[Fedora-legal-list] python ecdsa module
Orion Poplawski <orion@...
2014-02-20 21:24:15 GMT
I'm looking to package this:
needed by python-paramiko-0.12.X.
This library provides key generation, signing, and verifying, for five
popular NIST "Suite B" GF(p) curves, with key lengths of 192, 224, 256, 384,
and 521 bits. The "short names" for these curves, as known by the OpenSSL
tool, are: prime192v1, secp224r1, prime256v1, secp384r1, and secp521r1.
Now from following the openssl discussions it appears that only selective
curves are being allowed in Fedora - and specific ones can be requested.
At the moment it appears that prime256v1, secp384r1, and secp521r1 are
operational in openssl, but that prime192v1 and secp224r1 are not. I've filed
https://bugzilla.redhat.com/show_bug.cgi?id=1067697 requesting that they be
In the meantime, can I ship the python-ecdsa package as is? Do I need to
disable the prime192v1 and secp224r1 code in it first? Is removing it in a
patch okay, or do I need to ship a sanitized source tarball?