD2,MD5,SHA,SHA224,SHA256,SHA384,SHA512,RIPEMD): + for hashmod in (MD2,MD5,SHA1,SHA224,SHA256,SHA384,SHA512,RIPEMD160): h = hashmod.new() h.update(b('blah blah blah')) diff --git a/lib/Crypto/SelfTest/Signature/test_pkcs1_pss.py b/lib/Crypto/SelfTest/Signature/test_pkcs1_pss.py index f5256a5..314d2b8 100644 --- a/lib/Crypto/SelfTest/Signature/test_pkcs1_pss.py +++ b/lib/Crypto/SelfTest/Signature/test_pkcs1_pss.py @@ -136,7 +136,7 @@ class PKCS1_PSS_Tests(unittest.TestCase): '''e3 b5 d5 d0 02 c1 bc e5 0c 2b 65 ef 88 a1 88 d8 3b ce 7e 61''', # Hash algorithm - SHA + SHA1 ), # @@ -192,7 +192,7 @@ class PKCS1_PSS_Tests(unittest.TestCase): '''de e9 59 c7 e0 64 11 36 14 20 ff 80 18 5e d5 7f 3e 67 76 af''', # Hash - SHA + SHA1 ), # @@ -238,7 +238,7 @@ class PKCS1_PSS_Tests(unittest.TestCase): '''ef 28 69 fa 40 c3 46 cb 18 3d ab 3d 7b ff c9 8f d5 6d f4 2d''', # Hash - SHA + SHA1 ), # @@ -285,7 +285,7 @@ class PKCS1_PSS_Tests(unittest.TestCase): # Salt '''57 bf 16 0b cb 02 bb 1d c7 28 0c f0 45 85 30 b7 d2 83 2f f7''', - SHA + SHA1 ), # @@ -339,7 +339,7 @@ class PKCS1_PSS_Tests(unittest.TestCase): # Salt '''1d 65 49 1d 79 c8 64 b3 73 00 9b e6 f6 f2 46 7b ac 4c 78 fa''', - SHA + SHA1 ) ) @@ -380,7 +380,7 @@ class PKCS1_PSS_Tests(unittest.TestCase): self.failUnless(result) def testSignVerify(self): - h = SHA.new() + h = SHA1.new() h.update(b('blah blah blah')) rng = Random.new().read @@ -394,7 +394,7 @@ class PKCS1_PSS_Tests(unittest.TestCase): return bchr(0x00)*maskLen # Verify that PSS is friendly to all ciphers - for hashmod in (MD2,MD5,SHA,SHA224,SHA256,SHA384,RIPEMD): + for hashmod in (MD2,MD5,SHA1,SHA224,SHA256,SHA384,RIPEMD160): h = hashmod.new() h.update(b('blah blah blah')) @@ -406,7 +406,7 @@ class PKCS1_PSS_Tests(unittest.TestCase): self.failUnless(signer.verify(h, s)) self.assertEqual(key.asked, h.digest_size) - h = SHA.new() + h = SHA1.new() h.update(b('blah blah blah')) # Verify that sign() uses a different salt length diff --git a/lib/Crypto/Signature/PKCS1_PSS.py b/lib/Crypto/Signature/PKCS1_PSS.py index 7038f4e..cd9eaf3 100644 --- a/lib/Crypto/Signature/PKCS1_PSS.py +++ b/lib/Crypto/Signature/PKCS1_PSS.py @@ -30,13 +30,13 @@ For example, a sender may authenticate a message using SHA-1 and PSS like this: >>> from Crypto.Signature import PKCS1_PSS - >>> from Crypto.Hash import SHA - >>> from Crypto.PublicKey import RSA + >>> from Crypto.Hash import SHA1 + >>> from Crypto.PublicKey import RSA1 >>> from Crypto import Random >>> >>> message = 'To be signed' >>> key = RSA.importKey(open('privkey.der').read()) - >>> h = SHA.new() + >>> h = SHA1.new() >>> h.update(message) >>> signer = PKCS1_PSS.new(key) >>> signature = signer.sign(key) @@ -45,7 +45,7 @@ At the receiver side, verification can be done like using the public part of the RSA key: >>> key = RSA.importKey(open('pubkey.der').read()) - >>> h = SHA.new() + >>> h = SHA1.new() >>> h.update(message) >>> verifier = PKCS1_PSS.new(key) >>> if verifier.verify(h, signature): diff --git a/pct-speedtest.py b/pct-speedtest.py index fe52a55..eb2778f 100644 --- a/pct-speedtest.py +++ b/pct-speedtest.py @@ -32,9 +32,14 @@ from Crypto.Cipher import AES, ARC2, ARC4, Blowfish, CAST, DES3, DES, XOR from Crypto.Hash import HMAC, MD2, MD4, MD5, SHA, SHA224, SHA256, SHA384, SHA512 from Crypto.Random import get_random_bytes try: - from Crypto.Hash import RIPEMD -except ImportError: # Some builds of PyCrypto don't have the RIPEMD module - RIPEMD = None + from Crypto.Hash import RIPEMD160 +except ImportError: + # Maybe it's called RIPEMD + try: + from Crypto.Hash import RIPEMD as RIPEMD160 + except ImportError: + # Some builds of PyCrypto don't have the RIPEMD module + RIPEMD160 = None try: import hashlib @@ -222,8 +227,8 @@ class Benchmark: ("SHA384", SHA384), ("SHA512", SHA512), ] - if RIPEMD is not None: - hash_specs += [("RIPEMD", RIPEMD)] + if RIPEMD160 is not None: + hash_specs += [("RIPEMD160", RIPEMD160)] hashlib_specs = [] if hashlib is not None: |