1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [pycrypto] ANN: PyCrypto 2.1.0 alpha 1 released
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20ANN%3A%20PyCrypto%202.1.0%20alpha%201%20released&In-Reply-To=">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000109.html">
<LINK REL="Next" HREF="000111.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[pycrypto] ANN: PyCrypto 2.1.0 alpha 1 released</H1>
<B>Dwayne C. Litzenberger</B>
<A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20ANN%3A%20PyCrypto%202.1.0%20alpha%201%20released&In-Reply-To="
TITLE="[pycrypto] ANN: PyCrypto 2.1.0 alpha 1 released">dlitz at dlitz.net
</A><BR>
<I>Mon Aug 3 19:56:08 CST 2009</I>
<P><UL>
<LI>Previous message: <A HREF="000109.html">[pycrypto] _RSA.py and generate_py
</A></li>
<LI>Next message: <A HREF="000111.html">[pycrypto] How can I read a standard openssl private key with PyCrypto and decrypt with it?
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#110">[ date ]</a>
<a href="thread.html#110">[ thread ]</a>
<a href="subject.html#110">[ subject ]</a>
<a href="author.html#110">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>PyCrypto 2.1.0alpha1 has been released. Finally.
You can get it from the git repository:
$ git clone <A HREF="git://git.pycrypto.org:9419/crypto/pycrypto-2.x.git">git://git.pycrypto.org:9419/crypto/pycrypto-2.x.git</A>
$ cd pycrypto-2.x
$ git checkout v2.0.1alpha1
You can also browse the git repository on the web:
<A HREF="http://gitweb.pycrypto.org/?p=crypto/pycrypto-2.x.git;a=summary">http://gitweb.pycrypto.org/?p=crypto/pycrypto-2.x.git;a=summary</A>
Please test it and post your experiences to the PyCrypto mailing list:
<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">pycrypto at lists.dlitz.net</A>
and/or file bug reports on Launchpad:
<A HREF="https://bugs.launchpad.net/pycrypto">https://bugs.launchpad.net/pycrypto</A>
Here is a (non-exhaustive) list of changes between 2.0.1 and 2.1.0alpha1:
* This version supports Python versions 2.1 through 2.6.
* Clarified copyright status of much of the existing code by tracking
down Andrew M. Kuchling, Barry A. Warsaw, Jeethu Rao, Joris Bontje,
Mark Moraes, Paul Swartz, Robey Pointer, and Wim Lewis and getting
their permission to clarify the license/public-domain status of their
contributions. Many thanks to all involved!
* Replaced the test suite with a new, comprehensive package
(Crypto.SelfTest) that includes documentation about where its test
vectors came from, or how they were derived.
Use "python setup.py test" to run the tests after building.
* API changes:
- Added Crypto.version_info, which from now on will contain version
information in a format similar to Python's sys.version_info.
- Added a new random numbers API (Crypto.Random), and deprecated the
old one (Crypto.Util.randpool.RandomPool), which was misused more
often than not.
The new API is used by invoking Crypto.Random.new() and then just
reading from the file-like object that is returned.
CAVEAT: To maintain the security of the PRNG, you must call
Crypto.Random.atfork() in both the parent and the child processes
whenever you use os.fork(). Otherwise, the parent and child will
share copies of the same entropy pool, causing them to return the
same results! This is a limitation of Python, which does not
provide readily-accessible hooks to os.fork(). It's also a
limitation caused by the failure of operating systems to provide
sufficiently fast, trustworthy sources of cryptographically-strong
random numbers.
- Crypto.PublicKey now raises ValueError/TypeError/RuntimeError
instead of the various custom "error" exceptions
- Removed the IDEA and RC5 modules due to software patents. Debian
has been doing this for a while
- Added Crypto.Random.random, a strong version of the standard Python
'random' module.
- Added Crypto.Util.Counter, providing fast counter implementations
for use with CTR-mode ciphers.
* Bug fixes:
- Fixed padding bug in SHA256; this resulted in bad digests whenever
(the number of bytes hashed) mod 64 == 55.
- Fixed a 32-bit limitation on the length of messages the SHA256 module
could hash.
- AllOrNothing: Fixed padding bug in digest()
- Fixed a bad behaviour of the XOR cipher module: It would silently
truncate all keys to 32 bytes. Now it raises ValueError when the
key is too long.
- DSA: Added code to enforce FIPS 186-2 requirements on the size of
the prime p
- Fixed the winrandom module, which had been omitted from the build
process, causing security problems for programs that misuse RandomPool.
- Fixed infinite loop when attempting to generate RSA keys with an
odd number of bits in the modulus. (Not that you should do that.)
* Clarified the documentation for Crypto.Util.number.getRandomNumber.
Confusingly, this function does NOT return N random bits; It returns
a random N-bit number, i.e. a random number between 2**(N-1) and
(2**N)-1.
Note that getRandomNumber is for internal use only and may be
renamed or removed in future releases.
* Replaced RIPEMD.c with a new implementation (RIPEMD160.c) to
alleviate copyright concerns.
* Replaced the DES/DES3 modules with ones based on libtomcrypt-1.16 to
alleviate copyright concerns.
* Replaced Blowfish.c with a new implementation to alleviate copyright
concerns.
* Added a string-XOR implementation written in C (Crypto.Util.strxor)
and used it to speed up Crypto.Hash.HMAC
* Converted documentation to reStructured Text.
* Added epydoc configuration Doc/epydoc-config
* setup.py now emits a warning when building without GMP.
* Added pct-speedtest.py to the source tree for doing performance
testing on the new code.
* Cleaned up the code in several places.
Cheers!
- Dwayne
--
Dwayne C. Litzenberger <<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">dlitz at dlitz.net</A>>
Key-signing key - 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000109.html">[pycrypto] _RSA.py and generate_py
</A></li>
<LI>Next message: <A HREF="000111.html">[pycrypto] How can I read a standard openssl private key with PyCrypto and decrypt with it?
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#110">[ date ]</a>
<a href="thread.html#110">[ thread ]</a>
<a href="subject.html#110">[ subject ]</a>
<a href="author.html#110">[ author ]</a>
</LI>
</UL>
<hr>
<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto
mailing list</a><br>
</body></html>
|
