import hashlib # used in make_ds() to avoid pycrypto dependency
from io import BytesIO
import struct
+import sys
import time
import dns.exception
elif _is_eddsa(rrsig.algorithm):
keyptr = candidate_key.key
- if not _have_ecpy:
- raise ImportError('DNSSEC validation for algorithm %u requires ecpy library' % rrsig.algorithm)
+ if not (_have_ecpy and sys.version_info >= (3, 6)):
+ raise ImportError('DNSSEC validation for algorithm %u requires ecpy library and Python 3.6 or newer' % rrsig.algorithm)
if rrsig.algorithm == ED25519:
curve = 'Ed25519'
else:
Dnspython can do simple DNSSEC signature validation, but currently has no
facilities for signing. In order to use DNSSEC functions, you must have
``pycryptodome`` or ``pycryptodomex`` installed. In order to use the EdDSA
-algorithms, you must also have ``ecpy`` installed.
+algorithms, you must also be running Python 3.6 or later and have
+``ecpy`` installed.
DNSSEC Functions
----------------
If ``pycryptodome`` / ``pycryptodomex`` is installed, then dnspython will be
able to do low-level DNSSEC RSA, DSA, and ECDSA signature validation.
-If ``ecpy`` is installed as well, then dnspython will be able to do low-level
-EdDSA signature verification.
+If using Python 3.6 or later and ``ecpy`` is installed as well, then dnspython
+will be able to do low-level EdDSA signature verification.
If ``idna`` is installed, then IDNA 2008 will be available.
projects / thirdparty / dnspython.git / commitdiff
