commit | 4cdca5f202acdda6c946d5335b2c408be0f87b19 | [log] [tgz] |
---|---|---|
author | Saif Hakim <saif@benchling.com> | Tue Feb 16 09:40:51 2021 |
committer | Sybren A. Stüvel <sybren@stuvel.eu> | Wed Mar 24 09:26:21 2021 |
tree | b9f4ffcb009e1f986d7745920e56bd6d0a40af85 | |
parent | 72f8f7214909006c39a2c98c6a65538601b0dd3d [diff] |
Fix hashlib mypy types for Python 3.x As captured in https://github.com/python/typeshed/pull/1663, the types for SHA-1 and SHA-2 family of functions are callables that return a Hash instance, whilst the SHA-3 family of functions are Hash `type`s (at least in Python 3.6). Mixing the two kinds of functions together in a dictionary confuses mypy's type inference as noted in #153, so we instead add an annotation as a hint. Also, update test_my.py to match the python version set by tox.ini in CI instead of always targeting Python 3.7 (as configured in setup.cfg) to validate the types in all supported Python 3.x versions. This fix also avoids the issue with the older mypy releases for Python 3.6 / Python 3.7 found in distro repos... ... for Ubuntu: ``` docker run \ -v $(pwd):/tmp/rsa \ -w /tmp/rsa ubuntu:18.04 \ /bin/bash -c 'apt-get update -qqy \ && apt-get install -qqy python3-pyasn1 python3-setuptools python3-mypy \ && python3 setup.py test' ``` ... and for Fedora: ``` docker run \ -v $(pwd):/tmp/rsa \ -w /tmp/rsa docker.io/fedora \ /bin/bash -c 'dnf -y install wget python3-devel python3-pyasn1 python3-setuptools python3-mypy \ && python3 setup.py test' ``` Fixes #153
Python-RSA is a pure-Python RSA implementation. It supports encryption and decryption, signing and verifying signatures, and key generation according to PKCS#1 version 1.5. It can be used as a Python library as well as on the commandline. The code was mostly written by Sybren A. Stüvel.
Documentation can be found at the Python-RSA homepage. For all changes, check the changelog.
Download and install using:
pip install rsa
or download it from the Python Package Index.
The source code is maintained at GitHub and is licensed under the Apache License, version 2.0
Because of how Python internally stores numbers, it is very hard (if not impossible) to make a pure-Python program secure against timing attacks. This library is no exception, so use it with care. See https://securitypitfalls.wordpress.com/2018/08/03/constant-time-compare-in-python/ for more info.
python3 -m venv .venv . ./.venv/bin/activate pip install poetry poetry install
. ./.venv/bin/activate poetry publish --build