Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also .

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also .
base repository: Legrandin/pycryptodome
Choose a Base Repository
Legrandin/pycryptodome
0x5y/pycryptodome
0xacb/pycryptodome
5l1v3r1/pycryptodome
Alexis-D/pycryptodome
Alphahpla/pycryptodome
Alsekar/pycryptodome
Andyoung/pycryptodome
Bernie/pycryptodome
BhargavMahajan/pycryptodome
Bita1978/pycryptodome
ChargerAirHockey/pycryptodome
Coeur/pycryptodome
CuPidev/pycryptodome
DrWoodMan/pycryptodome
Etuloser/pycryptodome
EverydayLearning/pycryptodome
Fixdq/pycryptodome
Frankkkkk/pycryptodome
Gallaecio/pycryptodome
GeeF/pycryptodome
Gnof/pycryptodome
Hasimir/pycryptodome
Hemoth/pycryptodome
IPv4v6/pycryptodome
JeremyRand/pycryptodome
LanHEIGHT/pycryptodome
Legorooj/pycryptodome
NataliaDeriuzhova/pycryptodome
NathanReb/pycryptodome
Nidhi7Sharma/pycryptodome
OneKeyHQ/pycryptodome
Paxxi/pycryptodome
PeterMosmans/pycryptodome
Phimanlol/pycryptodome
Piquelyz/pycryptodome
Rakesh-A/pycryptodome
Rexoid/pycryptodome
RileyWilliams/pycryptodome
RyanHubs/pycryptodome
SinCatGit/pycryptodome
SolarDon/pycryptodome
SomberNight/pycryptodome
Suckzoo/pycryptodome
SuicideSin/pycryptodome
Tendrid/pycryptodome
Tr4il/pycryptodome
WangWangZhou/pycryptodome
YodelingPenguin/pycryptodome
YunaJin/pycryptodome
acabey/pycryptodome
addenial/pycryptodome
aeby/pycryptodome
al45tair/pycryptodome
alanjds/pycryptodome
aleecy/pycryptodome
alexbriskin/pycryptodome
alexvechirko/pycryptodome
alxchk/pycryptodome
andersk/pycryptodome
andreeaprocab/pycryptodome
aner1797/pycryptodome
anningwang/pycryptodome
arsenico13/pycryptodome
arturhgca/pycryptodome
ashishnitinpatil/pycryptodome
aweffr/pycryptodome
battyc/pycryptodome
bauerj/pycryptodome
bsreera/pycryptodome
caiqing/pycryptodome
cclauss/pycryptodome
chutz/pycryptodome
clinoge/pycryptodome
colatkinson/pycryptodome
credentiality/pycryptodome
cryptogun/pycryptodome
cschaffner/pycryptodome
cybort/pycryptodome
dahuzi998/pycryptodome
daikuei/pycryptodome
dfranganillo/pycryptodome
dickyM/pycryptodome
dlenwell/pycryptodome
drewbanin/pycryptodome
drewzhang/pycryptodome
ekapujiw2002/pycryptodome
elias6/pycryptodome
fawkesley/pycryptodome
frispete/pycryptodome
fviard/pycryptodome
gbhuvneshwar/pycryptodome
gprossliner/pycryptodome
gruentee/pycryptodome
hannesvn/pycryptodome
happyshi0402/pycryptodome
harishankarv/pycryptodome
heikoheiko/pycryptodome
hjat2005/pycryptodome
houluy/pycryptodome
hugovk/pycryptodome
i-spark/pycryptodome
ii0/pycryptodome
inikolcev/pycryptodome
jackspicer1229/pycryptodome
jackyhau/pycryptodome
jakirkham/pycryptodome
jamesdu0504/pycryptodome
jammydee40/pycryptodome
jaywink/pycryptodome
jllin3029/pycryptodome
joaoe/pycryptodome
joe-bowman/pycryptodome
johanvanderkuijl/pycryptodome
jrchen982/pycryptodome
juanrubio/pycryptodome
jxyddtc/pycryptodome
kenvontucky/pycryptodome
koolfy/pycryptodome
ksyourex/pycryptodome
ktnoc/pycryptodome
ladin157/pycryptodome
laurolima/pycryptodome
leileigong/pycryptodome
lenjoy/pycryptodome
leonliu315/pycryptodome
lochotzke/pycryptodome
lorenaman/pycryptodome
louishot/pycryptodome
magn3141/pycryptodome
majuscule/pycryptodome
mans0954/pycryptodome
mattevenson/pycryptodome
mattsb42/pycryptodome
maxarmin/pycryptodome
mexicanamerican/pycryptodome
microbet/pycryptodome
mjiujiang/pycryptodome
morristech/pycryptodome
mustakarhu/pycryptodome
ncarve/pycryptodome
nehalrp/pycryptodome
netlovehf/pycryptodome
neville133/pycryptodome
nffly/pycryptodome
nicois/pycryptodome
nicolas3355/pycryptodome
niulinlnc/pycryptodome
nkaminski/pycryptodome
nycto-hackerone/pycryptodome
ojso/pycryptodome
opkl/pycryptodome
oyiptong/pycryptodome
paul94p/pycryptodome
pbeaure/pycryptodome
plattrap/pycryptodome
puddly/pycryptodome
qiuxiangdong/pycryptodome
r4nx/pycryptodome
rafael-vieira-coelho/pycryptodome
rjshaver/pycryptodome
rlittlefield/pycryptodome
romalin99/pycryptodome
rrosajp/pycryptodome
ryanscovill/pycryptodome
sarneaud/pycryptodome
sayoojsamuel/pycryptodome
schlenk/pycryptodome
scourc/pycryptodome
sebastiandragomir/pycryptodome
sharpvik/pycryptodome
shengulong/pycryptodome
shrawant/pycryptodome
siccegge/pycryptodome
simdeveloper/pycryptodome
simon-liu/pycryptodome
siyuanpeng/pycryptodome
specialsymbol/pycryptodome
spz1st/pycryptodome
sseering/pycryptodome
sylvainpelissier/pycryptodome
tcastonzo/pycryptodome
thesquib/pycryptodome
tintinweb/pycryptodome
vesellov/pycryptodome
viponedream/pycryptodome
wangqi01/pycryptodome
xiexiaopeng2016/pycryptodome
xuesong-hu/pycryptodome
xueyumusic/pycryptodome
ymdatta/pycryptodome
youngseaz/pycryptodome
yousha806/pycryptodome
yufi113/pycryptodome
yvette321911/pycryptodome
yylluu/pycryptodome
zcstarr/pycryptodome
zejn/pycryptodome
zerolugithub/pycryptodome
zhangli344236745/pycryptodome
Nothing to show
base: v3.9.7
head repository: Legrandin/pycryptodome
Choose a Head Repository
Legrandin/pycryptodome
0x5y/pycryptodome
0xacb/pycryptodome
5l1v3r1/pycryptodome
Alexis-D/pycryptodome
Alphahpla/pycryptodome
Alsekar/pycryptodome
Andyoung/pycryptodome
Bernie/pycryptodome
BhargavMahajan/pycryptodome
Bita1978/pycryptodome
ChargerAirHockey/pycryptodome
Coeur/pycryptodome
CuPidev/pycryptodome
DrWoodMan/pycryptodome
Etuloser/pycryptodome
EverydayLearning/pycryptodome
Fixdq/pycryptodome
Frankkkkk/pycryptodome
Gallaecio/pycryptodome
GeeF/pycryptodome
Gnof/pycryptodome
Hasimir/pycryptodome
Hemoth/pycryptodome
IPv4v6/pycryptodome
JeremyRand/pycryptodome
LanHEIGHT/pycryptodome
Legorooj/pycryptodome
NataliaDeriuzhova/pycryptodome
NathanReb/pycryptodome
Nidhi7Sharma/pycryptodome
OneKeyHQ/pycryptodome
Paxxi/pycryptodome
PeterMosmans/pycryptodome
Phimanlol/pycryptodome
Piquelyz/pycryptodome
Rakesh-A/pycryptodome
Rexoid/pycryptodome
RileyWilliams/pycryptodome
RyanHubs/pycryptodome
SinCatGit/pycryptodome
SolarDon/pycryptodome
SomberNight/pycryptodome
Suckzoo/pycryptodome
SuicideSin/pycryptodome
Tendrid/pycryptodome
Tr4il/pycryptodome
WangWangZhou/pycryptodome
YodelingPenguin/pycryptodome
YunaJin/pycryptodome
acabey/pycryptodome
addenial/pycryptodome
aeby/pycryptodome
al45tair/pycryptodome
alanjds/pycryptodome
aleecy/pycryptodome
alexbriskin/pycryptodome
alexvechirko/pycryptodome
alxchk/pycryptodome
andersk/pycryptodome
andreeaprocab/pycryptodome
aner1797/pycryptodome
anningwang/pycryptodome
arsenico13/pycryptodome
arturhgca/pycryptodome
ashishnitinpatil/pycryptodome
aweffr/pycryptodome
battyc/pycryptodome
bauerj/pycryptodome
bsreera/pycryptodome
caiqing/pycryptodome
cclauss/pycryptodome
chutz/pycryptodome
clinoge/pycryptodome
colatkinson/pycryptodome
credentiality/pycryptodome
cryptogun/pycryptodome
cschaffner/pycryptodome
cybort/pycryptodome
dahuzi998/pycryptodome
daikuei/pycryptodome
dfranganillo/pycryptodome
dickyM/pycryptodome
dlenwell/pycryptodome
drewbanin/pycryptodome
drewzhang/pycryptodome
ekapujiw2002/pycryptodome
elias6/pycryptodome
fawkesley/pycryptodome
frispete/pycryptodome
fviard/pycryptodome
gbhuvneshwar/pycryptodome
gprossliner/pycryptodome
gruentee/pycryptodome
hannesvn/pycryptodome
happyshi0402/pycryptodome
harishankarv/pycryptodome
heikoheiko/pycryptodome
hjat2005/pycryptodome
houluy/pycryptodome
hugovk/pycryptodome
i-spark/pycryptodome
ii0/pycryptodome
inikolcev/pycryptodome
jackspicer1229/pycryptodome
jackyhau/pycryptodome
jakirkham/pycryptodome
jamesdu0504/pycryptodome
jammydee40/pycryptodome
jaywink/pycryptodome
jllin3029/pycryptodome
joaoe/pycryptodome
joe-bowman/pycryptodome
johanvanderkuijl/pycryptodome
jrchen982/pycryptodome
juanrubio/pycryptodome
jxyddtc/pycryptodome
kenvontucky/pycryptodome
koolfy/pycryptodome
ksyourex/pycryptodome
ktnoc/pycryptodome
ladin157/pycryptodome
laurolima/pycryptodome
leileigong/pycryptodome
lenjoy/pycryptodome
leonliu315/pycryptodome
lochotzke/pycryptodome
lorenaman/pycryptodome
louishot/pycryptodome
magn3141/pycryptodome
majuscule/pycryptodome
mans0954/pycryptodome
mattevenson/pycryptodome
mattsb42/pycryptodome
maxarmin/pycryptodome
mexicanamerican/pycryptodome
microbet/pycryptodome
mjiujiang/pycryptodome
morristech/pycryptodome
mustakarhu/pycryptodome
ncarve/pycryptodome
nehalrp/pycryptodome
netlovehf/pycryptodome
neville133/pycryptodome
nffly/pycryptodome
nicois/pycryptodome
nicolas3355/pycryptodome
niulinlnc/pycryptodome
nkaminski/pycryptodome
nycto-hackerone/pycryptodome
ojso/pycryptodome
opkl/pycryptodome
oyiptong/pycryptodome
paul94p/pycryptodome
pbeaure/pycryptodome
plattrap/pycryptodome
puddly/pycryptodome
qiuxiangdong/pycryptodome
r4nx/pycryptodome
rafael-vieira-coelho/pycryptodome
rjshaver/pycryptodome
rlittlefield/pycryptodome
romalin99/pycryptodome
rrosajp/pycryptodome
ryanscovill/pycryptodome
sarneaud/pycryptodome
sayoojsamuel/pycryptodome
schlenk/pycryptodome
scourc/pycryptodome
sebastiandragomir/pycryptodome
sharpvik/pycryptodome
shengulong/pycryptodome
shrawant/pycryptodome
siccegge/pycryptodome
simdeveloper/pycryptodome
simon-liu/pycryptodome
siyuanpeng/pycryptodome
specialsymbol/pycryptodome
spz1st/pycryptodome
sseering/pycryptodome
sylvainpelissier/pycryptodome
tcastonzo/pycryptodome
thesquib/pycryptodome
tintinweb/pycryptodome
vesellov/pycryptodome
viponedream/pycryptodome
wangqi01/pycryptodome
xiexiaopeng2016/pycryptodome
xuesong-hu/pycryptodome
xueyumusic/pycryptodome
ymdatta/pycryptodome
youngseaz/pycryptodome
yousha806/pycryptodome
yufi113/pycryptodome
yvette321911/pycryptodome
yylluu/pycryptodome
zcstarr/pycryptodome
zejn/pycryptodome
zerolugithub/pycryptodome
zhangli344236745/pycryptodome
Nothing to show
compare: v3.9.8
Commits on Feb 22, 2020
Commits on Feb 23, 2020
Commits on Feb 29, 2020
Commits on Apr 14, 2020
The receiver should use the same hashing method as the sender
Closing the files after writing to not lost data. Consider using context, e.g.: with open(...) as file_out:
Commits on May 09, 2020
Commits on Jun 14, 2020
Commits on Jun 19, 2020
🗝️ length must be 16 or 24 bytes long, not 8
Commits on Jun 21, 2020
Commits on Jun 22, 2020
Incorrect CFB decryption when the output (plaintext) goes into the input buffer (ciphertext),
before the ciphertext is taken for contribution into the next cipher operation.
@@ -1,6 +1,20 @@
Changelog
=========

3.9.8 (23 June 2020)
++++++++++++++++++++

Resolved issues
---------------
* GH#426: The Shamir's secret sharing implementation is not actually compatible with ``ssss``.
Added an optional parameter to enable interoperability.
* GH#427: Skip altogether loading of ``gmp.dll`` on Windows.
* GH#420: Fix incorrect CFB decryption when the input and the output are the same buffer.

New features
------------
* Speed up Shamir's secret sharing routines. Thanks to ncarve.

3.9.7 (20 February 2020)
++++++++++++++++++++++++

@@ -20,6 +20,7 @@ encryption modes`_ like `GCM`_, `CCM`_ or `SIV`_).
file_out = open("encrypted.bin", "wb")
[ file_out.write(x) for x in (cipher.nonce, tag, ciphertext) ]
file_out.close()
At the other end, the receiver can securely load the piece of data back (if they know the key!).
Note that the code generates a ``ValueError`` exception when tampering is detected.
@@ -53,7 +54,8 @@ At the end, the code prints our the RSA public key in ASCII/PEM format:
file_out = open("rsa_key.bin", "wb")
file_out.write(encrypted_key)
file_out.close()
print(key.publickey().export_key())
The following code reads the private RSA key back in, and then prints again the public key:
@@ -82,10 +84,12 @@ The following code generates public key stored in ``receiver.pem`` and private k
private_key = key.export_key()
file_out = open("private.pem", "wb")
file_out.write(private_key)
file_out.close()
public_key = key.publickey().export_key()
file_out = open("receiver.pem", "wb")
file_out.write(public_key)
file_out.close()
Encrypt data with RSA
~~~~~~~~~~~~~~~~~~~~~
@@ -119,6 +123,7 @@ As in the first example, we use the EAX mode to allow detection of unauthorized
cipher_aes = AES.new(session_key, AES.MODE_EAX)
ciphertext, tag = cipher_aes.encrypt_and_digest(data)
[ file_out.write(x) for x in (enc_session_key, cipher_aes.nonce, tag, ciphertext) ]
file_out.close()
The receiver has the private RSA key. They will use it to decrypt the session key
first, and with that the rest of the file:
@@ -114,7 +114,7 @@ This KDF is not suitable for deriving keys from a password or for key stretching

Example, for deriving two AES256 keys::

from Crypto.Protocol import HKDF
from Crypto.Protocol.KDF import HKDF
from Crypto.Hash import SHA512
from Crypto.Random import get_random_bytes

@@ -1,12 +1,101 @@
Secret Sharing Schemes
======================
This file implements secret sharing protocols.

In a *(k, n)* secret sharing protocol, a honest dealer breaks a secret
into multiple shares that are distributed amongst *n* players.
This module implements the Shamir's secret sharing protocol
described in the paper `"How to share a secret"`__.

The protocol guarantees that nobody can learn anything about the
secret, unless *k* players gather together to assemble their shares.
The secret can be split into an arbitrary number of shares (``n``),
such that it is sufficient to collect just ``k`` of them to reconstruct it (``k < n``).
For instance, one may want to grant 16 people the ability to access a system
with a pass code, at the condition that at least 3 of them are present at
the same time. As they join their shares, the pass code is revealed.
In that case, ``n=16`` and ``k=3``.

In the Shamir's secret sharing scheme, the ``n`` shares are created by first
defining a polynomial of degree ``k-1``:

:math:`q(x) = a_0 + a_1 x + a_2 x^2 + \ldots + a_{k-1} x^{k-1}`

The coefficient :math:`a_0` is fixed with the secret value.
The coefficients :math:`a_1 \ldots a_{k-1}` are random and they are discarded as soon as the shares are created.

Each share is a pair :math:`(x_i, y_i)`, where :math:`x_i` is an arbitrary
but unique number assigned to the share's recipient and :math:`y_i=q(x_i)`.

This implementation has the following properties:

* The secret is a byte string of 16 bytes (e.g. an AES 128 key).
* Each share is a byte string of 16 bytes.
* The recipients of the shares are assigned an integer starting from 1 (share number :math:`x_i`).
* The polynomial :math:`q(x)` is defined over the field GF(:math:`2^{128}`) with
the same irriducible polynomial as used in AES-GCM: :math:`1 + x + x^2 + x^7 + x^{128}`.
* It can be compatible with the popular `ssss`_ tool when used with the 128 bit security level
and no dispersion: the command line arguments must include ``-s 128 -D``.
Note that ``ssss`` uses a slightly different polynomial:

:math:`r(x) = a_0 + a_1 x + a_2 x^2 + \ldots + a_{k-1} x^{k-1} + x^k`

which requires you to specify ``ssss=True`` when calling ``split()`` and ``combine()``.

Each recipient needs to hold both the share number (:math:`x_i`, which is not confidential) and
the secret (which needs to be protected securely).

As an example, the following code shows how to protect a file meant
for 5 people, in such a way that any 2 of them are sufficient to
reassemble it::

>>> from binascii import hexlify
>>> from Crypto.Cipher import AES
>>> from Crypto.Random import get_random_bytes
>>> from Crypto.Protocol.SecretSharing import Shamir
>>>
>>> key = get_random_bytes(16)
>>> shares = Shamir.split(2, 5, key)
>>> for idx, share in shares:
>>> print "Index #%d: %s" % (idx, hexlify(share))
>>>
>>> with open("clear.txt", "rb") as fi, open("enc.txt", "wb") as fo:
>>> cipher = AES.new(key, AES.MODE_EAX)
>>> ct, tag = cipher.encrypt(fi.read()), cipher.digest()
>>> fo.write(nonce + tag + ct)

Each person can be given one share and the encrypted file.

When 2 people gather together with their shares, they can
decrypt the file::

>>> from binascii import unhexlify
>>> from Crypto.Cipher import AES
>>> from Crypto.Protocol.SecretSharing import Shamir
>>>
>>> shares = []
>>> for x in range(2):
>>> in_str = raw_input("Enter index and share separated by comma: ")
>>> idx, share = [ strip(s) for s in in_str.split(",") ]
>>> shares.append((idx, unhexlify(share)))
>>> key = Shamir.combine(shares)
>>>
>>> with open("enc.txt", "rb") as fi:
>>> nonce, tag = [ fi.read(16) for x in range(2) ]
>>> cipher = AES.new(key, AES.MODE_EAX, nonce)
>>> try:
>>> result = cipher.decrypt(fi.read())
>>> cipher.verify(tag)
>>> with open("clear2.txt", "wb") as fo:
>>> fo.write(result)
>>> except ValueError:
>>> print "The shares were incorrect"

.. attention::
Reconstruction may succeed but still produce the incorrect secret
if any of the presented shares is incorrect (due to data corruption
or to a malicious participant).

It is extremely important to also use an authentication mechanism
(such as the EAX cipher mode in the example).

.. __: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.80.8910&rep=rep1&type=pdf
.. _ssss: http://point-at-infinity.org/ssss/

.. automodule:: Crypto.Protocol.SecretSharing
:members:
@@ -22,7 +22,7 @@ At the other end, the receiver can verify the signature (and therefore
the authenticity of the message) using the matching *public* RSA key::

>>> key = RSA.import_key(open('public_key.der').read())
>>> h = SHA.new(message)
>>> h = SHA256.new(message)
>>> try:
>>> pkcs1_15.new(key).verify(h, signature)
>>> print "The signature is valid."
BIN +3.57 KB (130%) Doc/src/util/counter_be.png
Binary file not shown.
@@ -197,12 +197,12 @@ The simplest way to compile the *PyCryptodome* extensions from
source code is to install the minimum set of Visual Studio
components freely made available by Microsoft.

#. **[Once only]** Download `MS Visual Studio 2015 <https://www.visualstudio.com/en-us/downloads/download-visual-studio-vs.aspx>`_
(Community Edition) and install the C/C++ compilers and the redistributable only.
#. **[Once only]** Download `Build Tools for Visual Studio 2019 <https://visualstudio.microsoft.com/downloads/#build-tools-for-visual-studio-2019>`_.
In the installer, select the *C++ build tools*, the *Windows 10 SDK*, and the latest version of *MSVC v142 x64/x86 build tools*.

#. Compile and install PyCryptodome::

> pip install pycryptodomex --no-use-wheel
> pip install pycryptodomex --no-binary :all:

#. To make sure everything work fine, run the test suite::

@@ -70,6 +70,6 @@ For more information, see the `homepage`_.

All the code can be downloaded from `GitHub`_.

.. _`homepage`: http://www.pycryptodome.org
.. _`homepage`: https://www.pycryptodome.org
.. _`GMP`: https://gmplib.org
.. _GitHub: https://github.com/Legrandin/pycryptodome
@@ -97,7 +97,8 @@ def new(key, mode, *args, **kwargs):
:param key:
The secret key to use in the symmetric cipher.
Its length can vary from 5 to 128 bytes.
Its length can vary from 5 to 128 bytes; the actual search space
(and the cipher strength) can be reduced with the ``effective_keylen`` parameter.
:type key: bytes, bytearray, memoryview
:param mode:
@@ -135,6 +136,12 @@ def new(key, mode, *args, **kwargs):
If not provided for ``MODE_EAX``, a random byte string is generated (you
can read it back via the ``nonce`` attribute).
* **effective_keylen** (*integer*) --
Optional. Maximum strength in bits of the actual key used by the ARC2 algorithm.
If the supplied ``key`` parameter is longer (in bits) of the value specified
here, it will be weakened to match it.
If not specified, no limitation is applied.
* **segment_size** (*integer*) --
(Only ``MODE_CFB``).The number of **bits** the plaintext and ciphertext
are segmented in. It must be a multiple of 8.
@@ -116,7 +116,7 @@ def new(key, mode, *args, **kwargs):
:param key:
The secret key to use in the symmetric cipher.
It must be 8 byte long. The parity bits will be ignored.
It must be 16 or 24 byte long. The parity bits will be ignored.
:type key: bytes/bytearray/memoryview
:param mode:
@@ -92,15 +92,15 @@
int __gmpz_divisible_ui_p (const mpz_t n, UNIX_ULONG d);
"""

if sys.platform == "win32":
raise ImportError("Not using GMP on Windows")

lib = load_lib("gmp", gmp_defs)
implementation = {"library": "gmp", "api": backend}

if hasattr(lib, "__mpir_version"):
raise ImportError("MPIR library detected")

if sys.platform == "win32":
raise ImportError("Not using GMP on Windows")

# In order to create a function that returns a pointer to
# a new MPZ structure, we need to break the abstraction
# and know exactly what ffi backend we have

No commit comments for this range