# # spec file for package python-pycryptodome # # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %{?!python_module:%define python_module() python-%{**} python3-%{**}} %bcond_without test %define oldpython python Name: python-pycryptodome Version: 3.6.3 Release: 1.1 Summary: Cryptographic library for Python License: BSD-2-Clause Group: Development/Languages/Python Url: https://www.pycryptodome.org Source: https://pypi.io/packages/source/p/pycryptodome/pycryptodome-%{version}.tar.gz BuildRequires: %{python_module devel} BuildRequires: %{python_module setuptools} BuildRequires: fdupes BuildRequires: python-rpm-macros Provides: python-pycrypto = %{version} Obsoletes: python-pycrypto < %{version} %ifpython2 Provides: %{oldpython}-pycrypto = %{version} Obsoletes: %{oldpython}-pycrypto < %{version} %endif # PyCryptodome uses gmp via cffi as runtime optimization # would be better, if libgmp* would provide gmp Suggests: libgmp10 Suggests: python-cffi %python_subpackages %description PyCryptodome is a self-contained Python package of low-level cryptographic primitives. PyCryptodome is a fork of PyCrypto, residing in the `Crypto` namespace for better drop-in compatibility, while it brings several enhancements with respect to the last official version of PyCrypto (2.6.1), for instance: * Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB) * Accelerated AES on Intel platforms via AES-NI * First class support for PyPy * Elliptic curves cryptography (NIST P-256 curve only) * Better and more compact API (`nonce` and `iv` attributes for ciphers, automatic generation of random nonces and IVs, simplified CTR cipher mode, and more) * SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms * Salsa20 and ChaCha20 stream ciphers * scrypt and HKDF * Deterministic (EC)DSA * Password-protected PKCS#8 key containers * Shamir's Secret Sharing scheme * Random numbers get sourced directly from the OS (and not from a CSPRNG in userspace) * Simplified install process, including better support for Windows * Cleaner RSA and DSA key generation (largely based on FIPS 186-4) * Major clean ups and simplification of the code base PyCryptodome is not a wrapper to a separate C library like *OpenSSL*. To the largest possible extent, algorithms are implemented in pure Python. Only the pieces that are extremely critical to performance (e.g. block ciphers) are implemented as C extensions. %prep %setup -q -n pycryptodome-%{version} %build export CFLAGS="%{optflags}" %python_build %install %python_install %python_expand %fdupes %{buildroot}%{$python_sitearch} %if %{with test} %check %python_exec setup.py test %endif %files %{python_files} %license LICENSE.rst %doc AUTHORS.rst Changelog.rst README.rst %{python_sitearch}/* %changelog * Tue Jul 3 2018 hpj@urpla.net - Update to 3.6.3 (21 June 2018) - Resolved issues * GH#175: Fixed incorrect results for CTR encryption/decryption with more than 8 blocks. - Update to 3.6.2 (19 June 2018) - New features * ChaCha20 accepts 96 bit nonces (in addition to 64 bit nonces) as defined in RFC7539. * Accelerate AES-GCM on x86 using PCLMULQDQ instruction. * Accelerate AES-ECB and AES-CTR on x86 by pipelining AESNI instructions. * As result of the two improvements above, on x86 (Broadwell): - AES-ECB and AES-CTR are 3x faster - AES-GCM is 9x faster - Resolved issues * On Windows, MPIR library was stilled pulled in if renamed to ``gmp.dll``. - Breaks in compatibility * In ``Crypto.Util.number``, functions ``floor_div`` and ``exact_div`` have been removed. Also, ``ceil_div`` is limited to non-negative terms only. - suggesting libgmp10 and python-cffi - add license file tag * Wed May 16 2018 tchvatal@suse.com - Provide/obsolete also python-crypto for py2 package * Mon May 7 2018 hpj@urpla.net - fix condition to act as drop in replacement for python-pycrypto * Fri May 4 2018 hpj@urpla.net - Update to 3.6.1 (15 April 2018) - New features * Added Google Wycheproof tests (https://github.com/google/wycheproof) for RSA, DSA, ECDSA, GCM, SIV, EAX, CMAC. * New parameter ``mac_len`` (length of MAC tag) for CMAC. - Resolved issues * In certain circumstances (at counter wrapping, which happens on average after 32 GBi) AES GCM produced wrong ciphertexts. * Method ``encrypt()`` of AES SIV cipher could be still called, whereas only ``encrypt_and_digest()`` should be allowed. - Update to 3.6.0 (8 April 2018) - New features * Introduced ``export_key`` and deprecated ``exportKey`` for DSA and RSA key objects. * Ciphers and hash functions accept ``memoryview`` objects in input. * Added support for SHA-512/224 and SHA-512/256. - Resolved issues * Reintroduced `Crypto.__version__` variable as in PyCrypto. * Fixed compilation problem with MinGW. - Update to 3.5.1 (8 March 2018) - Resolved issues * GH#142. Fix mismatch with declaration and definition of addmul128. - Update to 3.5.0 (7 March 2018) - New features * Import and export of ECC curves in compressed form. * The initial counter for a cipher in CTR mode can be a byte string (in addition to an integer). * Faster PBKDF2 for HMAC-based PRFs (at least 20x for short passwords, more for longer passwords). Thanks to Christian Heimes for pointing out the implementation was under-optimized. * The salt for PBKDF2 can be either a string or bytes (GH#67). * Ciphers and hash functions accept data as `bytearray`, not just binary strings. * The old SHA-1 and MD5 hash functions are available even when Python's own `hashlib` does not include them. - Resolved issues * Without libgmp, modular exponentiation (since v3.4.8) crashed on 32-bit big-endian systems. - Breaks in compatibility * Removed support for Python < 2.6. - Update to 3.4.12 (5 February 2018) - Resolved issues * GH#129. pycryptodomex could only be installed via wheels. - Update to 3.4.11 (5 February 2018) - Resolved issues * GH#121. the record list was still not correct due to PEP3147 and __pycache__ directories. Thanks again to John O'Brien. - Update to 3.4.10 (2 February 2018) - Resolved issues * When creating ElGamal keys, the generator wasn't a square residue: ElGamal encryption done with those keys cannot be secure under the DDH assumption. Thanks to Weikeng Chen. - Update to 3.4.9 (1 February 2018) - New features * More meaningful error messages while importing an ECC key. - Resolved issues * GH#123 and #125. The SSE2 command line switch was not always passed on 32-bit x86 platforms. * GH#121. The record list (--record) was not always correctly filled for the pycryptodomex package. Thanks to John W. O'Brien. - Update to 3.4.8 (27 January 2018) - New features * Added a native extension in pure C for modular exponentiation, optimized for SSE2 on x86. In the process, we drop support for the arbitrary arithmetic library MPIR on Windows, which is painful to compile and deploy. The custom modular exponentiation is 130%% (160%%) slower on an Intel CPU in 32-bit (64-bit) mode, compared to MPIR. Still, that is much faster that CPython's own `pow()` function which is 900%% (855%%) slower than MPIR. Support for the GMP library on Unix remains. * Added support for *manylinux* wheels. * Support for Python 3.7. - Resolved issues * The DSA parameter 'p' prime was created with 255 bits cleared (but still with the correct strength). * GH#106. Not all docs were included in the tar ball. Thanks to Christopher Hoskin. * GH#109. ECDSA verification failed for DER encoded signatures. Thanks to Alastair Houghton. * Human-friendly messages for padding errors with ECB and CBC. * Mon Sep 18 2017 hpj@urpla.net - provide python-crypto 2.6.1 * Wed Sep 6 2017 toddrme2178@gmail.com - Initial version