Changelog for
python311-pycryptodomex-3.20.0-46.57.x86_64.rpm :
* Fri Jan 26 2024 Dirk Müller
- update to 3.20.0:
* Added support for TurboSHAKE128 and TurboSHAKE256.
* Added method Crypto.Hash.new() to generate a hash object given a hash name.
* Added support for AES-GCM encryption of PBES2 and PKCS#8 containers.
* Added support for SHA-2 and SHA-3 algorithms in PBKDF2 when creating PBES2 and PKCS#8 containers.
* Export of RSA keys accepts the prot_params dictionary as parameter to control the number of iterations for PBKDF2 and scrypt.
* C unit tests also run on non-x86 architectures.
* GH#787: Fixed autodetect logic for GCC 14 in combination with LTO.
* Sat Dec 30 2023 Dirk Müller - update to 3.19.1 (bsc#1218564, CVE-2023-52323)
* Fixed a side-channel leakage with OAEP decryption that could be exploited to carry out a Manger attack. Thanks to Hubert Kario.
* Mon Nov 27 2023 Dirk Müller - update to 3.19.0:
* The ``update()`` methods of TupleHash128 and TupleHash256 objects can now hash multiple items (byte strings) at once.
* Added support for ECDH, with ``Crypto.Protocol.DH``.
* GH#754: due to a bug in ``cffi``, do not use it on Windows with Python 3.12+.
* Tue Jun 27 2023 ecsos - Add %{?sle15_python_module_pythons}
* Thu Jun 01 2023 Dirk Müller - update to 3.18.0:
* Added support for DER BOOLEAN encodings.
* The library now compiles on Windows ARM64. Thanks to Niyas Sait.
* Resolved issues
* GH#722: ``nonce`` attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.
* GH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.
* GH#739: OID encoding for arc 2 didn\'t accept children larger than 39. Thanks to James.
* Correctly check that the scalar matches the point when importing an ECC private key.
* Mon Mar 27 2023 Dirk Müller - update to 3.17.0:
* Added support for the Counter Mode KDF defined in SP 800-108 Rev 1.
* Reduce the minimum tag length for the EAX cipher to 2 bytes.
* An RSA object has 4 new properties for the CRT coefficients: ``dp``, ``dq``, ``invq`` and ``invq`` (``invp`` is the same value as the existing ``u``).
* GH#526: improved typing for ``RSA.construct``.
* GH#534: reduced memory consumption when using a large number of cipher objects.
* GH#598: fixed missing error handling for ``Util.number.inverse``.
* GH#629: improved typing for ``AES.new`` and the various mode-specific types it returns. Thanks to Greg Werbin.
* GH#653: added workaround for an alleged GCC compiler bug that affected Ed25519 code compiled for AVX2.
* GH#658: attribute ``curve`` of an ECC key was not always the preferred curve name, as it used to be in v3.15.0 (independently of the curve name specified when generating the key).
* GH#637: fixed typing for legacy modules ``PKCS1_v1_5`` and ``PKCS1_PSS``, as their ``verify()`` returned a boolean.
* GH#664: with OCB mode, nonces of maximum length (15 bytes) were actually used as 14 bytes nonces. After this fix, data that was encrypted in past using the (default) nonce length of 15 bytes can still be decrypted by reducing the nonce to its first 14 bytes.
* GH#705: improved typing for ``nonce``, ``iv``, and ``IV`` parameters of cipher objects.
* Tue Dec 06 2022 Yogalakshmi Arunachalam - Update to 3.16.0 New features
* Build wheels for musl Linux. Thanks to Ben Raz. Resolved issues
* GH#639: ARC4 now also works with ‘keys’ as short as 8 bits.
* GH#669: fix segfaults when running in a manylinux2010 i686 image.
* Tue Jun 28 2022 Torsten Gruner - update to 3.15.0:
* Add support for curves Ed25519 and Ed448, including export and import of keys.
* Add support for EdDSA signatures.
* Add support for Asymmetric Key Packages (RFC5958) to import private keys.
* GH#620: for Crypto.Util.number.getPrime , do not sequentially scan numbers searching for a prime.
* Wed Mar 09 2022 pgajdosAATTsuse.com- do not use setup.py test construct https://trello.com/c/me9Z4sIv/121-setuppy-test-leftovers
* Tue Feb 15 2022 Dirk Müller - update to 3.14.1:
* GH#595: Fixed memory leak for GMP integers.
* Add support for curve NIST P-192.
* Add support for curve NIST P-224.
* GH#590: Fixed typing info for ``Crypto.PublicKey.ECC``.
* Relaxed ECDSA requirements for FIPS 186 signatures and accept any SHA-2 or
* SHA-3 hash. ``sign()`` and ``verify()`` will be performed even if the hash is stronger than the ECC key.
* Sat Dec 11 2021 Dirk Müller - update to 3.12.0:
* ECC keys in the SEC1 format can be exported and imported.
* Add support for KMAC128, KMAC256, TupleHash128, and TupleHash256 (NIST SP-800 185).
* Add support for KangarooTwelve.
* GH#563: An asymmetric key could not be imported as a ``memoryview``.
* GH#566: cSHAKE128/256 generated a wrong output for customization strings
* GH#582: CBC decryption generated the wrong plaintext when the input and the output were the same buffer.
* Sat Oct 16 2021 Dirk Müller - update to 3.11.0:
* GH#512: Especially for very small bit sizes, ``Crypto.Util.number.getPrime()`` was occasionally generating primes larger than given the bit size.
* GH#552: Correct typing annotations for ``PKCS115_Cipher.decrypt()``.
* GH#555: ``decrypt()`` method of a PKCS#1v1.5 cipher returned a ``bytearray`` instead of ``bytes``.
* GH#557: External DSA domain parameters were accepted even when the modulus (``p``) was not prime. This affected ``Crypto.PublicKey.DSA.generate()`` and ``Crypto.PublicKey.DSA.construct()``.
* Added cSHAKE128 and cSHAKE256 (of SHA-3 family).
* GH#558: The flag RTLD_DEEPBIND passed to ``dlopen()`` is not well supported by `address sanitizers `_. It is now possible to set the environment variable ``PYCRYPTDOME_DISABLE_DEEPBIND`` to drop that flag and allow security testing.
* Thu Apr 22 2021 Dirk Müller - update to 3.10.1:
* Python 3 wheels use ``abi3`` ABI tag.
* Remove Appveyor CI. 3.10.0 (6 February 2021) ++++++++++++++++++++++++ Resolved issues - --------------
* Fixed a potential memory leak when initializing block ciphers.
* GH#466: ``Crypto.Math.miller_rabin_test()`` was still using the system random source and not the one provided as parameter.
* GH#469: RSA objects have the method ``public_key()`` like ECC objects. The old method ``publickey()`` is still available for backward compatibility.
* GH#476: ``Crypto.Util.Padding.unpad()`` was raising an incorrect exception in case of zero-length inputs. Thanks to Captainowie.
* GH#491: better exception message when ``Counter.new()`` is called with an integer ``initial_value`` than doesn\'t fit into ``nbits`` bits.
* GH#496: added missing ``block_size`` member for ECB cipher objects. Thanks to willem.
* GH#500: ``nonce`` member of an XChaCha20 cipher object was not matching the original nonce. Thanks to Charles Machalow. Other changes - ------------
* The bulk of the test vectors have been moved to the separate package ``pycryptodome-test-vectors``. As result, packages ``pycryptodome`` and ``pycryptodomex`` become significantly smaller (from 14MB to 3MB).
* Moved CI tests and build service from Travis CI to GitHub Actions. Breaks in compatibility - ----------------------
* Drop support for Python 2.6 and 3.4.