The NetBSD Project

CVS log for pkgsrc/security/py-ecdsa/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / security / py-ecdsa

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.15: download - view: text, markup, annotated - select for diffs
Wed Apr 10 11:16:20 2024 UTC (7 months, 4 weeks ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2024Q3-base, pkgsrc-2024Q3, pkgsrc-2024Q2-base, pkgsrc-2024Q2, HEAD
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +4 -4 lines
py-ecdsa: updated to 0.19.0

ecdsa 0.19.0

New API:

to_ssh in VerifyingKey and SigningKey, supports Ed25519 keys only
(Pablo Mazzini)

New features:

Support for twisted Brainpool curves

Doc fix:

Fix curve equation in glossary
Documentation for signature encoding and signature decoding functions

Maintenance:

Dropped official support for 3.3 and 3.4 (because of problems running them
in CI, not because it's actually incompatible; support for 2.6 and 2.7 is
unaffected)
Fixes aroung hypothesis parameters
Officially support Python 3.11 and 3.12
Small updates to test suite to make it work with 3.11 and 3.12 and new
releases of test dependencies
Dropped the internal _rwlock module as it's unused
Added mutation testing to CI, lots of speed-ups to the test suite
to make it happen
Removal of unnecessary six.b literals (Alexandre Detiste)

Deprecations:

int_to_string, string_to_int, and digest_integer from ecdsa.ecdsa
module are now considered deprecated, they will be removed in a future
release

Revision 1.14: download - view: text, markup, annotated - select for diffs
Wed Aug 10 10:57:45 2022 UTC (2 years, 4 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2024Q1-base, pkgsrc-2024Q1, pkgsrc-2023Q4-base, pkgsrc-2023Q4, pkgsrc-2023Q3-base, pkgsrc-2023Q3, pkgsrc-2023Q2-base, pkgsrc-2023Q2, pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +4 -4 lines
py-ecdsa: updated to 0.18.0

Release 0.18.0 (09 Jul 2022)

New API:
* `curve_by_name` in `curves` module to get a `Curve` object by providing curve
  name.

Bug fix:
* Make the `VerifyingKey` encoded with explicit parameters use the same
  kind of point encoding for public key and curve generator.
* Better handling of malformed curve parameters (as in CVE-2022-0778);
  make python-ecdsa raise `MalformedPointError` instead of `AssertionError`.

Doc fix:
* Publish the documentation on https://ecdsa.readthedocs.io/,
  include explanation of basics of handling of ECC data formats and how to use
  the library for elliptic curve arithmetic.
* Make object names more consistent, make them into hyperlinks on the
  readthedocs documentation.
* Make security note more explicit (Ian Rodney)
* Fix the `explicit` vs `named_curve` confusion in `VerifyingKey` docs.

Maintenance:
* Updated black version; slight changes to formatting
* Include interoperability tests for Ed25519 and Ed448 with OpenSSL.

Revision 1.13: download - view: text, markup, annotated - select for diffs
Tue Oct 26 11:17:44 2021 UTC (3 years, 1 month ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2, pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +2 -2 lines
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2

Revision 1.12: download - view: text, markup, annotated - select for diffs
Thu Oct 7 14:54:29 2021 UTC (3 years, 2 months ago) by nia
Branches: MAIN
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +1 -2 lines
security: Remove SHA1 hashes for distfiles

Revision 1.11: download - view: text, markup, annotated - select for diffs
Tue Jun 1 05:34:51 2021 UTC (3 years, 6 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +5 -5 lines
py-ecdsa: updated to 0.17.0

Relase 0.17.0 (27 May 2021)

New API:
* Keys that use explicit curve parameters can now be read and written.
  Reading of explicit curves can be disabled by using the
  `valid_curve_encodings` keyword argument in `VerifyingKey.from_pem()`,
  `VerifyingKey.from_der()`, `SigningKey.from_pem()`, and
  `SigningKey.from_der()`.
* Keys can now be written with use of explicit curve parameters,
  use `curve_parameters_encoding` keyword argument of `VerifyingKey.to_pem()`,
  `VerifyingKey.to_der()`, `SigningKey.to_pem(), or `SigningKey.to_der()` to
  specify the format. By default `named_curve` will be used, unless the
  curve doesn't have an associated OID (as will be the case for an unsupported
  curve), then `explicit` encoding will be used.
* Allow specifying acceptable point formats when loading public keys
  (this also fixes a minor bug where python-ecdsa would accept raw
  encoding for points in PKCS#8 files). Set of accepted encodings is controlled
  by `valid_encodings` keyword argument in
  `ECDH.load_received_public_key_bytes()`, `VerifyingKey.from_string()`,
  `VerifyingKey.from_pem()`, VerifyingKey.from_der()`.
* `PointJacobi` and `Point` now inherit from `AbstractPoint` that implements
  the methods for parsing points. That added `from_bytes()` and
  `to_bytes()` methods to both of them.
* Curve parameters can now be read and written to PEM and DER files. The
  `Curve` class supports new `to_der()`, `from_der()`, `to_pem()`, and
  `from_pem()` methods.

Doc fix:
* Describe in detail which methods can raise `RSZeroError`, and that
  `SigningKey.sign_deterministic()` won't raise it.

Bug fix:
* Correctly truncate hash values larger than the curve order (only impacted
  custom curves and the curves added in this release).
* Correctly handle curves for which the order is larger than the prime
  (only impacted custom curves and the secp160r1 curve added in this release).
* Fix the handling of `==` and `!=` for `Public_key`, `Private_key`, `Point`,
  `PointJacobi`, `VerifyingKey`, and `SigningKey` so that it behaves
  consistently and in the expected way both in Python 2 and Python 3.
* Implement lock-less algorithm inside PointJacobi for keeping shared state
  so that when calculation is aborted with KeyboardInterrupt, the state doesn't
  become corrupted (this fixes the occasional breakage of ecdsa in interactive
  shells).

New features:
* The `speed.py` script now provides performance for signature verification
  without use of precomputation.
* New curves supported: secp112r1, secp112r2, secp128r1, secp160r1.

Performance:
* Use 2-ary Non-Adjacent Form for the combined multiply-add. This speeds up
  single-shot verify (i.e. without precomputation) by about 4 to 5%.
* Use native Python 3.8 support for calculating multiplicative inverses.

Maintenace:
* Include Python 3.9 in PyPI keywords.
* More realistic branch coverage counting (ignore Python version-specific
  branches).
* Additional test coverage to many parts of the library.
* Migrate to Github Actions for Continuous Testing.

Revision 1.10: download - view: text, markup, annotated - select for diffs
Mon Nov 30 20:13:53 2020 UTC (4 years ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +5 -5 lines
py-ecdsa: updated to 0.16.1

Release 0.16.1

New API:
`VerifyingKey.precompute()` supports `lazy` argument to delay precomputation
to the first time the key is used to verify a signature.

Doc fixes:
Documentation for the `VerifyingKey.precompute()` method.

Bug fix:
Make created signatures correct when the hash used is bigger than the curve
order bit size and the curve order is not a multiple of 8 (this affects
only users of custom curves or hashes with output larger than 512 bits).

Performance:
Speed up library load time by calculating the generator point multiplication
tables the first time the points are used, not when they are initialised.

Maintenance:
Include Python 3.9 in CI testing.
Test coverage for the `VerifyingKey.precompute()` method.
Small speed-ups for the test suite.

Revision 1.9: download - view: text, markup, annotated - select for diffs
Sat Oct 3 06:13:27 2020 UTC (4 years, 2 months ago) by adam
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +5 -5 lines
py-ecdsa: updated to 0.16.0

Release 0.16.0

New features:
Support for reading and writing private keys in PKCS#8 format.

New API:
`to_pem` and `to_der` now accept new parameter, `format`, to specify
the format of the encoded files, either the dafault, legacy "ssleay", or
the new `pkcs8` to use PKCS#8. Note that only unencrypted PKCS#8 files are
supported.
Add `allow_truncate` to `verify` in `VerifyingKey`, it defaults to True,
when specified as False, use of large hashes smaller than curves will be
disallowed (as it was in 0.14.1 and earlier).

Bug fix:
Correctly calculate signatures for private keys equal to n-1.
Make `PointJacobi` and thus `SigningKey` and `VerifyingKey` pickleable.

Doc fixes:
`to_pem` functions return `bytes` not `str`, document them as such.
`from_pem` and `from_pem` in `SigningKey` returns `SigningKey`, document them
as such.

Maintenance:
Ensure that version checks will work with Python 4.
Format the source with black.
Fix uses of `assert_` in test suite.
Use newer Ubuntu in Travis to test against OpenSSL 1.1.1 (and thus
test the interoperability of ECDH code in Travis).

Revision 1.8: download - view: text, markup, annotated - select for diffs
Thu Feb 27 16:55:07 2020 UTC (4 years, 9 months ago) by bsiegert
Branches: MAIN
CVS tags: pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +5 -5 lines
Update py-ecdsa to 0.15.

Patch from Jonathan Schleifer via PR pkg/54883.

Contains a fix for broken signature verification.

Revision 1.7: download - view: text, markup, annotated - select for diffs
Wed Nov 4 01:18:03 2015 UTC (9 years, 1 month ago) by agc
Branches: MAIN
CVS tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3, pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +2 -1 lines
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Revision 1.6: download - view: text, markup, annotated - select for diffs
Mon Jun 29 17:01:08 2015 UTC (9 years, 5 months ago) by gls
Branches: MAIN
CVS tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +1 -2 lines
Remove patch

Revision 1.5: download - view: text, markup, annotated - select for diffs
Mon Jun 29 17:00:00 2015 UTC (9 years, 5 months ago) by gls
Branches: MAIN
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +5 -5 lines
Update security/py-ecdsa to 0.13
--------------------------------

pkgsrc changes:

- Adjust EGG_NAME

Upstream changes:

* Release 0.13 (07 Feb 2015)

Fix the argument order for Curve constructor (put openssl_name= at the end,
with a default value) to unbreak compatibility with external callers who used
the 0.11 convention.

* Release 0.12 (06 Feb 2015)

Switch to Versioneer for version-string management (fixing the broken
`ecdsa.__version__` attribute). Add Curve.openssl_name property. Mention
secp256k1 in README, test against OpenSSL. Produce "wheel" distributions. Add
py3.4 and pypy3 compatibility testing. Other minor fixes.

Revision 1.4: download - view: text, markup, annotated - select for diffs
Thu Jun 12 00:28:26 2014 UTC (10 years, 6 months ago) by gls
Branches: MAIN
CVS tags: pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1, pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +4 -4 lines
Update security/py-ecdsa to 0.11

Upstream changes:
-----------------

* Release 0.11 (10 Mar 2014)

Add signature-encoding functions "sigencode_{strings,string,der}_canonize"
which canonicalize the S value (using the smaller of the two possible
values). Add "validate_point=" argument to VerifyingKey.from_string()
constructor (defaults to True) which can be used to disable time-consuming
point validation when importing a pre-validated verifying key. Drop python2.5
support (untested but not explicitly broken yet), update trove classifiers.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Tue Nov 5 17:37:48 2013 UTC (11 years, 1 month ago) by joerg
Branches: MAIN
CVS tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1, pkgsrc-2013Q4-base, pkgsrc-2013Q4
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +2 -1 lines
Install as egg to fix the 2.6 installation.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Tue Oct 29 08:12:09 2013 UTC (11 years, 1 month ago) by gls
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +4 -4 lines
Update security/py-ecdsa to 0.10.

Upstream changes:
-----------------
* Release 0.10 (23 Oct 2013)

Make the secp256k1 available in __init__.py too (thanks to Scott Bannert).

While here, adjust HOMEPAGE.

Revision 1.1: download - view: text, markup, annotated - select for diffs
Sun Oct 20 12:47:11 2013 UTC (11 years, 1 month ago) by gls
Branches: MAIN
Added security/py-ecdsa to the NetBSD packages collection.

py-ecdsa is an easy-to-use implementation of ECDSA cryptography (Elliptic Curve
Digital Signature Algorithm), implemented purely in Python, released under the
MIT license. With this library, you can quickly create keypairs (signing key
and verifying key), sign messages, and verify the signatures. The keys and
signatures are very short, making them easy to handle and incorporate into
other protocols.

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>