Tagged: security

These blog posts have all been tagged with security. These tags appear to be related:

17 Mar
Python-RSA 3.4 released

Python-RSA 3.4 has been released! This is the first release from GitHub, and contains a lot of improvements by myself, Michael Manganiello, and Filippo Valsorda, including the solution for a side-channel vulnerability.

Get it while it's hot at the Python Package Index, or just install with pip install --upgrade rsa.

Click here for more details and a plan for the future.

18 Jan
New website & Python-RSA 3.3

You won't notice it, but you're now on my new website. The look is still the same, but under the hood a lot has changed. This includes the blog being fixed again, so that I can actually write new posts! Can you imagine, I didn't blog a single thing in 2015.... well, that'll change.

Python-RSA 3.3 has been released! This release fixes a security leak, which was filed under CVE-2016-1494. As always, you can get the new version from the Python Package Index.

30 Jul
Moving from pwsafe to KeePass

My favourite password management tool, pwsafe, is getting old. It's no longer part of Ubuntu and I've had to compile it myself for quite a while now. It's also not supported on Android, and shows other signs of aging. So, I moved to KeePass. Exporting my database to CSV was simple, and to make the job of importing it correctly into KeePass even easier, I wrote a simple Python script.

Click to see the code...

22 Feb
Python-RSA version 3.1.4 released

Hacking, the analog way

It's been a while since I've been working on my RSA library, and in the last weeks I've released a few new minor versions. Here are the differences since my last blog post about it:

  • Fixed Python 3.x incompatibilities.

  • Dropped support for Python 2.5.

  • Added support for loading public keys from OpenSSL

  • rsa.pkcs1.verify() returns True when successful (thanks Tim Heckman)

  • First updated Distribute (thanks Jason R. Coombs), later replaced Distribute with Setuptools.

  • Fixed typo in pyrsa-verify help message

17 Jun
Python-RSA version 3.1.1 released

Hacking, the analog way

Python-RSA version 3.1.1 has been released. A lot of things have been improved, thanks to Yesudeep Mangalapilly.

  • Much, much faster

  • Compatibility with Python 3.2

  • Lot of bug fixes

Check the Python-RSA page for more information!

Observant readers may have noticed that I snuck in a tiny minor release. Version 3.1.1 introduces full Python 3.2 compatibility for the key saving/loading stuff as well, and fixes some doctests for Python 2.7. Nothing in the actual RSA stuff was changed.

05 Aug
Python-RSA version 3.0 released

Hacking, the analog way

Python-RSA version 3.0 has been released. A lot of things have been improved:

  • Much more secure

  • Following industrial standard PKCS#1; this means compatibility with OpenSSL

  • Ability to create and verify detached signatures

  • More elegant method of encrypting large files

  • Ability to save and load keys in PEM and DER format

  • Extensive documentation

  • More efficient key generation

Check the Python-RSA page for more information!

photo hosted on Flickr

Update: in the mean time 3.0.1 has been released, which removes an import of the "abc" module. This should make the code compatible with Python 2.5 again. All the documentation (including installation instructions) are the same as before.

28 Jul
Eclipse doesn't support AES-encrypted SSH keys

Today all of a sudden I couldn't commit to CVS any more. Eclipse refused to accept my SSH key passphrase. When trying to load the file, Eclipse tells me failed to decrypt id_rsa.

I recently re-encrypted my private key using ssh-keygen -p, which used AES for the encryption. It turned out that Eclipse doesn't support that.

The solution is quite simple: use openssl to re-encrypt using DES3:

cd ~/.ssh
openssl rsa -in id_rsa -out id_rsa-eclipse -des3
mv id_rsa-eclipse id_rsa

Please note that you may need to restart Eclipse, as it may cache your old key.

09 Jan
Version 2.0 of RSA module

Hacking, the analog way

A guy named Dave sent me an email today, telling me that my RSA implementation was rather insecure due to the use of the "pickle" Python module. Fortunately I had some nice improvements by Barry Mead already in version control, eagerly waiting to be released. Well, Dave gave me a nice insentive to round up Barry's improvements and send version 2.0 into the world.

Please note that it's a backward-incompatible change. The RSA page shows how you can re-encrypt your data to be compatible (and more secure!) again.

22 Jan
RSA version 1.3 released

A new version of my pure-Python RSA implementation has been released. The one major change is improved compatibility with Windows.

Download EGG files for Python 2.4, Python 2.5 or the source package at the Python Package index.