From f3a881e4cb31d574a107320b2f04e2d1f0ddf551 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@koprulu.sector>
Date: Fri, 26 May 2023 15:09:32 +0100
Subject: gentoo auto-resync : 26:05:2023 - 15:09:32

---
 dev-python/spake2/Manifest                         |   3 +-
 .../files/spake2-0.8-do_not_use_hkdf_package.patch | 113 +++++++++++++++++++++
 dev-python/spake2/spake2-0.8-r1.ebuild             |  28 +++++
 dev-python/spake2/spake2-0.8.ebuild                |  24 -----
 4 files changed, 143 insertions(+), 25 deletions(-)
 create mode 100644 dev-python/spake2/files/spake2-0.8-do_not_use_hkdf_package.patch
 create mode 100644 dev-python/spake2/spake2-0.8-r1.ebuild
 delete mode 100644 dev-python/spake2/spake2-0.8.ebuild

(limited to 'dev-python/spake2')

diff --git a/dev-python/spake2/Manifest b/dev-python/spake2/Manifest
index 713e65a50125..2a6b57ef5652 100644
--- a/dev-python/spake2/Manifest
+++ b/dev-python/spake2/Manifest
@@ -1,3 +1,4 @@
+AUX spake2-0.8-do_not_use_hkdf_package.patch 4380 BLAKE2B afc8222c1c562947c4b9ae6be90b7cb0f6f441f0d02677160f54c7c88b0752f2bdd09599ba04ba131cca4c8481c5abb44079ab63ec36788d5937d18cb2c82fcc SHA512 41156d8b43570158b042802c951ab74a84f618c4dc6ed9edc31c3c28dee972a2b80166b9fcae29ca9aa5a5596ca352f42e58f9c6834cfb2bfd5ba2ce093bd82c
 DIST spake2-0.8.gh.tar.gz 62425 BLAKE2B 64215362af26fff0785fdabf4282f7111a4cc917750827075b616f009cb1fa6373fc2325382c26b43c051aa5b94e414ca2a5223d9ab666289eb2d04723b15cb5 SHA512 908c377c831f4a11551973ca917b113d51a66c533d35fd19b2692fdb7e575ed2a5045d9b632bc55c37b68ad092f01dff5da191e9dfbfb5599b72844788438d68
-EBUILD spake2-0.8.ebuild 635 BLAKE2B 51a609794569458dffe2f3c288d26a19bb4efc12d5f9b8b91509be35495ac334ff03acad560a1424f180dd5e0da943b22120a1ff7a452934a97a44a53ecf9179 SHA512 c38a16bb40a5cd7dca004c2f4cac7cb26c5f62e8ca63444a3701cdae3a1c27aac49d6dcb4ad695b62ea101c5841a6dcffa472f690f7b7516e84e784eda124e65
+EBUILD spake2-0.8-r1.ebuild 706 BLAKE2B fd6666eae0ac5ac41ba406ee8c70c3268b15b9b3ecca06f63556641d308efb65ec9e68d7848f161995d49978bfabb8aa5fa514673731a1da21f3c67033f99006 SHA512 97cf1ef487b6e5d9af080f9d65e13eb741da884ac89fd3a23963d65420ee601e50d8501da8bf68d8ae24071434dfb33b7afac58f51cf0d87005436251a0249f6
 MISC metadata.xml 401 BLAKE2B a80b9d771ec1251af6e16f012257a7d1150644cdba64052ff5b70d282c6f27fa57685f675409a3edf30b2c2bc24c85f74b3dd8460999f8497a72e93653183abc SHA512 ecfbcd80d35348bbb1a5469bcca1b06a86ca6fe736d443707e00859400318e5c9bb399e5acf2faaf2771301518741ec93124277f6bf1834454b4406392cf0ea4
diff --git a/dev-python/spake2/files/spake2-0.8-do_not_use_hkdf_package.patch b/dev-python/spake2/files/spake2-0.8-do_not_use_hkdf_package.patch
new file mode 100644
index 000000000000..40e9e17a6843
--- /dev/null
+++ b/dev-python/spake2/files/spake2-0.8-do_not_use_hkdf_package.patch
@@ -0,0 +1,113 @@
+From 930bfabc17748ea3772e6a40b04e84fc4aafcf04 Mon Sep 17 00:00:00 2001
+From: meejah <meejah@meejah.ca>
+Date: Wed, 9 Nov 2022 23:42:33 -0700
+Subject: [PATCH 1/2] use cryptography's HKDF implementation
+
+---
+ setup.py                       |  2 +-
+ src/spake2/ed25519_basic.py    |  2 +-
+ src/spake2/groups.py           | 21 ++++++++++++++-------
+ src/spake2/test/test_compat.py |  9 +++++----
+ 4 files changed, 21 insertions(+), 13 deletions(-)
+
+diff --git a/setup.py b/setup.py
+index 660f055..ba3cc28 100755
+--- a/setup.py
++++ b/setup.py
+@@ -79,5 +79,5 @@ def abbrev(t):
+           "Programming Language :: Python :: 3.6",
+           "Topic :: Security :: Cryptography",
+           ],
+-      install_requires=["hkdf"],
++      install_requires=["cryptography"],
+       )
+diff --git a/src/spake2/ed25519_basic.py b/src/spake2/ed25519_basic.py
+index 1890be7..dbab56d 100644
+--- a/src/spake2/ed25519_basic.py
++++ b/src/spake2/ed25519_basic.py
+@@ -273,7 +273,7 @@ def arbitrary_element(seed): # unknown DL
+     # oversized string (128 bits more than the field size), then reducing
+     # down to Q. But it's comforting, and it's the same technique we use for
+     # converting passwords/seeds to scalars (which *does* need uniformity).
+-    hseed = expand_arbitrary_element_seed(seed, (256/8)+16)
++    hseed = expand_arbitrary_element_seed(seed, int((256/8)+16))
+     y = int(binascii.hexlify(hseed), 16) % Q
+ 
+     # we try successive Y values until we find a valid point
+diff --git a/src/spake2/groups.py b/src/spake2/groups.py
+index de4f75d..66b08e7 100644
+--- a/src/spake2/groups.py
++++ b/src/spake2/groups.py
+@@ -1,6 +1,7 @@
+ from __future__ import division
+ import hashlib
+-from hkdf import Hkdf
++from cryptography.hazmat.primitives.kdf import hkdf
++from cryptography.hazmat.primitives import hashes
+ from .six import integer_types
+ from .util import (size_bits, size_bytes, unbiased_randrange,
+                    bytes_to_number, number_to_bytes)
+@@ -63,9 +64,12 @@
+ 
+ 
+ def expand_password(data, num_bytes):
+-    h = Hkdf(salt=b"", input_key_material=data, hash=hashlib.sha256)
+-    info = b"SPAKE2 pw"
+-    return h.expand(info, num_bytes)
++    return hkdf.HKDF(
++        algorithm=hashes.SHA256(),
++        length=num_bytes,
++        salt=b"",
++        info=b"SPAKE2 pw"
++    ).derive(data)
+ 
+ def password_to_scalar(pw, scalar_size_bytes, q):
+     assert isinstance(pw, bytes)
+@@ -77,9 +81,12 @@ def password_to_scalar(pw, scalar_size_bytes, q):
+     return i % q
+ 
+ def expand_arbitrary_element_seed(data, num_bytes):
+-    h = Hkdf(salt=b"", input_key_material=data, hash=hashlib.sha256)
+-    info = b"SPAKE2 arbitrary element"
+-    return h.expand(info, num_bytes)
++    return hkdf.HKDF(
++        algorithm=hashes.SHA256(),
++        length=num_bytes,
++        salt=b"",
++        info=b"SPAKE2 arbitrary element"
++    ).derive(data)
+ 
+ class _Element:
+     def __init__(self, group, e):
+diff --git a/src/spake2/test/test_compat.py b/src/spake2/test/test_compat.py
+index 3c636be..1c1340c 100644
+--- a/src/spake2/test/test_compat.py
++++ b/src/spake2/test/test_compat.py
+@@ -1,7 +1,8 @@
+ import unittest
+ from binascii import hexlify, unhexlify
+ from hashlib import sha256
+-from hkdf import Hkdf
++from cryptography.hazmat.primitives.kdf import hkdf
++from cryptography.hazmat.primitives import hashes
+ from .myhkdf import HKDF as myHKDF
+ from spake2 import groups, ed25519_group
+ from spake2.spake2 import (SPAKE2_A, SPAKE2_B, SPAKE2_Symmetric,
+@@ -213,14 +214,14 @@ def test_vectors(self):
+     {"salt": "00", "IKM": "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", "info": "", "L": 4, "OKM": "37ad2910"},
+     ]
+ 
+-class HKDF(unittest.TestCase):
++class TestHKDF(unittest.TestCase):
+     def test_vectors(self):
+         for vector in HKDF_TEST_VECTORS:
+             salt = unhexlify(vector["salt"].encode("ascii"))
+             IKM = unhexlify(vector["IKM"].encode("ascii"))
+             info = unhexlify(vector["info"].encode("ascii"))
+-            h = Hkdf(salt=salt, input_key_material=IKM, hash=sha256)
+-            digest = h.expand(info, vector["L"])
++            h = hkdf.HKDF(algorithm=hashes.SHA256(), length=vector["L"], salt=salt, info=info)
++            digest = h.derive(IKM)
+             self.assertEqual(digest, myHKDF(IKM, vector["L"], salt, info))
+             #print(hexlify(digest))
+             expected = vector["OKM"].encode("ascii")
diff --git a/dev-python/spake2/spake2-0.8-r1.ebuild b/dev-python/spake2/spake2-0.8-r1.ebuild
new file mode 100644
index 000000000000..ddda85a403a6
--- /dev/null
+++ b/dev-python/spake2/spake2-0.8-r1.ebuild
@@ -0,0 +1,28 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..11} )
+DISTUTILS_USE_PEP517=setuptools
+
+inherit distutils-r1
+
+DESCRIPTION="python implementation of SPAKE2 password-authenticated key exchange algorithm"
+HOMEPAGE="https://pypi.org/project/spake2/"
+SRC_URI="https://github.com/warner/python-${PN}/archive/refs/tags/v${PV}.tar.gz -> ${P}.gh.tar.gz"
+
+LICENSE="MIT"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+S="${WORKDIR}/python-${P}"
+
+RDEPEND="
+	dev-python/cryptography[${PYTHON_USEDEP}]
+	dev-python/more-itertools[${PYTHON_USEDEP}]"
+
+PATCHES=(
+	"${FILESDIR}"/${P}-do_not_use_hkdf_package.patch
+)
+
+distutils_enable_tests pytest
diff --git a/dev-python/spake2/spake2-0.8.ebuild b/dev-python/spake2/spake2-0.8.ebuild
deleted file mode 100644
index 8fa00484e842..000000000000
--- a/dev-python/spake2/spake2-0.8.ebuild
+++ /dev/null
@@ -1,24 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-PYTHON_COMPAT=( python3_{10..11} )
-DISTUTILS_USE_PEP517=setuptools
-
-inherit distutils-r1
-
-DESCRIPTION="python implementation of SPAKE2 password-authenticated key exchange algorithm"
-HOMEPAGE="https://pypi.org/project/spake2/"
-SRC_URI="https://github.com/warner/python-${PN}/archive/refs/tags/v${PV}.tar.gz -> ${P}.gh.tar.gz"
-
-LICENSE="MIT"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-S="${WORKDIR}/python-${P}"
-
-RDEPEND="
-	dev-python/more-itertools[${PYTHON_USEDEP}]
-	dev-python/hkdf[${PYTHON_USEDEP}]"
-
-distutils_enable_tests pytest
-- 
cgit v1.2.3