python3-cryptodome: update to 3.23.0

Update package to 3.23.0. Changes since 3.18.0: 3.19.0: Added ECDH support via Crypto.Protocol.DH; TupleHash128/256 update() can now hash multiple items at once; fixed cffi bug on Windows with Python 3.12+. 3.19.1 (security): Patched side-channel leakage in OAEP decryption that could enable a Manger attack. 3.20.0: Added TurboSHAKE128 and TurboSHAKE256; added Crypto.Hash.new() factory; AES-GCM support for PBES2/PKCS#8 containers; SHA-2/SHA-3 support in PBKDF2 for key containers. 3.21.0: Added Curve25519/X25519 and Curve448/X448 support; added PYCRYPTODOME_DISABLE_GMP env var; RSA keys for PSS can now be imported; fixed Ed25519 point negation; dropped Python 3.5 support. 3.22.0: Added HPKE (RFC 9180) support; CCM cipher now enforces nonce-length data limits; fixed RC4 infinite loop for data >4GB; fixed invalid PEM file handling; dropped Python 3.6 support. 3.23.0: Added Key Wrap (KW/KWP, RFC 3394/5649/NIST SP 800-38F) cipher modes; Windows ARM wheels; fixed HashEdDSA/Ed448 sign/verify mutating XOF state. Refresh 001-fix-libgmp-loading.patch and 002-omit-tests.patch for the updated source (hunk offsets shifted by 2-4 lines due to new functions). Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
2026-04-15 10:51:55 +00:00 · 2026-04-09 08:31:24 +03:00
parent 4af33e05a9
commit 066225fb1e
4 changed files with 27 additions and 4 deletions
--- a/lang/python/python-cryptodome/Makefile
+++ b/lang/python/python-cryptodome/Makefile
@@ -5,11 +5,11 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=python-cryptodome
-PKG_VERSION:=3.18.0
+PKG_VERSION:=3.23.0
 PKG_RELEASE:=1

 PYPI_NAME:=pycryptodome
-PKG_HASH:=c9adee653fc882d98956e33ca2c1fb582e23a8af7ac82fee75bd6113c55a0413
+PKG_HASH:=447700a657182d60338bab09fdb27518f8856aecd80ae4c6bdddb67ff5da44ef

 PKG_LICENSE:=Public-Domain BSD-2-Clause
 PKG_LICENSE_FILES:=LICENSE.rst
--- a/lang/python/python-cryptodome/patches/001-fix-libgmp-loading.patch
+++ b/lang/python/python-cryptodome/patches/001-fix-libgmp-loading.patch
@@ -1,6 +1,6 @@
 --- a/lib/Crypto/Math/_IntegerGMP.py
 +++ b/lib/Crypto/Math/_IntegerGMP.py
-@@ -97,7 +97,7 @@ gmp_defs = """typedef unsigned long UNIX
+@@ -99,7 +99,7 @@ gmp_defs = """typedef unsigned long UNIX
 if sys.platform == "win32":
     raise ImportError("Not using GMP on Windows")
 
--- a/lang/python/python-cryptodome/patches/002-omit-tests.patch
+++ b/lang/python/python-cryptodome/patches/002-omit-tests.patch
@@ -1,6 +1,6 @@
 --- a/setup.py
 +++ b/setup.py
-@@ -276,6 +276,9 @@ package_data = {
+@@ -280,6 +280,9 @@ package_data = {
     "Crypto.Util" : [ "*.pyi" ],
 }
 
--- a/lang/python/python-cryptodome/test.sh
+++ b/lang/python/python-cryptodome/test.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+[ "$1" = python3-pycryptodome ] || exit 0
+
+python3 - << 'EOF'
+from Crypto.Cipher import AES
+from Crypto.Random import get_random_bytes
+from Crypto.Hash import SHA256
+
+# AES-GCM encrypt/decrypt
+key = get_random_bytes(16)
+cipher = AES.new(key, AES.MODE_GCM)
+ciphertext, tag = cipher.encrypt_and_digest(b"hello, world!")
+
+cipher2 = AES.new(key, AES.MODE_GCM, nonce=cipher.nonce)
+plaintext = cipher2.decrypt_and_verify(ciphertext, tag)
+assert plaintext == b"hello, world!"
+
+# SHA256
+h = SHA256.new(b"test data")
+digest = h.hexdigest()
+assert len(digest) == 64
+EOF