summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Bump to version 2.3v2.3Dwayne C. Litzenberger2010-08-273-3/+3
|
* Update ChangeLogDwayne Litzenberger2010-08-271-0/+13
|
* Make RSA.generate raise a more user-friendly exception message when the user ↵Dwayne C. Litzenberger2010-08-271-0/+3
| | | | | | | | | | | | | | tries to generate a bogus-length key. Before this change, doing RSA.generate(128*5) would raise an exception saying: "bits must be multiple of 128 and > 512" This was because getStrongPrime was raising the exception when trying to generate 320-bit primes (which is correct behaviour). Now, we raise a more friendly error message: "RSA modulus length must be a multiple of 256 and > 1024"
* _slowmath: Compute RSA u parameter when it's not given to RSA.constructDwayne C. Litzenberger2010-08-262-1/+5
| | | | This makes _slowmath behave the same as _fastmath in this regard.
* Fix NameError: 'GetRandomNumber_DeprecationWarning' is not definedJanne Snabb2010-08-261-0/+1
|
* Bump to version 2.2v2.2Dwayne C. Litzenberger2010-08-023-3/+3
|
* Update ChangeLogDwayne C. Litzenberger2010-08-021-0/+23
|
* Remove dead RIPEMD160.py implementation (we already have a C implementation)Dwayne C. Litzenberger2010-08-021-259/+0
|
* Fix build on python compiled with profilingDwayne C. Litzenberger2010-08-021-0/+2
| | | | | | | | | See https://bugs.launchpad.net/pycrypto/+bug/609175 Apparently, the -pg and -fomit-frame-pointer options to gcc are incompatible, and -pg is added when python is built using --enable-profiling. Thanks to Drew Smathers for pointing this out and proposing this fix.
* getRandomNumber API compatibility:Dwayne C. Litzenberger2010-08-024-16/+49
| | | | | | | | | | | | | Legrandin's getStrongPrime() patch changed the behaviour of Crypto.Util.number.getRandomNumber() to something that is more like what people would expect, but different from what we did before. This change modifies Crypto.Util.number in the following ways: - Rename getRandomNBitNumber -> getRandomNBitInteger and getRandomNumber -> getRandomInteger - Preserve old behaviour by making getRandomNumber work the same as getRandomNBitInteger. - Emit a DeprecationWarning when the old getRandomNumber is used.
* Support for older versions of pythonLegrandin2010-08-024-27/+38
| | | | | | This patch add support for older python 2.1/2.2 to the previous one (DER/PEM). Committer: Legrandin <gooksankoo@hoiptorrow.mailexpire.com>
* Add ability to export and import RSA keys in DER and PEM format.Legrandin2010-08-026-2/+666
| | | | | | | | | | | | | | | | | | | | | | Typical usage for importing an RSA key: f = file("ssl.pem") key = RSA.importKey(f.read()) f.close() key.verify(hash, signature) Typical usage for exporting an RSA public key: key = RSA.generate(512, randfunc) f = file("ssl.der","w") f.write(key.publickey.exportKey('DER')) f.close() I confirm I am eligible for submitting code to pycrypto according to http://www.dlitz.net/software/pycrypto/submission-requirements/ fetched on 27 December 2009. Committer: Legrandin <gooksankoo@hoiptorrow.mailexpire.com>
* ACKS: Add Lorenz QuackDwayne C. Litzenberger2010-06-111-0/+1
|
* Fix potential uninitialized use of randfunc pointerDwayne C. Litzenberger2010-06-101-1/+1
| | | | This could occur if getRNG() returns NULL.
* Fix compiler warnings & clean up the code a bit.Dwayne C. Litzenberger2010-06-101-6/+10
|
* Fix backward compatibility with PyCrypto 2.1 through 2.5:Dwayne C. Litzenberger2010-06-102-21/+22
| | | | | | | | | | | | | | | | | | | | | | | | | - Replaced things like (1 << bits) with (1L << bits). See PEP 237: - In Python < 2.4, (1<<31) evaluates as -2147483648 - In Python >= 2.4, it becomes 2147483648L - Replaced things like (bits/2) with the equivalent (bits>>1). This makes PyCrypto work when floating-point division is enabled (e.g. in Python 2.6 with -Qnew) - In Python < 2.2, expressions like 2**1279, 1007119*2014237, and 3153640933 raise OverflowError. Replaced them with it with 2L**1279, 1007119L*2014237L, and 3153640933, respectively. - The "//" and "//=" integer division operators are a syntax error in Python 2.1 and below. Replaced things like (m //= 2) with the equivalent (m >>= 1). - Where integer division can't be replaced by bit shifting, replace (a/b) with (divmod(a, b)[0]). - math.log takes exactly 1 argument in Python < 2.3, so replaced things like "-math.log(false_positive_prob, 4)" with "-math.log(false_positive_prob)/math.log(4)".
* getStrongPrime() implementationLorenz Quack2010-06-105-80/+2869
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From http://lists.dlitz.net/pipermail/pycrypto/2009q4/000167.html, with the following explanation included in the email: === snip === Hi there! Here comes my monster patch. It includes a python and C version of getStrongPrime, rabinMillerTest and isPrime. there are also two small unit tests and some helper functions. They all take a randfunc and propagate them (or so I hope). The Rabin-Miller-Test uses random bases (non-deterministic). getStrongPrime and isPrime take an optional parameter "false_positive_prob" where one can specify the maximum probability that the prime is actually composite. Internally the functions calculate the Rabin-Miller rounds from this. It defaults to 1e-6 (1:1000000) which results in 10 rounds of Rabin-Miller testing. Please review this carefully. Even though I tried hard to get things right some bugs always slip through. maybe you could also review the way I acquire and release the GIL. It felt kind of ugly the way I did it but I don't see a better way just now. Concerning the public exponent e: I now know why it needs to be coprime to p-1 and q-1. The private exponent d is the inverse of e mod ((p-1)(q-1)). If e is not coprime to ((p-1)(q-1)) then the inverse does not exist [1]. The getStrongPrime take an optional argument e. if provided the function will make sure p-1 and e are coprime. if e is even (p-1)/2 will be coprime. if e is even then there is a additional constraint: p =/= q mod 8. I can't check for that in getStrongPrime of course but since we hardcoded e to be odd in _RSA.py this should pose no problem. The Baillie-PSW-Test is not included. I tried hard not to use any functionality new than 2.1 but if you find anything feel free to criticize. Also if I didn't get the coding style right either tell me or feel free to correct it yourself. have fun. //Lorenz [1] http://mathworld.wolfram.com/ModularInverse.html === snip ===
* Tell GCC to compile using the C99 standardDwayne C. Litzenberger2010-05-291-0/+3
| | | | This should fix building on FreeBSD and NetBSD.
* CruiseControl.rb build automationDwayne C. Litzenberger2010-05-291-0/+34
|
* Fix PyCrypto when floor division (python -Qnew) is enabledDwayne C. Litzenberger2010-05-295-14/+14
|
* Update pycrypt.rst to clarify RNG usageLegrandin2009-12-281-110/+32
| | | | | | | | | | Update the documentation, so that: 1) The only example about RSA key shows how the randomness generator should be created and used. 2) The description of Crypto.Util.randpool is replaced with the more robust Crypto.Random. Committer: Legrandin <gooksankoo@hoiptorrow.mailexpire.com>
* Add Tom St. Denis to ACKS (no idea how I missed him. Sorry!)Dwayne C. Litzenberger2009-12-211-0/+1
|
* Release version 2.1.0v2.1.0Dwayne C. Litzenberger2009-12-134-6/+6
|
* Fix building PyCrypto on Win64 using MS Visual Studio 9.0.Dwayne C. Litzenberger2009-12-133-1/+10
| | | | | Thanks to Nevins Bartolomeo (https://launchpad.net/~nevins-bartolomeo) for contributing this fix.
* Bump to version 2.1.0b1v2.1.0b1Dwayne C. Litzenberger2009-11-012-3/+3
|
* Update ChangeLogDwayne C. Litzenberger2009-11-011-0/+7
|
* RSA.generate: Ensure that e is coprime to (p-1) and (q-1).Dwayne C. Litzenberger2009-11-011-3/+19
| | | | | | | | | | | | | | | This is needed for encryption to work properly, according to the 1997 paper by Robert D. Silverman of RSA Labs, "Fast generation of random, strong RSA primes", available here: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.17.2713&rep=rep1&type=pdf Since e=65537 is prime, it is sufficient to check that e divides neither (p-1) nor (q-1). This fixes the bug https://bugs.launchpad.net/pycrypto/+bug/408660 This is a modified version of a patch by Lorenz Quack <don@amberfisharts.com>.
* block_template.c: Re-acquire the GIL during a nasty error casev2.1.0alpha2Lorenz Quack2009-10-161-0/+2
| | | | | | This error should never occur, but we might as well handle it properly anyway. This fixes https://bugs.launchpad.net/pycrypto/+bug/452195
* Update RandomPool warning to indicate that *previous* versions were brokenDwayne C. Litzenberger2009-10-121-1/+1
| | | | | | The *new* version uses Crypto.Random, so it's not broken, but we still want to warn users and developers that their applications have been using an insecure RNG up to this point.
* Update ChangeLogDwayne C. Litzenberger2009-10-121-0/+12
|
* Release the global interpreter lock during encryption, decryption, and hashing.Dwayne C. Litzenberger2009-10-127-36/+37
| | | | | | | These are the easy ones. We don't release the GIL on cipher initialization, hash initialization, or hash finalization, because those functions might make Python API calls, and we would need to add a mechism for re-acquiring the GIL in those cases.
* Counter: Add some assert() statementsDwayne C. Litzenberger2009-10-121-0/+18
|
* setup.py: Add USE_GCOV variable for building with gcovDwayne C. Litzenberger2009-10-121-0/+8
|
* SelfTest: Clarify descriptions & ordering of Cipher testsDwayne C. Litzenberger2009-10-121-4/+28
|
* Check for counter wraparound when encrypting using MODE_CTRDwayne C. Litzenberger2009-10-123-8/+24
| | | | | - Add check_wraparound_func pointer to PCT_CounterObject - Call check_wraparound_func from block_template.c
* SelfTest: Add regression test for MODE_CTR ciphers not raising OverflowError ↵Dwayne C. Litzenberger2009-10-121-0/+20
| | | | when shortcut is used
* SelfTest: Test new Counter anti-wraparound behaviourDwayne C. Litzenberger2009-10-121-11/+25
|
* Counter: raise OverflowError by default when the counter wraps around.Dwayne C. Litzenberger2009-10-123-6/+21
| | | | | The old behaviour can be obtained by explicitly setting allow_wraparound=True when invoking Counter.new
* Counter: Add 'carry' attribute to counter objectsDwayne C. Litzenberger2009-10-122-2/+12
|
* SelfTest: Add tests for Counter wraparound behaviour and for the 'carry' ↵Dwayne C. Litzenberger2009-10-121-0/+45
| | | | attribute
* SelfTest: Add tests for Crypto.Util.CounterDwayne C. Litzenberger2009-10-122-0/+104
|
* SelfTest: When testing CTR mode ciphers, test both with the shortcut and ↵Dwayne C. Litzenberger2009-10-121-0/+10
| | | | without the shortcut
* Counter: Add disable_shortcut keyword argument (to be used for testing)Dwayne C. Litzenberger2009-10-123-16/+24
|
* block_template.c: Allow MODE_CTR to behave as a stream cipherDwayne C. Litzenberger2009-10-121-14/+55
|
* SelfTest: Test stream cipher (and MODE_CTR) API behaviourDwayne C. Litzenberger2009-10-121-0/+27
|
* SelfTest: Add AES-CTR testsDwayne C. Litzenberger2009-10-122-4/+66
|
* block_template.c: Call ALG_Encrypt when using MODE_CTR, rather than ↵Dwayne C. Litzenberger2009-10-111-57/+5
| | | | duplicating code in ALG_Decrypt
* Counter: Fix compiler warning: initialization from incompatible pointer typeDwayne C. Litzenberger2009-10-111-2/+2
|
* setup.py: Enable assert() statements, and reduce optimization when debuggingDwayne C. Litzenberger2009-10-111-8/+19
|
* block_template.c: when using MODE_CFB, raise ValueError if segment_size is ↵Dwayne C. Litzenberger2009-10-101-3/+3
| | | | not a multiple of 8 bits
View Lorry Controller Status