Commits on May 3, 2020

1. Update iroha.py …

   I removed the unsafe ed25519 implementation from critical functions: it it still in use when only public information is involved (e.g. verification) but this is not a security problem but it is still very slow. But PyCA's cryptography is used when a private key gets involved. https://github.com/pyca/cryptography is well maintained. So, critical security issues are solved. Still, some things remain to be done: the unsafe ed25519 (see hyperledger-iroha#55) implementation should be completely removed to fully depend on cryptography from PyCA. The latter is faster and remains maintained if imported. The unsafe Ed25519 is also from PyCA (which marked it to be not safe and for testing use only) but was copied to the iroha-python repo, assuming it to be no longer maintained in there. Also, I suggest to remove Ed25519-related functions from IrohaCrypto class in order to use the cryptography module's classes directly. That's faster and easier to maintain on the long term, avoiding many unnecessary functions, serializations, ... in between.

   

   py0xc3 authored May 3, 2020
   Configuration menu

   • View commit details
   • Copy full SHA for 25a00e2
   • Browse repository at this point

   Copy the full SHA

   25a00e2 View commit details

   Browse the repository at this point in the history

2. Update iroha.py …

   Unused module/variable from hyperledger-iroha#58 (2 lgtm-com alerts) solved

   

   py0xc3 authored May 3, 2020
   Configuration menu

   • View commit details
   • Copy full SHA for ee46210
   • Browse repository at this point

   Copy the full SHA

   ee46210 View commit details

   Browse the repository at this point in the history