v3.21.0 - Bourdeaux (pycryptodomex)

New features

• By setting the PYCRYPTODOME_DISABLE_GMP environment variable,
  the GMP library will not be used even if detected.
• Add support for Curve25519 / X25519.
• Add support for Curve448 / X448.
• Add attribute curve to EccPoint and EccXPoint classes,
  with the canonical name of the curve.
• GH#781: the label for the SP800_108_Counter KDF may now
  contain zero bytes. Thanks to Julien Rische.
• GH#814: RSA keys for PSS can be imported.

Resolved issues

• GH#810: fixed negation of Ed25519 points.
• GH#819: accept an RFC5916 ECPrivateKey even if it doesn't
  contain any of the optional elements
  (parameters [0] and publicKey[1]).

Other changes

• Remove support for Python 3.5.

v3.21.0 - Bourdeaux

New features

• By setting the PYCRYPTODOME_DISABLE_GMP environment variable,
  the GMP library will not be used even if detected.
• Add support for Curve25519 / X25519.
• Add support for Curve448 / X448.
• Add attribute curve to EccPoint and EccXPoint classes,
  with the canonical name of the curve.
• GH#781: the label for the SP800_108_Counter KDF may now
  contain zero bytes. Thanks to Julien Rische.
• GH#814: RSA keys for PSS can be imported.

Resolved issues

• GH#810: fixed negation of Ed25519 points.
• GH#819: accept an RFC5916 ECPrivateKey even if it doesn't
  contain any of the optional elements
  (parameters [0] and publicKey[1]).

Other changes

• Remove support for Python 3.5.

v3.20.0 - Amiens (pycryptodomex)

New features

• Added support for TurboSHAKE128 and TurboSHAKE256.
• Added method Crypto.Hash.new() to generate a hash
  object given a hash name.
• Added support for AES-GCM encryption of PBES2 and PKCS#8
  containers.
• Added support for SHA-2 and SHA-3 algorithms in PBKDF2
  when creating PBES2 and PKCS#8 containers.
• Export of RSA keys accepts the prot_params dictionary
  as parameter to control the number of iterations for PBKDF2
  and scrypt.
• C unit tests also run on non-x86 architectures.

Resolved issues

• GH#787: Fixed autodetect logic for GCC 14 in combination with LTO.

v3.20.0 - Amiens

New features

• Added support for TurboSHAKE128 and TurboSHAKE256.
• Added method Crypto.Hash.new() to generate a hash
  object given a hash name.
• Added support for AES-GCM encryption of PBES2 and PKCS#8
  containers.
• Added support for SHA-2 and SHA-3 algorithms in PBKDF2
  when creating PBES2 and PKCS#8 containers.
• Export of RSA keys accepts the prot_params dictionary
  as parameter to control the number of iterations for PBKDF2
  and scrypt.
• C unit tests also run on non-x86 architectures.

Resolved issues

• GH#787: Fixed autodetect logic for GCC 14 in combination with LTO.

v3.19.1 - Zeil (pycryptodomex)

Resolved issues

• Fixed a side-channel leakage with OAEP decryption that could be
  exploited to carry out a Manger attack. Thanks to Hubert Kario.

v3.19.1 - Zeil

Resolved issues

• Fixed a side-channel leakage with OAEP decryption that could be
  exploited to carry out a Manger attack. Thanks to Hubert Kario.

v3.19.0 - Ulm (pycryptodomex)

New features

• The update() methods of TupleHash128 and TupleHash256 objects
  can now hash multiple items (byte strings) at once.
  Thanks to Sylvain Pelissier.
• Added support for ECDH, with Crypto.Protocol.DH.

Resolved issues

• GH#754: due to a bug in cffi, do not use it on Windows with Python 3.12+.

v3.19.0 - Ulm

New features

• The update() methods of TupleHash128 and TupleHash256 objects
  can now hash multiple items (byte strings) at once.
  Thanks to Sylvain Pelissier.
• Added support for ECDH, with Crypto.Protocol.DH.

Resolved issues

• GH#754: due to a bug in cffi, do not use it on Windows with Python 3.12+.

v3.18.0 - Trier (pycryptodomex)

New features

• Added support for DER BOOLEAN encodings.

• The library now compiles on Windows ARM64. Thanks to Niyas Sait.

  Resolved issues

---

• GH#722: nonce attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.
• GH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.
• GH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.
• Correctly check that the scalar matches the point when importing an ECC private key.

v3.18.0 - Trier

New features

• Added support for DER BOOLEAN encodings.

• The library now compiles on Windows ARM64. Thanks to Niyas Sait.

  Resolved issues

---

• GH#722: nonce attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.
• GH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.
• GH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.
• Correctly check that the scalar matches the point when importing an ECC private key.