enhancement update in Fedora 26 for python-pycryptodomex

Status: stable 9 months ago


New features

  • Import and export of ECC curves in compressed form.
  • The initial counter for a cipher in CTR mode can be a byte string (in addition to an integer).
  • Faster PBKDF2 for HMAC-based PRFs (at least 20x for short passwords, more for longer passwords). Thanks to Christian Heimes for pointing out the implementation was under-optimized.
  • The salt for PBKDF2 can be either a string or bytes (GH#67).
  • Ciphers and hash functions accept data as bytearray, not just binary strings.
  • The old SHA-1 and MD5 hash functions are available even when Python's own hashlib does not include them.

Fix Provides in python3 subpackage

PyCryptodome is a self-contained Python package of low-level cryptographic primitives.

PyCryptodome is a fork of PyCrypto. It brings the following enhancements with respect to the last official version of PyCrypto (2.6.1):

  • Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)
  • Accelerated AES on Intel platforms via AES-NI
  • Elliptic curves cryptography (NIST P-256 curve only)
  • Better and more compact API (nonce and iv attributes for ciphers, automatic generation of random nonces and IVs, simplified CTR cipher mode, and more)
  • SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms
  • Salsa20 and ChaCha20 stream ciphers
  • scrypt and HKDF
  • Deterministic (EC)DSA
  • Password-protected PKCS#8 key containers
  • Shamir's Secret Sharing scheme
  • Random numbers get sourced directly from the OS (and not from a CSPRNG in userspace)
  • Cleaner RSA and DSA key generation (largely based on FIPS 186-4)
  • Major clean ups and simplification of the code base

PyCryptodome is not a wrapper to a separate C library like OpenSSL. To the largest possible extent, algorithms are implemented in pure Python. Only the pieces that are extremely critical to performance (e.g. block ciphers) are implemented as C extensions.

Comments 7

This update has been submitted for testing by melmorabity.

This update has obsoleted python-pycryptodomex-3.4.12-3.fc26, and has inherited its bugs and notes.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by melmorabity.

This update has been submitted for stable by melmorabity.

This update has been pushed to stable.

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1552033 Review Request: python-pycryptodomex - A self-contained cryptographic library for Python
#1552966 python-pycryptodomex-3.5.0x is available
Content Type
Test Gating
Submitted by
Update Type
Update Severity
stable threshold: 3
unstable threshold: -3
submitted 9 months ago
in testing 9 months ago
in stable 9 months ago

Related Bugs 2

00 #1552033 Review Request: python-pycryptodomex - A self-contained cryptographic library for Python
00 #1552966 python-pycryptodomex-3.5.0x is available

Automated Test Results