Pycryptodome

++++++++++++++++++++++++

New features
------------
* Add Python 3.8 wheels for Mac.

Resolved issues
---------------
* GH308: Avoid allocating arrays of ``__m128i`` on the stack, to cope with buggy compilers.
* GH322: Remove blanket ``-O3`` optimization for gcc and clang, to cope with buggy compilers.
* GH337: Fix typing stubs for signatures.
* GH338: Deal with gcc installations that don't have ``x86intrin.h``.

++++++++++++++++++++++++

New features
------------
* Add Python 3.8 wheels for Linux and Windows.

Resolved issues
---------------

* GH328: minor speed-up when importing RSA.

+++++++++++++++++++++++

New features
------------

* Add support for loading PEM files encrypted with AES256-CBC.
* Add support for XChaCha20 and XChaCha20-Poly1305 ciphers.
* Add support for bcrypt key derivation function (``Crypto.Protocol.KDF.bcrypt``).
* Add support for left multiplication of an EC point by a scalar.
* Add support for importing ECC and RSA keys in the new OpenSSH format.

Resolved issues
---------------

* GH312: it was not possible to invert an EC point anymore.
* GH316: fix printing of DSA keys.
* GH317: ``DSA.generate()`` was not always using the ``randfunc`` input.
* GH285: the MD2 hash had block size of 64 bytes instead of 16; as result the HMAC construction gave incorrect results.

+++++++++++++++++++++++

Resolved issues
---------------

* GH291: fix strict aliasing problem, emerged with GCC 9.1.

+++++++++++++++++++++++

New features
------------

* Add support for loading PEM files encrypted with AES192-CBC and AES256-GCM.
* When importing ECC keys in PEM format, ignore the redundant EC PARAMS section that was included by certain openssl commands.

Resolved issues
---------------

* ``repr()`` did not work for ``ECC.EccKey`` objects.
* Fix installation in development mode (``setup install develop`` or ``pip install -e .``).
* Minimal length for Blowfish cipher is 32 bits, not 40 bits.
* Various updates to docs.

+++++++++++++++++++++++

New features
------------

* Speed-up ECC performance. ECDSA is 33 times faster on the NIST P-256 curve.
* Added support for NIST P-384 and P-521 curves.
* ``EccKey`` has new methods ``size_in_bits()`` and ``size_in_bytes()``.
* Support HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, and HMAC-SHA512 in PBE2/PBKDF2.

Resolved issues
---------------

* DER objects were not rejected if their length field had a leading zero.
* Allow legacy RC2 ciphers to have 40-bit keys.
* ASN.1 Object IDs did not allow the value 0 in the path.

Breaks in compatibility
-----------------------

* ``point_at_infinity()`` becomes an instance method for ``Crypto.PublicKey.ECC.EccKey``, from a static one.