Workflow

Fastecdsa

Latest version: v2.3.2

Safety actively analyzes 685670 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 2 of 3

2.2.0

Not secure
Added
- Support for python3.9

Removed
- Support for python3.5

Fixed
- Multiplying by negative scalars (issue 70)
- Reading and writing keys to disk using encoders that output bytes (PR 62)

Updated
- `fastecdsa.keys.import_key` now has a consistent return type (`Tuple[Optional[int], Point]`) for public and private
keys. Previously public key imports returned `Point`, they now return `Tuple[None, Point]`, in other words a tuple
with the first entry being `None` (the private key) and the second entry being the point representing the public key.

2.1.5

Not secure
Fixed
- Timing leakage from nonce bit length aka the [Minerva](https://minerva.crocs.fi.muni.cz/) vulnerability (PR #60)

2.1.4

Not secure
Fixed
- Reduction by base point order in scalar multiplication breaks when input point does not have that order (PR 58)
- Edge case for curves with order 2 was not handled (PR 58)
- Signature verification of pre-hashed messages broken (PR 56)

2.1.3

Not secure
Fixed
- Multiplying base point by curve order caused an error (issue 54)

2.1.2

Not secure
Fixed
- Point at infinity handling in C extensions (issue 52)
- DER signature decoding that assumed length was always encoded in one byte

2.1.1

Not secure
Fixed
- RFC6979 nonce generation for signatures on pre-hashed messages (issue 46)

Page 2 of 3

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.