* fix wrong error message in AES implementation (Bernt Røskar Brenna)
* fix API break caused by the workaround for Bleichenbacher; RSA keys generated
in-memory with m2crypto wouldn't work for decryption/encryption
* handle too short RSA ciphertexts for the key size consistently between
backends
Workaround CVE-2020-26263 - Bleichenbacher oracle in RSA decryption.
Please note that while the code was fortified, because of peculiarities of
python, it's not possible to fully fix it. If you require resistance against
side-channel attacks please use a different library.
Various optimizations in RSA, certificate selection and PRF.
libressl by a factor between 4 and 6. I sent this for py3-tlsfuzzer
which was ok kmos, jca.
jca subsequently convinced me to move the dependency to tlslite-ng.
I highly suspect this is not needed but it's too tempting to just bump
three ports and forget about it.
No objection from tb@ (py-tlslite-ng maintainer)
ok kmos sthen
tlslite-ng is an open source python library that implements the SSL and
TLS cryptographic protocols. It can be used either as a standalone
wrapper around the python socket interface or as a backend for multiple
other libraries.
