enhancement update in Fedora 26 for python-pycryptodomex

Status: testing 9 days ago


New features

  • Import and export of ECC curves in compressed form.
  • The initial counter for a cipher in CTR mode can be a byte string (in addition to an integer).
  • Faster PBKDF2 for HMAC-based PRFs (at least 20x for short passwords, more for longer passwords). Thanks to Christian Heimes for pointing out the implementation was under-optimized.
  • The salt for PBKDF2 can be either a string or bytes (GH#67).
  • Ciphers and hash functions accept data as bytearray, not just binary strings.
  • The old SHA-1 and MD5 hash functions are available even when Python's own hashlib does not include them.

Fix Provides in python3 subpackage

PyCryptodome is a self-contained Python package of low-level cryptographic primitives.

PyCryptodome is a fork of PyCrypto. It brings the following enhancements with respect to the last official version of PyCrypto (2.6.1):

  • Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)
  • Accelerated AES on Intel platforms via AES-NI
  • Elliptic curves cryptography (NIST P-256 curve only)
  • Better and more compact API (nonce and iv attributes for ciphers, automatic generation of random nonces and IVs, simplified CTR cipher mode, and more)
  • SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms
  • Salsa20 and ChaCha20 stream ciphers
  • scrypt and HKDF
  • Deterministic (EC)DSA
  • Password-protected PKCS#8 key containers
  • Shamir's Secret Sharing scheme
  • Random numbers get sourced directly from the OS (and not from a CSPRNG in userspace)
  • Cleaner RSA and DSA key generation (largely based on FIPS 186-4)
  • Major clean ups and simplification of the code base

PyCryptodome is not a wrapper to a separate C library like OpenSSL. To the largest possible extent, algorithms are implemented in pure Python. Only the pieces that are extremely critical to performance (e.g. block ciphers) are implemented as C extensions.

Comments 4

This update has been submitted for testing by melmorabity.

This update has obsoleted python-pycryptodomex-3.4.12-3.fc26, and has inherited its bugs and notes.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown.

-1 0 +1 Feedback Guidelines
#1552966 python-pycryptodomex-3.5.0x is available
#1552033 Review Request: python-pycryptodomex - A self-contained cryptographic library for Python
Is the update generally functional?
Content Type
Test Gating Status
Tests Passed
Submitted by
Update Type
stable threshold: 3
unstable threshold: -3
submitted 9 days ago
in testing 9 days ago

Related Bugs 2

00 #1552966 python-pycryptodomex-3.5.0x is available
00 #1552033 Review Request: python-pycryptodomex - A self-contained cryptographic library for Python

Automated Test Results