delta/python-packages/rsa-git.git/tests, branch master github.com: sybrenstuvel/python-rsa.git Fix #162: Blinding uses slow algorithm 2020-11-15T15:27:29+00:00 Sybren A. Stüvel sybren@stuvel.eu 2020-11-15T15:25:51+00:00 06ec1ea1cc7be6034144bd06f07c35eb9d1b4953 Store blinding factor + its inverse, so that they can be reused & updated on every blinding operation. This avoids expensive computations. The reuse of the previous blinding factor is done via squaring (mod n), as per section 9 of 'A Timing Attack against RSA with the Chinese Remainder Theorem' by Werner Schindler, https://tls.mbed.org/public/WSchindler-RSA_Timing_Attack.pdf 
Store blinding factor + its inverse, so that they can be reused & updated
on every blinding operation. This avoids expensive computations.

The reuse of the previous blinding factor is done via squaring (mod n), as
per section 9 of 'A Timing Attack against RSA with the Chinese Remainder
Theorem' by Werner Schindler, https://tls.mbed.org/public/WSchindler-RSA_Timing_Attack.pdf
Fix #164: Add padding length check as described by PKCS#1 v1.5 2020-11-15T14:50:01+00:00 Sybren A. Stüvel sybren@stuvel.eu 2020-11-15T14:48:27+00:00 f878c374086e672e7806fdd18401ec6b71cfa960 According to PKCS#1 v1.5, the padding should be at least 8 bytes long. See https://tools.ietf.org/html/rfc8017#section-7.2.2 step 3 for more info. 
According to PKCS#1 v1.5, the padding should be at least 8 bytes long.
See https://tools.ietf.org/html/rfc8017#section-7.2.2 step 3 for more info.
Limit SHA3 support to Python 3.6+ 2020-06-11T18:22:30+00:00 Sybren A. Stüvel sybren@stuvel.eu 2020-06-11T18:22:01+00:00 9032802c2574bc4538f8f54843fd1996aaf396e4 The third-party library that adds support for this to Python 3.5 is a binary package, and thus breaks the pure-Python nature of Python-RSA. This should fix [#147](https://github.com/sybrenstuvel/python-rsa/issues/147). 
The third-party library that adds support for this to Python 3.5 is a
binary package, and thus breaks the pure-Python nature of Python-RSA.

This should fix [#147](https://github.com/sybrenstuvel/python-rsa/issues/147).
Compatibility with newer MyPy versions 2020-06-11T16:36:20+00:00 Sybren A. Stüvel sybren@stuvel.eu 2020-06-11T16:36:20+00:00 5c7696dd8a53b91b81346b1b04af8ef8e550707d The newer versions always have a message, even on success. 
The newer versions always have a message, even on success.
Fix CVE-2020-13757: detect cyphertext modifications by prepending zero bytes 2020-06-03T12:57:17+00:00 Sybren A. Stüvel sybren@stuvel.eu 2020-06-03T12:39:23+00:00 93af6f2f89a9bf28361e67716c4240e691520f30 Reject cyphertexts that have been modified by prepending zero bytes, by checking the cyphertext length against the expected size (given the decryption key). This resolves CVE-2020-13757. The same approach is used when verifying a signature. Thanks Carnil for pointing this out on https://github.com/sybrenstuvel/python-rsa/issues/146 
Reject cyphertexts that have been modified by prepending zero bytes, by
checking the cyphertext length against the expected size (given the
decryption key). This resolves CVE-2020-13757.

The same approach is used when verifying a signature.

Thanks Carnil for pointing this out on https://github.com/sybrenstuvel/python-rsa/issues/146
Drop character encoding markers for Python 2.x 2020-06-03T11:15:34+00:00 Andrey Semakin and-semakin@ya.ru 2019-11-07T06:29:53+00:00 1473cb8599c44cffad56cecbe32c467d64f00247 






Add support for SHA3 hashing
2019-08-04T15:47:26+00:00

Sybren A. Stüvel
sybren@stuvel.eu

2019-08-04T15:43:55+00:00

3c5ee594a2e38b27f086d042d9d2b9d7d0d0269d

This is based on https://github.com/sybrenstuvel/python-rsa/pull/96, with
a few improvements:
  - The minimum of one use of SHA3 in a unit test, to at least touch it at
    some point.
  - Documented the support of SHA3.
  - Only install the third-party library required by Python 3.5 when we're
    running on Python 3.5. Newer Python versions support SHA3 natively.





This is based on https://github.com/sybrenstuvel/python-rsa/pull/96, with
a few improvements:
  - The minimum of one use of SHA3 in a unit test, to at least touch it at
    some point.
  - Documented the support of SHA3.
  - Only install the third-party library required by Python 3.5 when we're
    running on Python 3.5. Newer Python versions support SHA3 natively.







Added mypy for static type checking
2019-08-04T15:05:58+00:00

Sybren A. Stüvel
sybren@stuvel.eu

2019-08-04T13:47:11+00:00

6760eb76e665dc81863a82110164c4b3b38e7ee9












Removed compatibility code for Python 2.7 and 3.4
2019-08-04T15:05:58+00:00

Sybren A. Stüvel
sybren@stuvel.eu

2019-08-04T13:02:20+00:00

ded036cf988b0cf4b20002d88434282f30762638












Fix BytesWarning in tests
2018-10-23T21:13:20+00:00

Jon Dufresne
jon.dufresne@gmail.com

2018-10-10T12:48:54+00:00

7424c69bde598a145b7d3807e6c367ac4b922bff

Shouldn't try to coerce bytes to a string. Instead, print the repr
value (e.g. b'mybytestring').

When running tests with the Python `-b` option, fixes warnings of the
form:

.../python-rsa/tests/test_strings.py:34: BytesWarning: str() on a bytes instance
  print("\tMessage:   %s" % message)
.../python-rsa/tests/test_strings.py:37: BytesWarning: str() on a bytes instance
  print("\tEncrypted: %s" % encrypted)
.../python-rsa/tests/test_strings.py:40: BytesWarning: str() on a bytes instance
  print("\tDecrypted: %s" % decrypted)





Shouldn't try to coerce bytes to a string. Instead, print the repr
value (e.g. b'mybytestring').

When running tests with the Python `-b` option, fixes warnings of the
form:

.../python-rsa/tests/test_strings.py:34: BytesWarning: str() on a bytes instance
  print("\tMessage:   %s" % message)
.../python-rsa/tests/test_strings.py:37: BytesWarning: str() on a bytes instance
  print("\tEncrypted: %s" % encrypted)
.../python-rsa/tests/test_strings.py:40: BytesWarning: str() on a bytes instance
  print("\tDecrypted: %s" % decrypted)