PyCrypto Changelog
What's new in PyCrypto 2.7 Alpha 1
Oct 24, 2013- Experimental releaseThis introduces a new API for AEAD modes, and
- makes a few other minor API changesThese APIs should be considered
- experimental, and may be changed before the final release
- New API for authenticated encryption with associated data (AEAD):
- New block cipher modes:
- MODE_CCM
- MODE_EAX
- MODE_GCM
- MODE_SIV
- New methods:
- encrypt_and_digest()
- decrypt_and_verify()
- digest()
- verify()
- New MAC algorithm:
- CryptoCipherCMAC
- New verify() and hexverify() methods also added to Hash and
- HMAC/CMAC objects, providing constant-time hash comparison
- (Thanks: Legrandin, Lucas Garron)
- LP#1132550: Fix MODE_OPENPGP not accepting uppercase 'IV' kwarg
- LP#1119552: Fix PKCS#1v15 not accepting signatures without the
- optional NULL parameter
- Add support for import/export of DSA keys(Thanks: Legrandin)
- Add support for PKCS#8-encrypted private keys(Thanks: Legrandin)
- LP#996193: Fix MODE_OFB requiring padding (it now behaves as a stream
- cipher)
- Improve C extension autodocs
- Remove pointless 'error' attribute from stream ciphers
- Deprecate the disable_shortcut option to CryptoUtilCounter;
- Remove __PCT_CTR_SHORTCUT__ entirely
- Fix small MODE_CTR memory leak under Python 3
- Fix error importing winrandom on Python 3(Thanks: Jason R Coombs)
- FortunaAccumulator: Use timemonotonic for rate-limiting if available
- (ie Python 33 and later)
- AES-NI support (Thanks: Sebastian Ramacher)
- setuppy: Fix compilation on HP-UX 1131(Thanks: Adam Woodbeck)
- ElGamal: Add blinding to ElGamal decryption (Thanks: Legrandin)
- Hash: Remove pure-Python wrappers (speeds up hash init 4x-7x)
- Hash: Add generic CryptoHashnew(algo, [data]) function
- (like hashlibnew)
- Hash: Remove 'oid' attributes; Add 'name' attributes for compatibility
- with hashlib
- Hash: Rename SHA -> SHA1 and RIPEMD -> RIPEMD160, since the original
- names are frequently used as the names of other algorithms
- setuppy: Use autoconf to generate compiler options;
- Fix OpenBSD build issues
- Fix RSA object serialization (ie pickle)
- LP#1061217: randomshuffle takes O(n^2) time
- (Thanks: Sujay Jayakar, Andrew Cooke)
- _fastmath: Fix leaks when errors occur
- (Thanks: Sebastian Ramacher, Andreas Stührk)
- SHA256/224/384/512: Don't export symbol 'add_length'
- setuppy: Use oschmod instead of ossystem("chmod ")
- (Thanks: Sebastian Ramacher)
- setuppy: The 'test' command now runs the 'build' command first
- (Thanks: Sebastian Ramacher)
- New tools/create-pythonssh and tools/test-allsh scripts for testing
- against multiple versions of Python
- getStrongProne: Fix error handling (Thanks: Sebastian Ramacher)
- ARC4: Add ARC4-drop[n] cipher support (Thanks: Legrandin)
- RSAimportKey: Properly catch IndexError (Thanks: Sebastian Ramacher)
- RSAexportKey: Raise ValueError as documented when key format is
- unknown (Thanks: Sebastian Ramacher)
- RSAexportKey: Always return bytes (Thanks: Sebastian Ramacher)
- Fix & re-enable some broken tests (Thanks: Sebastian Ramacher)
- Improve Python 3 compatibility
- Various documentation fixes and improvements
- (Thanks: Anton Rieder, Legrandin, Sebastian Ramacher, Stefano Rivera)
- Various cleanups, especially for Python 3
New in PyCrypto 2.6.1 (Oct 21, 2013)
- [CVE-2013-1445] Fix PRNG not correctly reseeded in some situations.
- This release fixes the problem by resetting the rate-limiter when
- Crypto.Random.atfork() is invoked. It also adds some tests and a
- few related comments.
New in PyCrypto 2.3 (Aug 27, 2010)
- Fix NameError when attempting to use deprecated getRandomNumber()
- function.
- Slowmath: Compute RSA u parameter when it's not given to RSA.construct. This makes _slowmath behave the same as _fastmath in this regard.
- Make RSA.generate raise a more user-friendly exception message when the user tries to generate a bogus-length key.