summaryrefslogtreecommitdiff
path: root/CHANGELOG.md
Commit message (Collapse)AuthorAgeFilesLines
* Fix link formatting in CHANGELOGmasterMax Smolens2021-02-141-1/+1
|
* Marked version 4.7 as releasedSybren A. Stüvel2021-01-101-1/+1
|
* Declare support for and test Python 3.9Hugo van Kemenade2021-01-101-0/+1
|
* Fix #162: Blinding uses slow algorithmSybren A. Stüvel2020-11-151-0/+2
| | | | | | | | | Store blinding factor + its inverse, so that they can be reused & updated on every blinding operation. This avoids expensive computations. The reuse of the previous blinding factor is done via squaring (mod n), as per section 9 of 'A Timing Attack against RSA with the Chinese Remainder Theorem' by Werner Schindler, https://tls.mbed.org/public/WSchindler-RSA_Timing_Attack.pdf
* Add link to changelogSybren A. Stüvel2020-11-151-2/+3
|
* Fix #164: Add padding length check as described by PKCS#1 v1.5Sybren A. Stüvel2020-11-151-0/+2
| | | | | According to PKCS#1 v1.5, the padding should be at least 8 bytes long. See https://tools.ietf.org/html/rfc8017#section-7.2.2 step 3 for more info.
* Fix #165: CVE-2020-25658 - Bleichenbacher-style timing oracleSybren A. Stüvel2020-11-151-0/+5
| | | | | | | | | | | | | Use as many constant-time comparisons as practical in the `rsa.pkcs1.decrypt` function. `cleartext.index(b'\x00', 2)` will still be non-constant-time. The alternative would be to iterate over all the data byte by byte in Python, which is several orders of magnitude slower. Given that a perfect constant-time implementation is very hard or even impossible to do in Python [1], I chose the more performant option here. [1]: https://securitypitfalls.wordpress.com/2018/08/03/constant-time-compare-in-python/
* Adds mention of 4.5 version in the headers.tvalentyn2020-06-161-1/+1
|
* Retagged 4.4 as 4.6 and added bit of an explanation to CHANGELOG.mdversion-4.6Sybren A. Stüvel2020-06-121-12/+11
|
* Update CHANGELOG.mdSybren A. Stüvel2020-06-121-0/+6
|
* Updated CHANGELOGSybren A. Stüvel2020-06-121-1/+24
| | | | | Note that version 4.3 will not appear on the master branch, but is available in the version-4.3-py27compatible branch only.
* Limit SHA3 support to Python 3.6+Sybren A. Stüvel2020-06-111-0/+4
| | | | | | | The third-party library that adds support for this to Python 3.5 is a binary package, and thus breaks the pure-Python nature of Python-RSA. This should fix [#147](https://github.com/sybrenstuvel/python-rsa/issues/147).
* Moving back to Pipenv to manage dependenciesSybren A. Stüvel2020-06-111-0/+7
| | | | | | | | | | | | | Poetry breaks no-binary installations of the RSA library, which defeats the purpose of this library. See https://github.com/sybrenstuvel/python-rsa/issues/148 Among other changes, this reverts commit fcf5b7457c70426a242b17db20dd4e34e1055f69. I also added a workaround for an `ImportError` importing `zipp` on Python 3.5.
* Marked version 4.1 as releasedSybren A. Stüvel2020-06-101-1/+1
|
* Add support for Python 3.8Sybren A. Stüvel2020-06-101-0/+1
| | | | | | Supporting Python 3.8 not only required configuring Tox and Travis to run the tests on that version, but also required updating the dependencies. Without that update, `pluggy` wouldn't work properly.
* Fixed credit for reportSybren A. Stüvel2020-06-031-1/+1
|
* Fix CVE-2020-13757: detect cyphertext modifications by prepending zero bytesSybren A. Stüvel2020-06-031-0/+3
| | | | | | | | | | Reject cyphertexts that have been modified by prepending zero bytes, by checking the cyphertext length against the expected size (given the decryption key). This resolves CVE-2020-13757. The same approach is used when verifying a signature. Thanks Carnil for pointing this out on https://github.com/sybrenstuvel/python-rsa/issues/146
* Choose blinding factor relatively prime to NSybren A. Stüvel2020-04-141-0/+1
| | | | This is a requirement for RSA blinding, but wasn't implemented yet.
* Converted changelog from txt to MarkdownSybren A. Stüvel2019-08-041-0/+157
View Lorry Controller Status