FEDORA-2018-5dcf74cc38

enhancement update in Fedora 26 for python-pycryptodomex

Status: stable 3 months ago

3.5.0

New features

  • Import and export of ECC curves in compressed form.
  • The initial counter for a cipher in CTR mode can be a byte string (in addition to an integer).
  • Faster PBKDF2 for HMAC-based PRFs (at least 20x for short passwords, more for longer passwords). Thanks to Christian Heimes for pointing out the implementation was under-optimized.
  • The salt for PBKDF2 can be either a string or bytes (GH#67).
  • Ciphers and hash functions accept data as bytearray, not just binary strings.
  • The old SHA-1 and MD5 hash functions are available even when Python's own hashlib does not include them.

Fix Provides in python3 subpackage


PyCryptodome is a self-contained Python package of low-level cryptographic primitives.

PyCryptodome is a fork of PyCrypto. It brings the following enhancements with respect to the last official version of PyCrypto (2.6.1):

  • Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)
  • Accelerated AES on Intel platforms via AES-NI
  • Elliptic curves cryptography (NIST P-256 curve only)
  • Better and more compact API (nonce and iv attributes for ciphers, automatic generation of random nonces and IVs, simplified CTR cipher mode, and more)
  • SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms
  • Salsa20 and ChaCha20 stream ciphers
  • scrypt and HKDF
  • Deterministic (EC)DSA
  • Password-protected PKCS#8 key containers
  • Shamir's Secret Sharing scheme
  • Random numbers get sourced directly from the OS (and not from a CSPRNG in userspace)
  • Cleaner RSA and DSA key generation (largely based on FIPS 186-4)
  • Major clean ups and simplification of the code base

PyCryptodome is not a wrapper to a separate C library like OpenSSL. To the largest possible extent, algorithms are implemented in pure Python. Only the pieces that are extremely critical to performance (e.g. block ciphers) are implemented as C extensions.

Comments 7

This update has been submitted for testing by melmorabity.

This update has obsoleted python-pycryptodomex-3.4.12-3.fc26, and has inherited its bugs and notes.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by melmorabity.

This update has been submitted for stable by melmorabity.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines
#1552966 python-pycryptodomex-3.5.0x is available
#1552033 Review Request: python-pycryptodomex - A self-contained cryptographic library for Python
Is the update generally functional?
Content Type
RPM
Status
stable
Test Gating Status
Tests Passed
Submitted by
Update Type
enhancement
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 3 months ago
in testing 3 months ago
in stable 3 months ago

Related Bugs 2

00 #1552966 python-pycryptodomex-3.5.0x is available
00 #1552033 Review Request: python-pycryptodomex - A self-contained cryptographic library for Python

Automated Test Results

Test results and gating status may sometimes conflict as the gating status is retrieved periodically by Bodhi's backend server, while the test results presented here are retrieved upon page load. If your update is marked as gated while all the tests show green/passed, the next check of gating status should open the gate.