diff options
Diffstat (limited to 'pipermail/pycrypto/2014q1/000781.html')
-rw-r--r-- | pipermail/pycrypto/2014q1/000781.html | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/pipermail/pycrypto/2014q1/000781.html b/pipermail/pycrypto/2014q1/000781.html new file mode 100644 index 0000000..7c2ca01 --- /dev/null +++ b/pipermail/pycrypto/2014q1/000781.html @@ -0,0 +1,88 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<HTML> + <HEAD> + <TITLE> [pycrypto] Any progress with pycrypto 2.7? + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20Any%20progress%20with%20pycrypto%202.7%3F&In-Reply-To=%3C20140222043409.GA26458%40rivest.dlitz.net%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <style type="text/css"> + pre { + white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */ + } + </style> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="000772.html"> + <LINK REL="Next" HREF="000783.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[pycrypto] Any progress with pycrypto 2.7?</H1> + <B>Dwayne Litzenberger</B> + <A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20Any%20progress%20with%20pycrypto%202.7%3F&In-Reply-To=%3C20140222043409.GA26458%40rivest.dlitz.net%3E" + TITLE="[pycrypto] Any progress with pycrypto 2.7?">dlitz at dlitz.net + </A><BR> + <I>Fri Feb 21 20:34:09 PST 2014</I> + <P><UL> + <LI>Previous message: <A HREF="000772.html">[pycrypto] Any progress with pycrypto 2.7? +</A></li> + <LI>Next message: <A HREF="000783.html">[pycrypto] Any progress with pycrypto 2.7? +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#781">[ date ]</a> + <a href="thread.html#781">[ thread ]</a> + <a href="subject.html#781">[ subject ]</a> + <a href="author.html#781">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>For reference, here are the relevant bugs and/or pull requests, where +discussion is taking place. I've added comments to all three. + +><i>1) Hard crash on recent recent Intel CPUs (due gcc and AESNI) +</I> +<A HREF="https://github.com/dlitz/pycrypto/pull/62">https://github.com/dlitz/pycrypto/pull/62</A> + +><i>2) Potential DoS when importing an RSA key (segfault of the interpreter) +</I> +I assume you mean the floating-point exception that occurs when you pass +an even modulus to RSA.construct? + +<A HREF="https://bugs.launchpad.net/pycrypto/+bug/1193521">https://bugs.launchpad.net/pycrypto/+bug/1193521</A> +<A HREF="https://github.com/dlitz/pycrypto/pull/50">https://github.com/dlitz/pycrypto/pull/50</A> + +On pull request #50 ("Add checks to verify correctness of +RSA/DSA/ElGamal keys"), it would be helpful if others could chime in +about the potential for leaking private keys via timing side-channels. + +><i>3) Silent, incorrect HMAC construction for SHA-2 +</I> +<A HREF="https://bugs.launchpad.net/pycrypto/+bug/1209399">https://bugs.launchpad.net/pycrypto/+bug/1209399</A> +<A HREF="https://github.com/dlitz/pycrypto/pull/57">https://github.com/dlitz/pycrypto/pull/57</A> + +-- +Dwayne C. Litzenberger <<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">dlitz at dlitz.net</A>> + OpenPGP: 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7 +</PRE> + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="000772.html">[pycrypto] Any progress with pycrypto 2.7? +</A></li> + <LI>Next message: <A HREF="000783.html">[pycrypto] Any progress with pycrypto 2.7? +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#781">[ date ]</a> + <a href="thread.html#781">[ thread ]</a> + <a href="subject.html#781">[ subject ]</a> + <a href="author.html#781">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto +mailing list</a><br> +</body></html> |