gentoo Easter resync : 12.04.2020

author: V3n3RiX <venerix@redcorelinux.org> 2020-04-12 03:41:30 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2020-04-12 03:41:30 +0100
commit: 623ee73d661e5ed8475cb264511f683407d87365 (patch)
tree: 993eb27c93ec7a2d2d19550300d888fc1fed9e69 /dev-python/rsa
parent: ceeeb463cc1eef97fd62eaee8bf2196ba04bc384 (diff)
4 files changed, 3 insertions, 157 deletions
diff --git a/dev-python/rsa/Manifest b/dev-python/rsa/Manifest
index df37d541b3d4..77572326a0f7 100644
--- a/dev-python/rsa/Manifest
+++ b/dev-python/rsa/Manifest
@@ -1,8 +1,5 @@
-AUX rsa-3.2.3-CVE-2016-1494.patch 3843 BLAKE2B 94721282f4079aa0a77813dd8ad1c0aefd0924272d4e2b3e8a6ad745375bafb6b6fe5e50af621232df632a1f2261be097fde92b5ad3f57b74ff7976c22daa9bc SHA512 9150b25bc1a9dacc8eee0fb93d46b9d024c868d540097b9166be9a7879fe116d8fd47cacaaf5614b86cd44e7cd10602a0ad290eb2ef116539683101d4057a231
-DIST rsa-3.2.3.tar.gz 35628 BLAKE2B fa30e8212d0102b7763a5e8eb408d0778520d85d9428e12b603fdfa5982c559682c04fec2eac4723a8c9e06c9ed77365021a832c8ad96b07fa07eb93c5a626e2 SHA512 52b33e0278e6e1fed64b1cdebed29f7caa31fae733c2d5875e6cba5a045aaa829616799d8de84fdb63c546780dbdafcabf1f85f25930b8e663861151479ef7e2
 DIST rsa-3.4.2.tar.gz 40956 BLAKE2B 9a6353c84329303c655e7a25fcfa2ca42ea846c913fac0c26fee4a27bb85f9380de876b2ec07ae2212eb37efe5d2e401b2672f187f74bbeee1e9ef1099629e36 SHA512 62b0ff31fb3b9c18ae65bd102329e69726b853560576b1b66b9b89b26d3ff79154239af7e7a581b6a27c7017cc013f738762cd9662777ef594cc11c5b1f8e267
 DIST rsa-4.0.tar.gz 37385 BLAKE2B 2621ee732f15ea12283b723efb5e88847d3e030e8115bb4a3e986099fc94adc3409202d54b4350b0888deefd8dc801d8d3e57fef9e85f386ead53e4412da6d05 SHA512 e11106741cc4275246c986d39b3f028b5a4df6fbffdd08a78072ac3d3a9a7ade7a39789c504a2705f54d858a9bdbf03981251f32f9c45baba71e4a986e14b24e
-EBUILD rsa-3.2.3-r1.ebuild 784 BLAKE2B 804597420f8014479c34797796034a3a9aa8493c0a54b3ac12a55d96b77eefabd802e2c16533dadf38a1add960181a234df44c0dcabf124818b261e691427eef SHA512 fdb49c958df2a4acd20afc6ab564d99c32d5874643a7f87c0fac820f4a245105fa4f9a209d2d29b7be4dfeb00a3f3ea6a55f193bf1b15d060ff325dc9e34eed8
 EBUILD rsa-3.4.2-r1.ebuild 726 BLAKE2B 1148a8eac8fff822edad880881c00287cb6b524f8de887803c2dd9e74170474d84c26294115d2ae5eb59ba6ba1c4a78eef00ed320ab4a0afe102344f1db1eeab SHA512 1cdb51bc1b094f54e9af7a2e598ac7d2a2865fd81352d6b614aa1a7864eafd52a2e7b5bdb747d6bb4d6d6e67ac27097eb61548563583db1e6eb6c7b1ac432fae
-EBUILD rsa-4.0.ebuild 726 BLAKE2B 1148a8eac8fff822edad880881c00287cb6b524f8de887803c2dd9e74170474d84c26294115d2ae5eb59ba6ba1c4a78eef00ed320ab4a0afe102344f1db1eeab SHA512 1cdb51bc1b094f54e9af7a2e598ac7d2a2865fd81352d6b614aa1a7864eafd52a2e7b5bdb747d6bb4d6d6e67ac27097eb61548563583db1e6eb6c7b1ac432fae
+EBUILD rsa-4.0.ebuild 556 BLAKE2B 8d0fec43176c96fcb1fcc08de39c8ad226bdee5d2c4589a6a2978c0c7100a86f0f5bc0ec6528182804028686da20655ed95a90385bba9df92ceb83c96d95fd3c SHA512 ba087c9de817750149df7b80394d3b1383f2cac75a9df48169cdb4bacf95d09ffb0a54b0fd5b652e19e23861c6ab755ceca568a1f4d49b0fc81662b35291d0f9
 MISC metadata.xml 316 BLAKE2B fd1e4f7bdee45f5ab99e67cc3918634b9ac5ecfad75167aad5f2ee33cea308f99d8d03aab5b5e0c01e8c1bf41ca8a45f67146c5126f84af4b6d914f58af0ea38 SHA512 4d8c48ae8e4360727f5c4b83e426f42a597a175dfa2a965c9f966e5824a83291c78d3e8e636d21b4f28d73f7e912abc7db1b09078baaa0e3a1b25713abd3d0a1
diff --git a/dev-python/rsa/files/rsa-3.2.3-CVE-2016-1494.patch b/dev-python/rsa/files/rsa-3.2.3-CVE-2016-1494.patch
deleted file mode 100644
index bfcfc33ed01b..000000000000
--- a/dev-python/rsa/files/rsa-3.2.3-CVE-2016-1494.patch
+++ /dev/null
@@ -1,104 +0,0 @@
-# HG changeset patch
-# User Filippo Valsorda <hi@filippo.io>
-# Date 1450226563 0
-# Node ID 0cbcc529926afd61c6df4f50cfc29971beafd2c2
-# Parent  2baab06c8b867b01ec82b02118d4872a931a0437
-Fix BB'06 attack in verify() by switching from parsing to comparison
-
-diff --git a/rsa/pkcs1.py b/rsa/pkcs1.py
---- a/rsa/pkcs1.py
-+++ b/rsa/pkcs1.py
-@@ -22,10 +22,10 @@
- At least 8 bytes of random padding is used when encrypting a message. This makes
- these methods much more secure than the ones in the ``rsa`` module.
- 
--WARNING: this module leaks information when decryption or verification fails.
--The exceptions that are raised contain the Python traceback information, which
--can be used to deduce where in the process the failure occurred. DO NOT PASS
--SUCH INFORMATION to your users.
-+WARNING: this module leaks information when decryption fails. The exceptions
-+that are raised contain the Python traceback information, which can be used to
-+deduce where in the process the failure occurred. DO NOT PASS SUCH INFORMATION
-+to your users.
- '''
- 
- import hashlib
-@@ -288,37 +288,23 @@
-     :param pub_key: the :py:class:`rsa.PublicKey` of the person signing the message.
-     :raise VerificationError: when the signature doesn't match the message.
- 
--    .. warning::
--
--        Never display the stack trace of a
--        :py:class:`rsa.pkcs1.VerificationError` exception. It shows where in
--        the code the exception occurred, and thus leaks information about the
--        key. It's only a tiny bit of information, but every bit makes cracking
--        the keys easier.
--
-     '''
-     
--    blocksize = common.byte_size(pub_key.n)
-+    keylength = common.byte_size(pub_key.n)
-     encrypted = transform.bytes2int(signature)
-     decrypted = core.decrypt_int(encrypted, pub_key.e, pub_key.n)
--    clearsig = transform.int2bytes(decrypted, blocksize)
--
--    # If we can't find the signature  marker, verification failed.
--    if clearsig[0:2] != b('\x00\x01'):
--        raise VerificationError('Verification failed')
-+    clearsig = transform.int2bytes(decrypted, keylength)
-     
--    # Find the 00 separator between the padding and the payload
--    try:
--        sep_idx = clearsig.index(b('\x00'), 2)
--    except ValueError:
--        raise VerificationError('Verification failed')
--    
--    # Get the hash and the hash method
--    (method_name, signature_hash) = _find_method_hash(clearsig[sep_idx+1:])
-+    # Get the hash method
-+    method_name = _find_method_hash(clearsig)
-     message_hash = _hash(message, method_name)
- 
--    # Compare the real hash to the hash in the signature
--    if message_hash != signature_hash:
-+    # Reconstruct the expected padded hash
-+    cleartext = HASH_ASN1[method_name] + message_hash
-+    expected = _pad_for_signing(cleartext, keylength)
-+
-+    # Compare with the signed one
-+    if expected != clearsig:
-         raise VerificationError('Verification failed')
- 
-     return True
-@@ -351,24 +337,20 @@
-     return hasher.digest()
- 
- 
--def _find_method_hash(method_hash):
--    '''Finds the hash method and the hash itself.
-+def _find_method_hash(clearsig):
-+    '''Finds the hash method.
-     
--    :param method_hash: ASN1 code for the hash method concatenated with the
--        hash itself.
-+    :param clearsig: full padded ASN1 and hash.
-     
--    :return: tuple (method, hash) where ``method`` is the used hash method, and
--        ``hash`` is the hash itself.
-+    :return: the used hash method.
-     
-     :raise VerificationFailed: when the hash method cannot be found
- 
-     '''
- 
-     for (hashname, asn1code) in HASH_ASN1.items():
--        if not method_hash.startswith(asn1code):
--            continue
--        
--        return (hashname, method_hash[len(asn1code):])
-+        if asn1code in clearsig:
-+            return hashname
-     
-     raise VerificationError('Verification failed')
- 
diff --git a/dev-python/rsa/rsa-3.2.3-r1.ebuild b/dev-python/rsa/rsa-3.2.3-r1.ebuild
deleted file mode 100644
index 0abc603ef08d..000000000000
--- a/dev-python/rsa/rsa-3.2.3-r1.ebuild
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-PYTHON_COMPAT=( python3_{6,7} )
-
-inherit distutils-r1
-
-DESCRIPTION="Pure-Python RSA implementation"
-HOMEPAGE="https://stuvel.eu/rsa https://pypi.org/project/rsa/"
-SRC_URI="mirror://pypi/${P:0:1}/${PN}/${P}.tar.gz"
-
-LICENSE="Apache-2.0"
-SLOT="0"
-KEYWORDS="amd64 arm x86"
-IUSE="test"
-RESTRICT="!test? ( test )"
-
-RDEPEND="
-	>=dev-python/pyasn1-0.1.3[${PYTHON_USEDEP}]
-	dev-python/traceback2[${PYTHON_USEDEP}]
-	"
-DEPEND="${RDEPEND}
-	>=dev-python/setuptools-0.6.10[${PYTHON_USEDEP}]
-	test? (
-		dev-python/nose[${PYTHON_USEDEP}]
-		dev-python/unittest2[${PYTHON_USEDEP}]
-		)
-	"
-
-PATCHES=(
-	"${FILESDIR}"/${P}-CVE-2016-1494.patch
-)
-
-python_test() {
-	nosetests --verbose || die
-}
diff --git a/dev-python/rsa/rsa-4.0.ebuild b/dev-python/rsa/rsa-4.0.ebuild
index bc2b7755ef5e..8a8dcfe16ba9 100644
--- a/dev-python/rsa/rsa-4.0.ebuild
+++ b/dev-python/rsa/rsa-4.0.ebuild
@@ -14,21 +14,12 @@ SRC_URI="mirror://pypi/${P:0:1}/${PN}/${P}.tar.gz"
 
 LICENSE="Apache-2.0"
 SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~x86"
+KEYWORDS="amd64 arm ~arm64 x86"
 IUSE="test"
 RESTRICT="!test? ( test )"
 
 RDEPEND="
 	>=dev-python/pyasn1-0.1.3[${PYTHON_USEDEP}]
-	dev-python/traceback2[${PYTHON_USEDEP}]
-	"
-DEPEND="${RDEPEND}
-	test? (
-		dev-python/nose[${PYTHON_USEDEP}]
-		dev-python/unittest2[${PYTHON_USEDEP}]
-		)
 	"
 
-python_test() {
-	nosetests --verbose || die
-}
+distutils_enable_tests unittest
author	V3n3RiX <venerix@redcorelinux.org>	2020-04-12 03:41:30 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2020-04-12 03:41:30 +0100
commit	623ee73d661e5ed8475cb264511f683407d87365 (patch)
tree	993eb27c93ec7a2d2d19550300d888fc1fed9e69 /dev-python/rsa
parent	ceeeb463cc1eef97fd62eaee8bf2196ba04bc384 (diff)