Skip to content

Commit

Permalink
Merge pull request #158 from tomato42/news-updates
Browse files Browse the repository at this point in the history
add 0.14 changes to NEWS
  • Loading branch information
tomato42 authored Nov 6, 2019
2 parents c5e7ac2 + 270fd9f commit 84dbe0d
Show file tree
Hide file tree
Showing 4 changed files with 97 additions and 3 deletions.
2 changes: 1 addition & 1 deletion .gitattributes
Original file line number Diff line number Diff line change
@@ -1 +1 @@
ecdsa/_version.py export-subst
src/ecdsa/_version.py export-subst
2 changes: 1 addition & 1 deletion MANIFEST.in
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# basic metadata
include MANIFEST.in LICENSE NEWS README.md versioneer.py
include ecdsa/_version.py
include src/ecdsa/_version.py
94 changes: 94 additions & 0 deletions NEWS
Original file line number Diff line number Diff line change
@@ -1,3 +1,97 @@
* Release 0.14 (06 Nov 2019)

Bug fixes:
Strict checking of DER requirements when parsing SEQUENCE, INTEGER,
OBJECT IDENTIFIER and BITSTRING objects.
DER parsers now consistently raise `UnexpectedDER` exception on malformed DER
encoded byte strings.
Make sure that both malformed and invalid signatures raise `BadSignatureError`.
Ensure that all `SigningKey` and `VerifyingKey` methods that should accept
bytes-like objects actually do accept them (also avoid copying input strings).
Make `SigningKey.sign_digest_deterministic` use default object hashfunc when
none was provided.
`encode_integer` now works for large integers.
Make `encode_oid` and `remove_object` correctly handle OBJECT IDENTIFIERs
with large second subidentifier and padding in encoded subidentifiers.

New features:
Deterministic signature methods now accept `extra_entropy` parameter to further
randomise the selection of `k` (the nonce) for signature, as specified in
RFC6979.
Recovery of public key from signature is now supported.
Support for SEC1/X9.62 formatted keys, all three encodings are supported:
"uncompressed", "compressed" and "hybrid". Both string, and PEM/DER will
automatically accept them, if the size of the key matches the curve.
Benchmarking application now provides performance numbers that are easier to
compare against OpenSSL.
Support for all Brainpool curves (non-twisted).

New API:
`CurveFp`: `__str__` is now supported.
`SigningKey.sign_deterministic`, `SigningKey.sign_digest_deterministic` and
`generate_k`: extra_entropy parameter was added
`Signature.recover_public_keys` was added
`VerifyingKey.from_public_key_recovery` and
`VerifyingKey.from_public_key_recovery_with_digest` were added
`VerifyingKey.to_string`: `encoding` parameter was added
`VerifyingKey.to_der` and `SigningKey.to_der`: `point_encoding` parameter was
added.
`encode_bitstring`: `unused` parameter was added
`remove_bitstring`: `expect_unused` parameter was added
`SECP256k1` is now part of `curves` `*` import
`Curves`: `__repr__` is now supported
`VerifyingKey`: `__repr__` is now supported

Deprecations:
Python 2.5 is not supported any more - dead code removal.
`from keys import *` will now import only objects defined in that module.
Trying to decode a malformed point using `VerifyingKey.from_string`
will rise now the `MalformedPointError` exception (that inherits from
`AssertionError` but is not it).
Multiple functions in `numbertheory` are considered deprecated: `phi`,
`carmichael`, `carmichael_of_factorized`, `carmichael_of_ppower`,
`order_mod`, `largest_factor_relatively_prime`, `kinda_order_mod`. They will
now emit `DeprecationWarning` when used. Run the application or test suite
with `-Wd` option or with `PYTHONWARNINGS=default` environment variable to
verify if those methods are not used. They will be removed completely in a
future release.
`encode_bitstring` and `decode_bitstring` expect the number of unused
bits to be passed as an argument now. They will emit `DeprecationWarning`
if they are used in the deprecated way.
modular_exp: will emit `DeprecationWarning`

Hardening:
Deterministic signatures now verify that the signature won't leak private
key through very unlikely selection of `k` value (the nonce).
Nonce bit size hiding was added (hardening against Minerva attack). Please
note that it DOES NOT make library secure against side channel attacks (timing
attacks).

Performance:
The public key in key generation is not verified twice now, making key
generation and private key reading about 33% faster.
Microoptimisation to `inverse_mod` function, increasing performance by about
40% for all operations.

Maintenance:
Extended test coverage to newer python versions.
Fixes to examples in README.md: correct commands, more correct code (now works
on Python 3).
Stopped bundling `six`
Moved sources into `src` subdirectory
Made benchmarking script standalone (runnable either with `tox -e speed`, or
after installation, with `python speed.py`)
Now test coverage reported to coveralls is branch coverage, not line coverage
Autodetection of curves supported by OpenSSL (test suite compatibility with
Fedora OpenSSL package).
More readable error messages (exceptions) in `der` module.
Documentation to `VerifyingKey`, `SigningKey` and signature encoder/decoder
functions added.
Added measuring and verifying condition coverage to Continuous Integration.
Big clean-up of the test suite, use pytest parametrisation and hypothesis
for better test coverage and more precise failure reporting.
Use platform-provided `math.gcd`, when provided.

* Release 0.13.3 (07 Oct 2019)

Fix CVE-2019-14853 - possible DoS caused by malformed signature decoding and
Expand Down
2 changes: 1 addition & 1 deletion src/ecdsa/_version.py
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ def get_config():
cfg.style = "pep440"
cfg.tag_prefix = "python-ecdsa-"
cfg.parentdir_prefix = "ecdsa-"
cfg.versionfile_source = "ecdsa/_version.py"
cfg.versionfile_source = "src/ecdsa/_version.py"
cfg.verbose = False
return cfg

Expand Down

0 comments on commit 84dbe0d

Please sign in to comment.