|
| 1 | +* Release 0.14 (06 Nov 2019) |
| 2 | + |
| 3 | +Bug fixes: |
| 4 | +Strict checking of DER requirements when parsing SEQUENCE, INTEGER, |
| 5 | +OBJECT IDENTIFIER and BITSTRING objects. |
| 6 | +DER parsers now consistently raise `UnexpectedDER` exception on malformed DER |
| 7 | +encoded byte strings. |
| 8 | +Make sure that both malformed and invalid signatures raise `BadSignatureError`. |
| 9 | +Ensure that all `SigningKey` and `VerifyingKey` methods that should accept |
| 10 | +bytes-like objects actually do accept them (also avoid copying input strings). |
| 11 | +Make `SigningKey.sign_digest_deterministic` use default object hashfunc when |
| 12 | +none was provided. |
| 13 | +`encode_integer` now works for large integers. |
| 14 | +Make `encode_oid` and `remove_object` correctly handle OBJECT IDENTIFIERs |
| 15 | +with large second subidentifier and padding in encoded subidentifiers. |
| 16 | + |
| 17 | +New features: |
| 18 | +Deterministic signature methods now accept `extra_entropy` parameter to further |
| 19 | +randomise the selection of `k` (the nonce) for signature, as specified in |
| 20 | +RFC6979. |
| 21 | +Recovery of public key from signature is now supported. |
| 22 | +Support for SEC1/X9.62 formatted keys, all three encodings are supported: |
| 23 | +"uncompressed", "compressed" and "hybrid". Both string, and PEM/DER will |
| 24 | +automatically accept them, if the size of the key matches the curve. |
| 25 | +Benchmarking application now provides performance numbers that are easier to |
| 26 | +compare against OpenSSL. |
| 27 | +Support for all Brainpool curves (non-twisted). |
| 28 | + |
| 29 | +New API: |
| 30 | +`CurveFp`: `__str__` is now supported. |
| 31 | +`SigningKey.sign_deterministic`, `SigningKey.sign_digest_deterministic` and |
| 32 | +`generate_k`: extra_entropy parameter was added |
| 33 | +`Signature.recover_public_keys` was added |
| 34 | +`VerifyingKey.from_public_key_recovery` and |
| 35 | +`VerifyingKey.from_public_key_recovery_with_digest` were added |
| 36 | +`VerifyingKey.to_string`: `encoding` parameter was added |
| 37 | +`VerifyingKey.to_der` and `SigningKey.to_der`: `point_encoding` parameter was |
| 38 | +added. |
| 39 | +`encode_bitstring`: `unused` parameter was added |
| 40 | +`remove_bitstring`: `expect_unused` parameter was added |
| 41 | +`SECP256k1` is now part of `curves` `*` import |
| 42 | +`Curves`: `__repr__` is now supported |
| 43 | +`VerifyingKey`: `__repr__` is now supported |
| 44 | + |
| 45 | +Deprecations: |
| 46 | +Python 2.5 is not supported any more - dead code removal. |
| 47 | +`from keys import *` will now import only objects defined in that module. |
| 48 | +Trying to decode a malformed point using `VerifyingKey.from_string` |
| 49 | +will rise now the `MalformedPointError` exception (that inherits from |
| 50 | +`AssertionError` but is not it). |
| 51 | +Multiple functions in `numbertheory` are considered deprecated: `phi`, |
| 52 | +`carmichael`, `carmichael_of_factorized`, `carmichael_of_ppower`, |
| 53 | +`order_mod`, `largest_factor_relatively_prime`, `kinda_order_mod`. They will |
| 54 | +now emit `DeprecationWarning` when used. Run the application or test suite |
| 55 | +with `-Wd` option or with `PYTHONWARNINGS=default` environment variable to |
| 56 | +verify if those methods are not used. They will be removed completely in a |
| 57 | +future release. |
| 58 | +`encode_bitstring` and `decode_bitstring` expect the number of unused |
| 59 | +bits to be passed as an argument now. They will emit `DeprecationWarning` |
| 60 | +if they are used in the deprecated way. |
| 61 | +modular_exp: will emit `DeprecationWarning` |
| 62 | + |
| 63 | +Hardening: |
| 64 | +Deterministic signatures now verify that the signature won't leak private |
| 65 | +key through very unlikely selection of `k` value (the nonce). |
| 66 | +Nonce bit size hiding was added (hardening against Minerva attack). Please |
| 67 | +note that it DOES NOT make library secure against side channel attacks (timing |
| 68 | +attacks). |
| 69 | + |
| 70 | +Performance: |
| 71 | +The public key in key generation is not verified twice now, making key |
| 72 | +generation and private key reading about 33% faster. |
| 73 | +Microoptimisation to `inverse_mod` function, increasing performance by about |
| 74 | +40% for all operations. |
| 75 | + |
| 76 | +Maintenance: |
| 77 | +Extended test coverage to newer python versions. |
| 78 | +Fixes to examples in README.md: correct commands, more correct code (now works |
| 79 | +on Python 3). |
| 80 | +Stopped bundling `six` |
| 81 | +Moved sources into `src` subdirectory |
| 82 | +Made benchmarking script standalone (runnable either with `tox -e speed`, or |
| 83 | +after installation, with `python speed.py`) |
| 84 | +Now test coverage reported to coveralls is branch coverage, not line coverage |
| 85 | +Autodetection of curves supported by OpenSSL (test suite compatibility with |
| 86 | +Fedora OpenSSL package). |
| 87 | +More readable error messages (exceptions) in `der` module. |
| 88 | +Documentation to `VerifyingKey`, `SigningKey` and signature encoder/decoder |
| 89 | +functions added. |
| 90 | +Added measuring and verifying condition coverage to Continuous Integration. |
| 91 | +Big clean-up of the test suite, use pytest parametrisation and hypothesis |
| 92 | +for better test coverage and more precise failure reporting. |
| 93 | +Use platform-provided `math.gcd`, when provided. |
| 94 | + |
1 | 95 | * Release 0.13.3 (07 Oct 2019) |
2 | 96 |
|
3 | 97 | Fix CVE-2019-14853 - possible DoS caused by malformed signature decoding and |
|
0 commit comments