Releases · tlsfuzzer/python-ecdsa

tl;dr:

Strict checking of DER requirements when parsing SEQUENCE, INTEGER,
OBJECT IDENTIFIER and BITSTRING objects.
DER parsers now consistently raise UnexpectedDER exception on malformed DER
encoded byte strings.
Make sure that both malformed and invalid signatures raise BadSignatureError.
Ensure that all SigningKey and VerifyingKey methods that should accept
bytes-like objects actually do accept them (also avoid copying input strings).
Make SigningKey.sign_digest_deterministic use default object hashfunc when
none was provided.
encode_integer now works for large integers.
Make encode_oid and remove_object correctly handle OBJECT IDENTIFIERs
with large second subidentifier and padding in encoded subidentifiers.

Deterministic signature methods now accept extra_entropy parameter to further
randomise the selection of k (the nonce) for signature, as specified in
RFC6979.
Recovery of public key from signature is now supported.
Support for SEC1/X9.62 formatted keys, all three encodings are supported:
"uncompressed", "compressed" and "hybrid". Both string, and PEM/DER will
automatically accept them, if the size of the key matches the curve.
Benchmarking application now provides performance numbers that are easier to
compare against OpenSSL.
Support for all Brainpool curves (non-twisted).

CurveFp: __str__ is now supported.
SigningKey.sign_deterministic, SigningKey.sign_digest_deterministic and
generate_k: extra_entropy parameter was added
Signature.recover_public_keys was added
VerifyingKey.from_public_key_recovery and
VerifyingKey.from_public_key_recovery_with_digest were added
VerifyingKey.to_string: encoding parameter was added
VerifyingKey.to_der and SigningKey.to_der: point_encoding parameter was
added.
encode_bitstring: unused parameter was added
remove_bitstring: expect_unused parameter was added
SECP256k1 is now part of curves * import
Curves: __repr__ is now supported
VerifyingKey: __repr__ is now supported

Python 2.5 is not supported any more - dead code removal.
from ecdsa.keys import * will now import only objects defined in that module.
Trying to decode a malformed point using VerifyingKey.from_string
will rise now the MalformedPointError exception (that inherits from
AssertionError but is not it).
Multiple functions in numbertheory are considered deprecated: phi,
carmichael, carmichael_of_factorized, carmichael_of_ppower,
order_mod, largest_factor_relatively_prime, kinda_order_mod. They will
now emit DeprecationWarning when used. Run the application or test suite
with -Wd option or with PYTHONWARNINGS=default environment variable to
verify if those methods are not used. They will be removed completely in a
future release.
encode_bitstring and decode_bitstring expect the number of unused
bits to be passed as an argument now. They will emit DeprecationWarning
if they are used in the deprecated way.
modular_exp: will emit DeprecationWarning

Deterministic signatures now verify that the signature won't leak private
key through very unlikely selection of k value (the nonce).
Nonce bit size hiding was added (hardening against Minerva attack). Please
note that it DOES NOT make library secure against side channel attacks (timing
attacks).

The public key in key generation is not verified twice now, making key
generation and private key reading about 33% faster.
Microoptimisation to inverse_mod function, increasing performance by about
40% for all operations.

Extended test coverage to newer python versions.
Fixes to examples in README.md: correct commands, more correct code (now works
on Python 3).
Stopped bundling six
Moved sources into src subdirectory
Made benchmarking script standalone (runnable either with tox -e speed, or
after installation, with python speed.py)
Now test coverage reported to coveralls is branch coverage, not line coverage
Autodetection of curves supported by OpenSSL (test suite compatibility with
Fedora OpenSSL package).
More readable error messages (exceptions) in der module.
Documentation to VerifyingKey, SigningKey and signature encoder/decoder
functions added.
Added measuring and verifying condition coverage to Continuous Integration.
Big clean-up of the test suite, use pytest parametrisation and hypothesis
for better test coverage and more precise failure reporting.
Use platform-provided math.gcd, when provided.