[Python-modules-commits] [pycryptodome] 01/10: Import pycryptodome_3.4.7.orig.tar.gz
Christopher Stuart Hoskin
mans0954 at moszumanska.debian.org
Sat Nov 4 09:51:28 UTC 2017
This is an automated email from the git hooks/post-receive script.
mans0954 pushed a commit to branch master
in repository pycryptodome.
commit d14794536e3f86e5740f8cdb584d15d8a07ad0d7
Author: Christopher Hoskin <mans0954 at debian.org>
Date: Sat Nov 4 06:49:36 2017 +0000
Import pycryptodome_3.4.7.orig.tar.gz
---
Changelog.rst | 30 +-
Doc/Makefile | 2 +-
Doc/conf.py | 32 +-
Doc/epydoc-config | 24 --
Doc/index.rst | 3 +-
Doc/src/api.rst | 51 ++-
Doc/src/public_key.rst | 4 +
Doc/src/vs_pycrypto.rst | 65 ++++
FuturePlans.rst | 2 +-
INSTALL.rst | 68 ++++
PKG-INFO | 2 +-
lib/Crypto/Cipher/AES.py | 229 +++++--------
lib/Crypto/Cipher/ARC2.py | 148 +++-----
lib/Crypto/Cipher/ARC4.py | 85 ++---
lib/Crypto/Cipher/Blowfish.py | 134 +++-----
lib/Crypto/Cipher/CAST.py | 143 +++-----
lib/Crypto/Cipher/ChaCha20.py | 65 ++--
lib/Crypto/Cipher/DES.py | 133 +++-----
lib/Crypto/Cipher/DES3.py | 174 ++++------
lib/Crypto/Cipher/PKCS1_OAEP.py | 132 +++----
lib/Crypto/Cipher/PKCS1_v1_5.py | 123 +++----
lib/Crypto/Cipher/Salsa20.py | 68 ++--
lib/Crypto/Cipher/__init__.py | 75 ----
lib/Crypto/Cipher/_errors.py | 0
lib/Crypto/Hash/BLAKE2b.py | 157 ++++-----
lib/Crypto/Hash/BLAKE2s.py | 157 ++++-----
lib/Crypto/Hash/CMAC.py | 185 ++++------
lib/Crypto/Hash/HMAC.py | 183 ++++------
lib/Crypto/Hash/MD2.py | 91 ++---
lib/Crypto/Hash/MD5.py | 21 +-
lib/Crypto/Hash/RIPEMD160.py | 97 +++---
lib/Crypto/Hash/SHA1.py | 23 +-
lib/Crypto/Hash/SHA224.py | 86 ++---
lib/Crypto/Hash/SHA256.py | 86 ++---
lib/Crypto/Hash/SHA384.py | 86 ++---
lib/Crypto/Hash/SHA3_224.py | 86 ++---
lib/Crypto/Hash/SHA3_256.py | 86 ++---
lib/Crypto/Hash/SHA3_384.py | 86 ++---
lib/Crypto/Hash/SHA3_512.py | 87 ++---
lib/Crypto/Hash/SHA512.py | 86 ++---
lib/Crypto/Hash/SHAKE128.py | 71 ++--
lib/Crypto/Hash/SHAKE256.py | 71 ++--
lib/Crypto/Hash/__init__.py | 26 --
lib/Crypto/Hash/keccak.py | 91 ++---
lib/Crypto/IO/PEM.py | 41 +--
lib/Crypto/IO/PKCS8.py | 82 ++---
lib/Crypto/IO/__init__.py | 13 -
lib/Crypto/Protocol/KDF.py | 134 ++++----
lib/Crypto/Protocol/SecretSharing.py | 117 +++----
lib/Crypto/Protocol/__init__.py | 12 -
lib/Crypto/PublicKey/DSA.py | 244 ++++++-------
lib/Crypto/PublicKey/ECC.py | 173 +++++-----
lib/Crypto/PublicKey/ElGamal.py | 171 +++-------
lib/Crypto/PublicKey/RSA.py | 234 ++++++-------
lib/Crypto/PublicKey/__init__.py | 8 -
lib/Crypto/Random/random.py | 5 +-
lib/Crypto/SelfTest/Hash/common.py | 10 -
lib/Crypto/SelfTest/PublicKey/test_import_DSA.py | 4 +-
lib/Crypto/SelfTest/PublicKey/test_import_RSA.py | 4 +-
lib/Crypto/Signature/DSS.py | 152 ++++-----
lib/Crypto/Signature/pkcs1_15.py | 109 ++----
lib/Crypto/Signature/pss.py | 166 ++++-----
lib/Crypto/Util/Counter.py | 62 +---
lib/Crypto/Util/Padding.py | 42 ++-
lib/Crypto/Util/RFC1751.py | 37 +-
lib/Crypto/Util/_raw_api.py | 35 +-
lib/Crypto/Util/asn1.py | 138 ++++----
lib/Crypto/Util/number.py | 209 ++++++------
lib/Crypto/Util/strxor.py | 18 +-
lib/Crypto/__init__.py | 45 +--
PKG-INFO => pycryptodome.egg-info/PKG-INFO | 2 +-
pycryptodome.egg-info/SOURCES.txt | 417 +++++++++++++++++++++++
pycryptodome.egg-info/dependency_links.txt | 1 +
pycryptodome.egg-info/top_level.txt | 1 +
setup.cfg | 1 -
75 files changed, 2803 insertions(+), 3538 deletions(-)
diff --git a/Changelog.rst b/Changelog.rst
index 4a3317b..e46fe28 100644
--- a/Changelog.rst
+++ b/Changelog.rst
@@ -1,6 +1,20 @@
Changelog
=========
+3.4.7 (xx xxx 2017)
++++++++++++++++++++++++
+
+New features
+------------
+
+* API documentation is made with sphinx instead of epydoc.
+* Start using ``importlib`` instead of ``imp``` where available.
+
+Resolved issues
+---------------
+
+* GH#82. Fixed PEM header for RSA/DSA public keys.
+
3.4.6 (18 May 2017)
+++++++++++++++++++++++
@@ -40,7 +54,7 @@ Resolved issues
* Fixed a warning about type mismatch raised by recent versions of cffi
3.4.2 (8 March 2016)
-+++++++++++++++++++
+++++++++++++++++++++
Resolved issues
@@ -50,7 +64,7 @@ Resolved issues
3.4.1 (21 February 2016)
-+++++++++++++++++++
+++++++++++++++++++++++++
New features
------------
@@ -59,7 +73,7 @@ New features
(instead of ``Crypto``).
3.4 (7 February 2016)
-+++++++++++++++++++
++++++++++++++++++++++
New features
------------
@@ -112,7 +126,7 @@ Breaks in compatibility
* Removed attribute ``Crypto.PublicKey.RSA.algorithmIdentifier``.
3.3.1 (1 November 2015)
-+++++++++++++++++++
++++++++++++++++++++++++
New features
------------
@@ -120,7 +134,7 @@ New features
* Opt-in for ``update()`` after ``digest()`` for SHA-3, keccak, BLAKE2 hashes
Resolved issues
-------------
+---------------
* Removed unused SHA-3 and keccak test vectors, therefore significantly reducing
the package from 13MB to 3MB.
@@ -132,7 +146,7 @@ Breaks in compatibility
* Removed ability to ``update()`` a BLAKE2 hash after the first call to ``(hex)digest()``
3.3 (29 October 2015)
-+++++++++++++++++++
++++++++++++++++++++++
New features
------------
@@ -156,7 +170,7 @@ Breaks in compatibility
* Removed ability to ``update()`` a SHA-3 hash after the first call to ``(hex)digest()``
3.2.1 (9 September 2015)
-+++++++++++++++++++
+++++++++++++++++++++++++
New features
------------
@@ -164,7 +178,7 @@ New features
* Windows wheels are automatically built on Appveyor
3.2 (6 September 2015)
-+++++++++++++++++++
+++++++++++++++++++++++
New features
------------
diff --git a/Doc/Makefile b/Doc/Makefile
index e1951d3..8d6f326 100644
--- a/Doc/Makefile
+++ b/Doc/Makefile
@@ -3,7 +3,7 @@
# You can set these variables from the command line.
SPHINXOPTS =
-SPHINXBUILD = sphinx-build
+SPHINXBUILD = python -m sphinx
PAPER =
BUILDDIR = _build
diff --git a/Doc/conf.py b/Doc/conf.py
index 7b26049..b4b50b7 100644
--- a/Doc/conf.py
+++ b/Doc/conf.py
@@ -13,10 +13,18 @@
import sys, os
-# If extensions (or modules to document with autodoc) are in another directory,
-# add these directories to sys.path here. If the directory is relative to the
-# documentation root, use os.path.abspath to make it absolute, like shown here.
-#sys.path.insert(0, os.path.abspath('.'))
+# Modules to document with autodoc are in another directory
+sys.path.insert(0, os.path.abspath('../lib'))
+print sys.path
+
+# Mock existance of native modules
+from Crypto.Util import _raw_api
+
+class MockLib(object):
+ def have_aes_ni(self):
+ return True
+
+_raw_api.load_pycryptodome_raw_lib = lambda name, cdec: MockLib()
# -- General configuration -----------------------------------------------------
@@ -25,7 +33,8 @@ import sys, os
# Add any Sphinx extension module names here, as strings. They can be extensions
# coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
-extensions = ['sphinx.ext.pngmath', 'sphinx.ext.mathjax']
+extensions = [ 'sphinx.ext.autodoc', 'sphinx.ext.napoleon',
+ 'sphinx.ext.mathjax' ]
# Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates']
@@ -41,7 +50,7 @@ master_doc = 'index'
# General information about the project.
project = u'PyCryptodome'
-copyright = u'2015, Legrandin'
+copyright = u'2017, Helder Eijs'
# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
@@ -97,15 +106,13 @@ pygments_style = 'sphinx'
# The theme to use for HTML and HTML Help pages. See the documentation for
# a list of builtin themes.
-html_theme = 'alabaster'
+html_theme = 'sphinx_rtd_theme'
# Theme options are theme-specific and customize the look and feel of a theme
# further. For a list of options available for each theme, see the
# documentation.
html_theme_options = {
- "github_user" : "Legrandin",
- "github_repo" : "pycryptodome",
- "github_banner" : "true",
+ 'navigation_depth' : 5,
}
# Add any paths that contain custom themes here, relative to this directory.
@@ -132,6 +139,11 @@ html_theme_path = [ "." ]
# so a file named "default.css" will overwrite the builtin "default.css".
html_static_path = ['_static']
+# Ensure that text wrapping works in a table, by overring some CSS.
+# See https://github.com/rtfd/sphinx_rtd_theme/issues/117
+def setup(app):
+ app.add_stylesheet('theme_overrides.css')
+
# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
# using the given strftime format.
#html_last_updated_fmt = '%b %d, %Y'
diff --git a/Doc/epydoc-config b/Doc/epydoc-config
deleted file mode 100644
index 74c64c6..0000000
--- a/Doc/epydoc-config
+++ /dev/null
@@ -1,24 +0,0 @@
-# epydoc configuration file for PyCryptodome.
-# See http://epydoc.sourceforge.net/configfile.html for sample configuration.
-
-[epydoc]
-modules: Crypto
-docformat: restructuredtext
-output: html
-target: Doc/apidoc/
-sourcecode: no
-frames: no
-
-# Do not include private variables
-private: no
-
-# Include the complete set of inherited methods, but grouped in a special
-# section
-inheritance: grouped
-
-name: PyCryptodome API Documentation
-url: http://www.pycryptodome.org/
-
-link: <a href="http://www.pycryptodome.org/">PyCryptodome.org</a>
-
-exclude: ^Crypto\.SelfTest
diff --git a/Doc/index.rst b/Doc/index.rst
index a9825b4..3615edb 100644
--- a/Doc/index.rst
+++ b/Doc/index.rst
@@ -2,11 +2,12 @@ Welcome to PyCryptodome's documentation
=======================================
.. toctree::
- :maxdepth: 2
+ :maxdepth: 3
src/introduction
src/features
src/installation
+ src/vs_pycrypto
src/api
src/examples
src/contribute_support
diff --git a/Doc/src/api.rst b/Doc/src/api.rst
index 56f254b..b889b34 100644
--- a/Doc/src/api.rst
+++ b/Doc/src/api.rst
@@ -1,5 +1,52 @@
API documentation
-----------------
-The API can be found `here <http://legrandin.github.com/pycryptodome>`_.
-Soon it will be moved on these pages.
+.. toctree::
+ :hidden:
+
+ cipher/cipher
+ signature/signature
+ hash/hash
+ public_key/public_key
+ protocol/protocol
+ io/io
+ random/random
+ util/util
+
+All cryptographic functionalities are organized in sub-packages;
+each sub-package is dedicated to solving a specific class of problems.
+
+.. csv-table::
+ :header: Package, Description
+ :widths: 20, 80
+
+ :doc:`Crypto.Cipher <cipher/cipher>`, "Modules for protecting **confidentiality**
+ that is, for encrypting and decrypting data (example: AES)."
+ :doc:`Crypto.Signature <signature/signature>`, "Modules for assuring **authenticity**,
+ that is, for creating and verifying digital signatures of messages
+ (example: PKCS#1 v1.5)."
+ :doc:`Crypto.Hash <hash/hash>`, "Modules for creating cryptographic **digests**
+ (example: SHA-256)."
+ :doc:`Crypto.PublicKey <public_key/public_key>`, "Modules for generating, exporting or importing
+ *public keys* (example: RSA or ECC)."
+ :doc:`Crypto.Protocol <protocol/protocol>`, "Modules for faciliting secure communications
+ between parties, in most cases by leveraging cryptograpic primitives
+ from other modules (example: Shamir's Secret Sharing scheme)."
+ :doc:`Crypto.IO <io/io>`, "Modules for dealing with encodings commonly used
+ for cryptographic data (example: PEM)."
+ :doc:`Crypto.Random <random/random>`, "Modules for generating random data."
+ :doc:`Crypto.Util <util/util>`, "General purpose routines (example: XOR for byte
+ strings)."
+
+In certain cases, there is some overlap between these categories.
+For instance, **authenticity** is also provided by *Message Authentication Codes*,
+and some can be built using digests, so they are included in the ``Crypto.Hash``
+package (example: HMAC).
+Also, cryptographers have over time realized that encryption without
+**authentication** is often of limited value so recent ciphers found in the
+``Crypto.Cipher`` package embed it (example: GCM).
+
+*PyCryptodome* strives to maintain strong backward compatibility with the old
+*PyCrypto*'s API (except for those few cases where that is harmful to security)
+so a few modules don't appear where they should (example: the ASN.1 module
+is under ``Crypto.Util`` as opposed to ``Crypto.IO``).
diff --git a/Doc/src/public_key.rst b/Doc/src/public_key.rst
new file mode 100644
index 0000000..145af33
--- /dev/null
+++ b/Doc/src/public_key.rst
@@ -0,0 +1,4 @@
+`Crypto.PublicKey` package
+==========================
+
+Hello
diff --git a/Doc/src/vs_pycrypto.rst b/Doc/src/vs_pycrypto.rst
new file mode 100644
index 0000000..773e762
--- /dev/null
+++ b/Doc/src/vs_pycrypto.rst
@@ -0,0 +1,65 @@
+Compatibility with PyCrypto
+===========================
+
+PyCryptodome exposes *almost* the same API as the old `PyCrypto <https://www.dlitz.net/software/pycrypto>`_
+so that *most* applications will run unmodified.
+However, a very few breaks in compatibility had to be introduced
+for those parts of the API that represented a security hazard or that
+were too hard to maintain.
+
+Specifically, for public key cryptography:
+
+* The following methods from public key objects (RSA, DSA, ElGamal) have been
+ removed:
+
+ - :meth:`sign`
+ - :meth:`verify`
+ - :meth:`encrypt`
+ - :meth:`decrypt`
+ - :meth:`blind`
+ - :meth:`unblind`
+
+ Applications should be updated to use instead:
+
+ - :mod:`Crypto.Cipher.PKCS1_OAEP` for encrypting using RSA.
+ - :mod:`Crypto.Signature.pkcs1_15` or :mod:`Crypto.Signature.pss` for signing using RSA.
+ - :mod:`Crypto.Signature.DSS` for signing using DSA.
+* Method: :meth:`generate` for public key modules does not accept the ``progress_func`` parameter anymore.
+* Ambiguous method ``size`` from RSA, DSA and ElGamal key objects have bene removed.
+ Instead, use methods :meth:`size_in_bytes` and :meth:`size_in_bits` and check the documentation.
+* The 3 public key object types (RSA, DSA, ElGamal) are now unpickable.
+ You must use the :meth:`exportKey` method of each key object and select a good output format: for private
+ keys that means a good password-based encryption scheme.
+* Removed attribute ``Crypto.PublicKey.RSA.algorithmIdentifier``.
+* Removed ``Crypto.PublicKey.RSA.RSAImplementation`` (which should have been private in the first place).
+ Same for ``Crypto.PublicKey.DSA.DSAImplementation``.
+
+For symmetric key cryptography:
+
+* Symmetric ciphers do not have ECB as default mode anymore. ECB is not semantically secure
+ and it exposes correlation across blocks.
+ An expression like ``AES.new(key)`` will now fail. If ECB is the desired mode,
+ one has to explicitly use ``AES.new(key, AES.MODE_ECB)``.
+* :mod:`Crypto.Cipher.DES3` does not allow keys that degenerate to Single DES.
+* Parameter :data:`segment_size` cannot be 0 for the CFB mode.
+* Parameters ``disabled_shortcut`` and ``overflow`` cannot be passed anymore to :mod:`Crypto.Util.Counter.new`.
+ Parameter :data:`allow_wraparound` is ignored (counter block wraparound will **always** be checked).
+* The :data:`counter` parameter of a CTR mode cipher must be generated via
+ :mod:`Crypto.Util.Counter`. It cannot be a generic callable anymore.
+* Keys for :mod:`Crypto.Cipher.ARC2`, :mod:`Crypto.Cipher.ARC4` and :mod:`Crypto.Cipher.Blowfish` must be at least 40 bits long (still very weak).
+
+The following packages, modules and functions have been removed:
+
+ - ``Crypto.Random.OSRNG``, ``Crypto.Util.winrandom`` and ``Crypto.Random.randpool``.
+ You should use :mod:`Crypto.Random` only.
+ - ``Crypto.Cipher.XOR``. If you just want to XOR data, use :mod:`Crypto.Util.strxor`.
+ - ``Crypto.Hash.new``. Use :func:`Crypto.Hash.<algorithm>.new` instead.
+ - ``Crypto.Protocol.AllOrNothing``
+ - ``Crypto.Protocol.Chaffing``
+ - ``Crypto.Util.number.getRandomNumber``
+ - ``Crypto.pct_warnings``
+
+Others:
+
+* Support for any Python version older than 2.4 is dropped.
+ For Python 2.4 only, a dependency on the ``ctypes`` package is introduced.
diff --git a/FuturePlans.rst b/FuturePlans.rst
index e24ab77..d03c4b5 100644
--- a/FuturePlans.rst
+++ b/FuturePlans.rst
@@ -1,10 +1,10 @@
Future releases will include:
+- Update `Crypto.Signature.DSS` to FIPS 186-4
- Make all hash objects non-copiable and immutable after the first digest
- Add alias 'segment_bits' to parameter 'segment_size' for CFB
- Coverage testing
- Add support for memoryview/buffer interface
-- Move API documentation from epydoc to sphinx
- Implement AES with bitslicing
- Add unit tests for PEM I/O
- Move old ciphers into a Museum submodule
diff --git a/INSTALL.rst b/INSTALL.rst
index e49507a..8298d7c 100644
--- a/INSTALL.rst
+++ b/INSTALL.rst
@@ -247,6 +247,74 @@ components freely made available by Microsoft.
> pip install pycryptodomex --no-use-wheel
+Documentation
+~~~~~~~~~~~~~
+
+Project documentation is written in reStructuredText and it is stored under ``Doc/src``.
+To publish it as HTML files, you need to install `sphinx <http://www.sphinx-doc.org/en/stable/>` and
+use::
+
+ > make -C Doc/ html
+
+It will then be available under ``Doc/_build/html/``.
+
+PGP verification
+~~~~~~~~~~~~~~~~
+
+All source packages and wheels on PyPI are cryptographically signed.
+They can be verified with the following PGP key::
+
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
+
+ mQINBFTXjPgBEADc3j7vnma9MXRshBPPXXenVpthQD6lrF/3XaBT2RptSf/viOD+
+ tz85du5XVp+r0SYYGeMNJCQ9NsztxblN/lnKgkfWRmSrB+V6QGS+e3bR5d9OIxzN
+ 7haPxBnyRj//hCT/kKis6fa7N9wtwKBBjbaSX+9vpt7Rrt203sKfcChA4iR3EG89
+ TNQoc/kGGmwk/gyjfU38726v0NOhMKJp2154iQQVZ76hTDk6GkOYHTcPxdkAj4jS
+ Dd74M9sOtoOlyDLHOLcWNnlWGgZjtz0z0qSyFXRSuOfggTxrepWQgKWXXzgVB4Jo
+ 0bhmXPAV8vkX5BoG6zGkYb47NGGvknax6jCvFYTCp1sOmVtf5UTVKPplFm077tQg
+ 0KZNAvEQrdWRIiQ1cCGCoF2Alex3VmVdefHOhNmyY7xAlzpP0c8z1DsgZgMnytNn
+ GPusWeqQVijRxenl+lyhbkb9ZLDq7mOkCRXSze9J2+5aLTJbJu3+Wx6BEyNIHP/f
+ K3E77nXvC0oKaYTbTwEQSBAggAXP+7oQaA0ea2SLO176xJdNfC5lkQEtMMSZI4gN
+ iSqjUxXW2N5qEHHex1atmTtk4W9tQEw030a0UCxzDJMhD0aWFKq7wOxoCQ1q821R
+ vxBH4cfGWdL/1FUcuCMSUlc6fhTM9pvMXgjdEXcoiLSTdaHuVLuqmF/E0wARAQAB
+ tB9MZWdyYW5kaW4gPGhlbGRlcmlqc0BnbWFpbC5jb20+iQI4BBMBAgAiBQJU14z4
+ AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDabO+N4RaZEn7IEACpApha
+ vRwPB+Dv87aEyVmjZ96Nb3mxHdeP2uSmUxAODzoB5oJJ1QL6HRxEVlU8idjdf73H
+ DX39ZC7izD+oYIve9sNwTbKqJCZaTxlTDdgSF1N57eJOlELAy+SqpHtaMJPk7SfJ
+ l/iYoUYxByPLZU1wDwZEDNzt9RCGy3bd/vF/AxWjdUJJPh3E4j5hswvIGSf8/Tp3
+ MDROU1BaNBOd0CLvBHok8/xavwO6Dk/fE4hJhd5uZcEPtd1GJcPq51z2yr7PGUcb
+ oERsKZyG8cgfd7j8qoTd6jMIW6fBVHdxiMxW6/Z45X/vVciQSzzEl/yjPUW42kyr
+ Ib6M16YmnDzp8bl4NNFvvR9uWvOdUkep2Bi8s8kBMJ7G9rHHJcdVy/tP1ECS9Bse
+ hN4v5oJJ4v5mM/MiWRGKykZULWklonpiq6CewYkmXQDMRnjGXhjCWrB6LuSIkIXd
+ gKvDNpJ8yEhAfmpvA4I3laMoof/tSZ7ZuyLSZGLKl6hoNIB13HCn4dnjNBeaXCWX
+ pThgeOWxV6u1fhz4CeC1Hc8WOYr8S7G8P10Ji6owOcj/a1QuCW8XDB2omCTXlhFj
+ zpC9dX8HgmUVnbPNiMjphihbKXoOcunRx4ZvqIa8mnTbI4tHtR0K0tI4MmbpcVOZ
+ 8IFJ0nZJXuZiL57ijLREisPYmHfBHAgmh1j/W7kCDQRU14z4ARAA3QATRgvOSYFh
+ nJOnIz6PO3G9kXWjJ8wvp3yE1/PwwTc3NbVUSNCW14xgM2Ryhn9NVh8iEGtPGmUP
+ 4vu7rvuLC2rBs1joBTyqf0mDghlZrb5ZjXv5LcG9SA6FdAXRU6T+b1G2ychKkhEh
+ d/ulLw/TKLds9zHhE+hkAagLQ5jqjcQN0iX5EYaOukiPUGmnd9fOEGi9YMYtRdrH
+ +3bZxUpsRStLBWJ6auY7Bla8NJOhaWpr5p/ls+mnDWoqf+tXCCps1Da/pfHKYDFc
+ 2VVdyM/VfNny9eaczYpnj5hvIAACWChgGDBwxPh2DGdUfiQi/QqrK96+F7ulqz6V
+ 2exX4CL0cPv5fUpQqSU/0R5WApM9bl2+wljFhoCXlydU9HNn+0GatGzEoo3yrV/m
+ PXv7d6NdZxyOqgxu/ai/z++F2pWUXSBxZN3Gv28boFKQhmtthTcFudNUtQOchhn8
+ Pf/ipVISqrsZorTx9Qx4fPScEWjwbh84Uz20bx0sQs1oYcek2YG5RhEdzqJ6W78R
+ S/dbzlNYMXGdkxB6C63m8oiGvw0hdN/iGVqpNAoldFmjnFqSgKpyPwfLmmdstJ6f
+ xFZdGPnKexCpHbKr9fg50jZRenIGai79qPIiEtCZHIdpeemSrc7TKRPV3H2aMNfG
+ L5HTqcyaM2+QrMtHPMoOFzcjkigLimMAEQEAAYkCHwQYAQIACQUCVNeM+AIbDAAK
+ CRDabO+N4RaZEo7lD/45J6z2wbL8aIudGEL0aY3hfmW3qrUyoHgaw35KsOY9vZwb
+ cZuJe0RlYptOreH/NrbR5SXODfhd2sxYyyvXBOuZh9i7OOBsrAd5UE01GCvToPwh
+ 7IpMV3GSSAB4P8XyJh20tZqiZOYKhmbf29gUDzqAI6GzUa0U8xidUKpW2zqYGZjp
+ wk3RI1fS7tyi/0N8B9tIZF48kbvpFDAjF8w7NSCrgRquAL7zJZIG5o5zXJM/ffF3
+ 67Dnz278MbifdM/HJ+Tj0R0Uvvki9Z61nT653SoUgvILQyC72XI+x0+3GQwsE38a
+ 5aJNZ1NBD3/v+gERQxRfhM5iLFLXK0Xe4K2XFM1g0yN4L4bQPbhSCq88g9Dhmygk
+ XPbBsrK0NKPVnyGyUXM0VpgRbot11hxx02jC3HxS1nlLF+oQdkKFzJAMOU7UbpX/
+ oO+286J1FmpG+fihIbvp1Quq48immtnzTeLZbYCsG4mrM+ySYd0Er0G8TBdAOTiN
+ 3zMbGX0QOO2fOsJ1d980cVjHn5CbAo8C0A/4/R2cXAfpacbvTiNq5BVk9NKa2dNb
+ kmnTStP2qILWmm5ASXlWhOjWNmptvsUcK+8T+uQboLioEv19Ob4j5Irs/OpOuP0K
+ v4woCi9+03HMS42qGSe/igClFO3+gUMZg9PJnTJhuaTbytXhUBgBRUPsS+lQAQ==
+ =DpoI
+ -----END PGP PUBLIC KEY BLOCK-----
+
.. _pypi: https://pypi.python.org/pypi/pycryptodome
.. _get-pip.py: https://bootstrap.pypa.io/get-pip.py
.. _MS Windows SDK for Windows 7 and .NET Framework 3.5 SP1: http://www.microsoft.com/en-us/download/details.aspx?id=18950
diff --git a/PKG-INFO b/PKG-INFO
index 0fbc89d..b32b94d 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: pycryptodome
-Version: 3.4.6
+Version: 3.4.7
Summary: Cryptographic library for Python
Home-page: http://www.pycryptodome.org
Author: Helder Eijs
diff --git a/lib/Crypto/Cipher/AES.py b/lib/Crypto/Cipher/AES.py
index 14164d7..a48d69a 100644
--- a/lib/Crypto/Cipher/AES.py
+++ b/lib/Crypto/Cipher/AES.py
@@ -19,62 +19,20 @@
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
# ===================================================================
-"""AES symmetric cipher
-
-AES `(Advanced Encryption Standard)`__ is a symmetric block cipher standardized
-by NIST_ . It has a fixed data block size of 16 bytes.
-Its keys can be 128, 192, or 256 bits long.
-
-AES is very fast and secure, and it is the de facto standard for symmetric
-encryption.
-
-As an example, encryption can be done as follows:
-
- >>> from Crypto.Cipher import AES
- >>>
- >>> key = b'Sixteen byte key'
- >>> cipher = AES.new(key, AES.MODE_CFB)
- >>> msg = cipher.iv + cipher.encrypt(b'Attack at dawn')
-
-A more complicated example is based on CCM, (see `MODE_CCM`) an `AEAD`_ mode
-that provides both confidentiality and authentication for a message.
-
-The CCM mode optionally allows the header of the message to remain in the clear,
-whilst still being authenticated. The encryption is done as follows:
-
- >>> from Crypto.Cipher import AES
- >>>
- >>> hdr = b'To your eyes only'
- >>> plaintext = b'Attack at dawn'
- >>> key = b'Sixteen byte key'
- >>> cipher = AES.new(key, AES.MODE_CCM)
- >>> cipher.update(hdr)
- >>> msg = cipher.nonce, hdr, cipher.encrypt(plaintext), cipher.digest()
-
-We assume that the tuple ``msg`` is transmitted to the receiver:
-
- >>> from Crypto.Cipher import AES
- >>>
- >>> nonce, hdr, ciphertext, mac = msg
- >>> key = b'Sixteen byte key'
- >>> cipher = AES.new(key, AES.MODE_CCM, nonce)
- >>> cipher.update(hdr)
- >>> plaintext = cipher.decrypt(ciphertext)
- >>> try:
- >>> cipher.verify(mac)
- >>> print "The message is authentic: hdr=%s, pt=%s" % (hdr, plaintext)
- >>> except ValueError:
- >>> print "Key incorrect or message corrupted"
-
-If no ``nonce`` is supplied initially, a 11 bytes random ``nonce`` is generated,
-which is good for a maximum message size of 4G. See CCM_.
-
-.. __: http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
-.. _NIST: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
-.. _AEAD: http://blog.cryptographyengineering.com/2012/05/how-to-choose-authenticated-encryption.html
-.. _CCM: Crypto.Cipher._mode_ccm.CcmMode-class.html
-
-:undocumented: __package__
+"""
+Module's constants for the modes of operation supported with AES:
+
+:var MODE_ECB: Electronic Code Book (ECB)
+:var MODE_CBC: Cipher-Block Chaining (CBC)
+:var MODE_CFB: Cipher FeedBack (CFB)
+:var MODE_OFB: Output FeedBack (OFB)
+:var MODE_CTR: CounTer Mode (CTR)
+:var MODE_OPENPGP: OpenPGP Mode
+:var MODE_CCM: Counter with CBC-MAC (CCM) Mode
+:var MODE_EAX: EAX Mode
+:var MODE_SIV: Syntethic Initialization Vector (SIV)
+:var MODE_GCM: Galois Counter Mode (GCM)
+:var MODE_OCB: Offset Code Book (OCB)
"""
import sys
@@ -151,142 +109,111 @@ def _create_base_cipher(dict_parameters):
def new(key, mode, *args, **kwargs):
- """Create a new AES cipher
+ """Create a new AES cipher.
- :Parameters:
- key : byte string
+ :param key:
The secret key to use in the symmetric cipher.
- It must be 16 (*AES-128*), 24 (*AES-192*), or 32 (*AES-256*)
- bytes long.
-
- Only in `MODE_SIV`, it needs to be 32, 48, or 64 bytes long.
- mode : a *MODE_** constant
- The chaining mode to use for encryption or decryption.
- If in doubt, use `MODE_EAX`.
+ It must be 16, 24 or 32 bytes long (respectively for *AES-128*,
+ *AES-192* or *AES-256*).
- :Keywords:
- iv : byte string
- (*Only* `MODE_CBC`, `MODE_CFB`, `MODE_OFB`, `MODE_OPENPGP`).
+ For ``MODE_SIV`` only, it doubles to 32, 48, or 64 bytes.
+ :type key: byte string
- The initialization vector to use for encryption or decryption.
-
- For `MODE_OPENPGP`, it must be 16 bytes long for encryption
- and 18 bytes for decryption (in the latter case, it is
- actually the *encrypted* IV which was prefixed to the ciphertext).
+ :param mode:
+ The chaining mode to use for encryption or decryption.
+ If in doubt, use ``MODE_EAX``.
+ :type mode: One of the supported ``MODE_*`` constants
- For all other modes, it must be 16 bytes long.
+ :Keyword Arguments:
+ * *iv* (``byte string``) --
+ (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
+ and ``MODE_OPENPGP`` modes).
- In not provided, a random byte string is used (you must then
- read its value with the ``iv`` attribute).
+ The initialization vector to use for encryption or decryption.
- nonce : byte string
- (*Only* `MODE_CCM`, `MODE_EAX`, `MODE_GCM`, `MODE_SIV`, `MODE_OCB`,
- `MODE_CTR`).
+ For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 16 bytes long.
- A value that must never be reused for any other encryption done
- with this key.
+ For ``MODE_OPENPGP`` mode only,
+ it must be 16 bytes long for encryption
+ and 18 bytes for decryption (in the latter case, it is
+ actually the *encrypted* IV which was prefixed to the ciphertext).
- For `MODE_CCM`, its length must be in the range ``[7..13]``.
- Bear in mind that with CCM there is a trade-off between nonce
- length and maximum message size.
+ If not provided, a random byte string is generated (you must then
+ read its value with the :attr:`iv` attribute).
- For `MODE_OCB`, its length must be in the range ``[1..15]``.
+ * *nonce* (``byte string``) --
+ (Only applicable for ``MODE_CCM``, ``MODE_EAX``, ``MODE_GCM``,
+ ``MODE_SIV``, ``MODE_OCB``, and ``MODE_CTR``).
- For `MODE_CTR`, its length must be in the range ``[0..15]``.
+ A value that must never be reused for any other encryption done
+ with this key.
- For the other modes, there are no restrictions on its length.
+ For ``MODE_EAX``, ``MODE_GCM`` and ``MODE_SIV`` there are no
+ restrictions on its length (recommended: **16** bytes).
- The recommended length depends on the mode: 8 bytes for `MODE_CTR`,
- 11 bytes for `MODE_CCM`, 15 bytes for `MODE_OCB` and 16 bytes
- for the remaining modes.
+ For ``MODE_CCM``, its length must be in the range **[7..13]**.
+ Bear in mind that with CCM there is a trade-off between nonce
+ length and maximum message size. Recommendation: **11** bytes.
- In not provided, a random byte string of the recommended
- length is used (you must then read its value with the ``nonce`` attribute).
+ For ``MODE_OCB``, its length must be in the range **[1..15]**
+ (recommended: **15**).
- segment_size : integer
- (*Only* `MODE_CFB`).The number of **bits** the plaintext and ciphertext
- are segmented in. It must be a multiple of 8.
- If not specified, it will be assumed to be 8.
+ For ``MODE_CTR``, its length must be in the range **[0..15]**
+ (recommended: **8**).
- mac_len : integer
- (*Only* `MODE_EAX`, `MODE_GCM`, `MODE_OCB`, `MODE_CCM`)
- Length of the authentication tag, in bytes.
+ In not provided, a random byte string of the recommended
+ length is used (you must then read its value with the :attr:`nonce`
+ attribute).
- It must be even and in the range ``[4..16]``.
- The recommended value (and the default, if not specified) is 16.
+ * *segment_size* (``integer``) --
+ (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
+ are segmented in. It must be a multiple of 8.
+ If not specified, it will be assumed to be 8.
- msg_len : integer
- (*Only* `MODE_CCM`). Length of the message to (de)cipher.
- If not specified, ``encrypt`` must be called with the entire message.
- Similarly, ``decrypt`` can only be called once.
+ * *mac_len* : (``integer``) --
+ (Only ``MODE_EAX``, ``MODE_GCM``, ``MODE_OCB``, ``MODE_CCM``)
+ Length of the authentication tag, in bytes.
- assoc_len : integer
- (*Only* `MODE_CCM`). Length of the associated data.
- If not specified, all associated data is buffered internally,
- which may represent a problem for very large messages.
+ It must be even and in the range **[4..16]**.
+ The recommended value (and the default, if not specified) is **16**.
- initial_value : integer
- (*Only* `MODE_CTR`). The initial value for the counter within
- the counter block. By default it is 0.
+ * *msg_len* : (``integer``) --
+ (Only ``MODE_CCM``). Length of the message to (de)cipher.
+ If not specified, ``encrypt`` must be called with the entire message.
+ Similarly, ``decrypt`` can only be called once.
- use_aesni : boolean
- Use Intel AES-NI hardware extensions if available.
+ * *assoc_len* : (``integer``) --
+ (Only ``MODE_CCM``). Length of the associated data.
+ If not specified, all associated data is buffered internally,
+ which may represent a problem for very large messages.
- :Return: an AES object, of the applicable mode:
+ * *initial_value* : (``integer``) --
+ (Only ``MODE_CTR``). The initial value for the counter within
+ the counter block. By default it is **0**.
- - CBC_ mode
- - CCM_ mode
- - CFB_ mode
- - CTR_ mode
- - EAX_ mode
- - ECB_ mode
- - GCM_ mode
- - OCB_ mode
- - OFB_ mode
- - OpenPgp_ mode
- - SIV_ mode
+ * *use_aesni* : (``boolean``) --
+ Use Intel AES-NI hardware extensions (default: use if available).
- .. _CBC: Crypto.Cipher._mode_cbc.CbcMode-class.html
- .. _CCM: Crypto.Cipher._mode_ccm.CcmMode-class.html
- .. _CFB: Crypto.Cipher._mode_cfb.CfbMode-class.html
- .. _CTR: Crypto.Cipher._mode_ctr.CtrMode-class.html
- .. _EAX: Crypto.Cipher._mode_eax.EaxMode-class.html
- .. _ECB: Crypto.Cipher._mode_ecb.EcbMode-class.html
- .. _GCM: Crypto.Cipher._mode_gcm.GcmMode-class.html
- .. _OCB: Crypto.Cipher._mode_ocb.OcbMode-class.html
- .. _OFB: Crypto.Cipher._mode_ofb.OfbMode-class.html
- .. _OpenPgp: Crypto.Cipher._mode_openpgp.OpenPgpMode-class.html
- .. _SIV: Crypto.Cipher._mode_siv.SivMode-class.html
+ :Return: an AES object, of the applicable mode.
"""
kwargs["add_aes_modes"] = True
return _create_cipher(sys.modules[__name__], key, mode, *args, **kwargs)
-#: Electronic Code Book (ECB). See `Crypto.Cipher._mode_ecb.EcbMode`.
MODE_ECB = 1
-#: Cipher-Block Chaining (CBC). See `Crypto.Cipher._mode_cbc.CbcMode`.
MODE_CBC = 2
-#: Cipher FeedBack (CFB). See `Crypto.Cipher._mode_cfb.CfbMode`.
MODE_CFB = 3
-#: Output FeedBack (OFB). See `Crypto.Cipher._mode_ofb.OfbMode`.
MODE_OFB = 5
-#: CounTer Mode (CTR). See `Crypto.Cipher._mode_ctr.CtrMode`.
MODE_CTR = 6
-#: OpenPGP Mode. See `Crypto.Cipher._mode_openpgp.OpenPgpMode`.
MODE_OPENPGP = 7
-#: Counter with CBC-MAC (CCM) Mode. See `Crypto.Cipher._mode_ccm.CcmMode`.
MODE_CCM = 8
-#: EAX Mode. See `Crypto.Cipher._mode_eax.EaxMode`.
MODE_EAX = 9
-#: Syntethic Initialization Vector (SIV). See `Crypto.Cipher._mode_siv.SivMode`.
MODE_SIV = 10
-#: Galois Counter Mode (GCM). See `Crypto.Cipher._mode_gcm.GcmMode`.
MODE_GCM = 11
-#: Offset Code Book (OCB). See `Crypto.Cipher._mode_ocb.OcbMode`.
MODE_OCB = 12
-#: Size of a data block (in bytes)
+# Size of a data block (in bytes)
block_size = 16
-#: Size of a key (in bytes)
+# Size of a key (in bytes)
key_size = (16, 24, 32)
diff --git a/lib/Crypto/Cipher/ARC2.py b/lib/Crypto/Cipher/ARC2.py
index 2ad5460..951e07e 100644
--- a/lib/Crypto/Cipher/ARC2.py
+++ b/lib/Crypto/Cipher/ARC2.py
@@ -19,39 +19,16 @@
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
# ===================================================================
-"""RC2 symmetric cipher
-
-RC2_ (Rivest's Cipher version 2) is a symmetric block cipher designed
-by Ron Rivest in 1987. The cipher started as a proprietary design,
-that was reverse engineered and anonymously posted on Usenet in 1996.
-For this reason, the algorithm was first called *Alleged* RC2 (ARC2),
-since the company that owned RC2 (RSA Data Inc.) did not confirm whether
-the details leaked into public domain were really correct.
-
-The company eventually published its full specification in RFC2268_.
-
-RC2 has a fixed data block size of 8 bytes. Length of its keys can vary from
-8 to 128 bits. One particular property of RC2 is that the actual
-cryptographic strength of the key (*effective key length*) can be reduced
-via a parameter.
-
-Even though RC2 is not cryptographically broken, it has not been analyzed as
-thoroughly as AES, which is also faster than RC2.
-
-**Use AES, not ARC2. This module is only provided for legacy purposes.**
-
-As an example, encryption can be done as follows:
-
- >>> from Crypto.Cipher import ARC2
- >>>
- >>> key = b'Sixteen byte key'
- >>> cipher = ARC2.new(key, ARC2.MODE_CFB)
- >>> msg = cipher.iv + cipher.encrypt(b'Attack at dawn')
-
-.. _RC2: http://en.wikipedia.org/wiki/RC2
-.. _RFC2268: http://tools.ietf.org/html/rfc2268
-
-:undocumented: __package__
+"""
+Module's constants for the modes of operation supported with ARC2:
+
+:var MODE_ECB: Electronic Code Book (ECB)
+:var MODE_CBC: Cipher-Block Chaining (CBC)
+:var MODE_CFB: Cipher FeedBack (CFB)
+:var MODE_OFB: Output FeedBack (OFB)
+:var MODE_CTR: CounTer Mode (CTR)
+:var MODE_OPENPGP: OpenPGP Mode
+:var MODE_EAX: EAX Mode
"""
import sys
@@ -118,101 +95,76 @@ def _create_base_cipher(dict_parameters):
def new(key, mode, *args, **kwargs):
- """Create a new RC2 cipher
+ """Create a new RC2 cipher.
- :Parameters:
- key : byte string
+ :param key:
The secret key to use in the symmetric cipher.
Its length can vary from 5 to 128 bytes.
+ :type key: byte string
- mode : a *MODE_** constant
+ :param mode:
The chaining mode to use for encryption or decryption.
+ :type mode: One of the supported ``MODE_*`` constants
- :Keywords:
- iv : byte string
- (*Only* `MODE_CBC`, `MODE_CFB`, `MODE_OFB`, `MODE_OPENPGP`).
-
- The initialization vector to use for encryption or decryption.
-
- For `MODE_OPENPGP`, IV must be 8 bytes long for encryption
- and 10 bytes for decryption (in the latter case, it is
- actually the *encrypted* IV which was prefixed to the ciphertext).
-
- For all other modes, it must be 8 bytes long.
+ :Keyword Arguments:
+ * *iv* (``byte string``) --
+ (Only applicable for ``MODE_CBC``, ``MODE_CFB``, ``MODE_OFB``,
+ and ``MODE_OPENPGP`` modes).
- If not provided, a random byte string will be generated (you
- must read it back via the ``iv`` attribute of the cipher).
+ The initialization vector to use for encryption or decryption.
- nonce : byte string
- (*Only* `MODE_EAX` and `MODE_CTR`).
- A value that must never be reused for any other encryption done with
- this key.
+ For ``MODE_CBC``, ``MODE_CFB``, and ``MODE_OFB`` it must be 8 bytes long.
- For `MODE_CTR`, its length must be in the range ``[0..7]``.
+ For ``MODE_OPENPGP`` mode only,
+ it must be 8 bytes long for encryption
+ and 10 bytes for decryption (in the latter case, it is
+ actually the *encrypted* IV which was prefixed to the ciphertext).
- For `MODE_EAX`, there are no restrictions, but it is recommended to
- use at least 16 bytes.
+ If not provided, a random byte string is generated (you must then
+ read its value with the :attr:`iv` attribute).
- If not provided for `MODE_EAX`, a random byte string will be
- generated (you must read it back via the ``nonce`` attribute
- of the cipher).
+ * *nonce* (``byte string``) --
+ (Only applicable for ``MODE_EAX`` and ``MODE_CTR``).
- mac_len : integer
- (*Only* `MODE_EAX`). Length of the authentication tag, in bytes.
- It must be no larger than 8 (which is the default).
+ A value that must never be reused for any other encryption done
+ with this key.
- segment_size : integer
- (*Only* `MODE_CFB`).
- The number of **bits** the plaintext and ciphertext are segmented in.
- It must be a multiple of 8. If not specified,
- it will be assumed to be 8.
+ For ``MODE_EAX`` there are no
+ restrictions on its length (recommended: **16** bytes).
- initial_value : integer
- (*Only* `MODE_CTR`). The initial value for the counter within
- the counter block. By default it is 0.
+ For ``MODE_CTR``, its length must be in the range **[0..7]**.
- effective_keylen : integer
- Maximum cryptographic strength of the key, in **bits**.
- It can vary from 40 to 1024. The default value is 1024.
+ If not provided for ``MODE_EAX``, a random byte string is generated (you
+ can read it back via the ``nonce`` attribute).
- :Return: an RC2 cipher object, of the applicable mode:
+ * *segment_size* (``integer``) --
+ (Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
+ are segmented in. It must be a multiple of 8.
+ If not specified, it will be assumed to be 8.
- - CBC_ mode
... 8989 lines suppressed ...
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/pycryptodome.git
More information about the Python-modules-commits
mailing list