From 09301ae9f547c534d3120f2b24f376f7931b6ec6 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Micha=C5=82=20G=C3=B3rny?= Date: Sat, 23 May 2020 11:28:17 +0200 Subject: [PATCH] dev-python/pycrypto: Remove last-rited pkg MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Closes: https://bugs.gentoo.org/703682 Signed-off-by: Michał Górny --- dev-python/pycrypto/Manifest | 1 - .../files/pycrypto-2.6.1-CVE-2013-7459.patch | 88 ------------------- .../files/pycrypto-2.6.1-cross-compile.patch | 13 --- dev-python/pycrypto/metadata.xml | 34 ------- dev-python/pycrypto/pycrypto-2.6.1-r2.ebuild | 76 ---------------- profiles/base/package.use.mask | 1 - profiles/package.mask | 6 -- 7 files changed, 219 deletions(-) delete mode 100644 dev-python/pycrypto/Manifest delete mode 100644 dev-python/pycrypto/files/pycrypto-2.6.1-CVE-2013-7459.patch delete mode 100644 dev-python/pycrypto/files/pycrypto-2.6.1-cross-compile.patch delete mode 100644 dev-python/pycrypto/metadata.xml delete mode 100644 dev-python/pycrypto/pycrypto-2.6.1-r2.ebuild diff --git a/dev-python/pycrypto/Manifest b/dev-python/pycrypto/Manifest deleted file mode 100644 index 785c20a83c47..000000000000 --- a/dev-python/pycrypto/Manifest +++ /dev/null @@ -1 +0,0 @@ -DIST pycrypto-2.6.1.tar.gz 446240 BLAKE2B 89c9cc5b8cbd446364bd56c170c2733b960ec269a6691085392b3cc0ebc2eb244721f6763ed72a1254f90bfaadee2cc1a8446865a95fca19ffb36700d89711a9 SHA512 20a4aed4dac4e9e61d773ebc1d48ea577e9870c33f396be53d075a9bf8487d93e75e200179882d81e452efd0f6751789bac434f6f431b3e7c1c8ef9dba392847 diff --git a/dev-python/pycrypto/files/pycrypto-2.6.1-CVE-2013-7459.patch b/dev-python/pycrypto/files/pycrypto-2.6.1-CVE-2013-7459.patch deleted file mode 100644 index 9850f0340510..000000000000 --- a/dev-python/pycrypto/files/pycrypto-2.6.1-CVE-2013-7459.patch +++ /dev/null @@ -1,88 +0,0 @@ -From 8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4 Mon Sep 17 00:00:00 2001 -From: Legrandin -Date: Sun, 22 Dec 2013 22:24:46 +0100 -Subject: [PATCH] Throw exception when IV is used with ECB or CTR - -The IV parameter is currently ignored when initializing -a cipher in ECB or CTR mode. - -For CTR mode, it is confusing: it takes some time to see -that a different parameter is needed (the counter). - -For ECB mode, it is outright dangerous. - -This patch forces an exception to be raised. ---- - lib/Crypto/SelfTest/Cipher/common.py | 31 +++++++++++++++++++++++-------- - src/block_template.c | 11 +++++++++++ - 2 files changed, 34 insertions(+), 8 deletions(-) - -diff --git a/lib/Crypto/SelfTest/Cipher/common.py b/lib/Crypto/SelfTest/Cipher/common.py -index 420b6ff..a5f8a88 100644 ---- a/lib/Crypto/SelfTest/Cipher/common.py -+++ b/lib/Crypto/SelfTest/Cipher/common.py -@@ -239,19 +239,34 @@ def shortDescription(self): - return """%s .decrypt() output of .encrypt() should not be garbled""" % (self.module_name,) - - def runTest(self): -- for mode in (self.module.MODE_ECB, self.module.MODE_CBC, self.module.MODE_CFB, self.module.MODE_OFB, self.module.MODE_OPENPGP): -+ -+ ## ECB mode -+ mode = self.module.MODE_ECB -+ encryption_cipher = self.module.new(a2b_hex(self.key), mode) -+ ciphertext = encryption_cipher.encrypt(self.plaintext) -+ decryption_cipher = self.module.new(a2b_hex(self.key), mode) -+ decrypted_plaintext = decryption_cipher.decrypt(ciphertext) -+ self.assertEqual(self.plaintext, decrypted_plaintext) -+ -+ ## OPENPGP mode -+ mode = self.module.MODE_OPENPGP -+ encryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv) -+ eiv_ciphertext = encryption_cipher.encrypt(self.plaintext) -+ eiv = eiv_ciphertext[:self.module.block_size+2] -+ ciphertext = eiv_ciphertext[self.module.block_size+2:] -+ decryption_cipher = self.module.new(a2b_hex(self.key), mode, eiv) -+ decrypted_plaintext = decryption_cipher.decrypt(ciphertext) -+ self.assertEqual(self.plaintext, decrypted_plaintext) -+ -+ ## All other non-AEAD modes (but CTR) -+ for mode in (self.module.MODE_CBC, self.module.MODE_CFB, self.module.MODE_OFB): - encryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv) - ciphertext = encryption_cipher.encrypt(self.plaintext) -- -- if mode != self.module.MODE_OPENPGP: -- decryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv) -- else: -- eiv = ciphertext[:self.module.block_size+2] -- ciphertext = ciphertext[self.module.block_size+2:] -- decryption_cipher = self.module.new(a2b_hex(self.key), mode, eiv) -+ decryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv) - decrypted_plaintext = decryption_cipher.decrypt(ciphertext) - self.assertEqual(self.plaintext, decrypted_plaintext) - -+ - class PGPTest(unittest.TestCase): - def __init__(self, module, params): - unittest.TestCase.__init__(self) -diff --git a/src/block_template.c b/src/block_template.c -index f940e0e..d555ceb 100644 ---- a/src/block_template.c -+++ b/src/block_template.c -@@ -170,6 +170,17 @@ ALGnew(PyObject *self, PyObject *args, PyObject *kwdict) - "Key cannot be the null string"); - return NULL; - } -+ if (IVlen != 0 && mode == MODE_ECB) -+ { -+ PyErr_Format(PyExc_ValueError, "ECB mode does not use IV"); -+ return NULL; -+ } -+ if (IVlen != 0 && mode == MODE_CTR) -+ { -+ PyErr_Format(PyExc_ValueError, -+ "CTR mode needs counter parameter, not IV"); -+ return NULL; -+ } - if (IVlen != BLOCK_SIZE && mode != MODE_ECB && mode != MODE_CTR) - { - PyErr_Format(PyExc_ValueError, diff --git a/dev-python/pycrypto/files/pycrypto-2.6.1-cross-compile.patch b/dev-python/pycrypto/files/pycrypto-2.6.1-cross-compile.patch deleted file mode 100644 index 2ce24a49cc71..000000000000 --- a/dev-python/pycrypto/files/pycrypto-2.6.1-cross-compile.patch +++ /dev/null @@ -1,13 +0,0 @@ -do not hardcode -I/usr/include as it's useless and breaks cross-compiles - ---- a/setup.py -+++ b/setup.py -@@ -370,7 +370,7 @@ kw = {'name':"pycrypto", - 'ext_modules': plat_ext + [ - # _fastmath (uses GNU mp library) - Extension("Crypto.PublicKey._fastmath", -- include_dirs=['src/','/usr/include/'], -+ include_dirs=['src/'], - libraries=['gmp'], - sources=["src/_fastmath.c"]), - diff --git a/dev-python/pycrypto/metadata.xml b/dev-python/pycrypto/metadata.xml deleted file mode 100644 index e14ce6691800..000000000000 --- a/dev-python/pycrypto/metadata.xml +++ /dev/null @@ -1,34 +0,0 @@ - - - - - python@gentoo.org - Python - - - The Python Cryptography Toolkit is a collection of cryptographic - algorithms and protocols, implemented for use from Python. Among - the contents of the package: - - * Hash functions: MD2, MD4, RIPEMD, SHA256. - * Block encryption algorithms: AES, ARC2, Blowfish, CAST, DES, Triple-DES, IDEA, RC5. - * Stream encryption algorithms: ARC4, simple XOR. - * Public-key algorithms: RSA, DSA, ElGamal, qNEW. - * Protocols: All-or-nothing transforms, chaffing/winnowing. - * Miscellaneous: RFC1751 module for converting 128-key keys into a set of English words, primality testing. - * Some demo programs (currently all quite old and outdated). - - - このPython言語のクリプトグラフィー・ツールキットは、暗号手法のアルゴリズムとプロ - トコルの集合で、Python言語から利用されるための実装です。このパッケージ内容は以下 - です。 - - * Hash ファンクション: MD2, MD4, RIPEMD, SHA256. - * ブロック・エンクリプション・アルゴリズム: AES, ARC2, Blowfish, CAST, DES, Triple-DES, IDEA, RC5. - * ストリーム・エンクリプション・アルゴリズム: ARC4, simple XOR. - * 公開鍵アルゴリズム: RSA, DSA, ElGamal, qNEW. - * プロトコル: All-or-nothing transforms, chaffing/winnowing. - * その他: RFC1751 module for converting 128-key keys into a set of English words, primality testing. - * デモ・プログラム(現在では完全に古く時代遅れなもの) - - diff --git a/dev-python/pycrypto/pycrypto-2.6.1-r2.ebuild b/dev-python/pycrypto/pycrypto-2.6.1-r2.ebuild deleted file mode 100644 index 2c3100844cef..000000000000 --- a/dev-python/pycrypto/pycrypto-2.6.1-r2.ebuild +++ /dev/null @@ -1,76 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python2_7 python3_{6,7} ) -PYTHON_REQ_USE="threads(+)" - -inherit distutils-r1 flag-o-matic - -DESCRIPTION="Python Cryptography Toolkit" -HOMEPAGE="https://www.dlitz.net/software/pycrypto/ - https://pypi.org/project/pycrypto/" -SRC_URI="http://ftp.dlitz.net/pub/dlitz/crypto/pycrypto/${P}.tar.gz" - -LICENSE="PSF-2 public-domain" -SLOT="0" -KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 s390 sparc x86 ~ppc-aix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x86-solaris" -IUSE="doc +gmp test" -RESTRICT="!test? ( test )" - -RDEPEND="gmp? ( dev-libs/gmp:0= )" -DEPEND="${RDEPEND} - doc? ( - dev-python/docutils[${PYTHON_USEDEP}] - $(python_gen_cond_dep '>=dev-python/epydoc-3[${PYTHON_USEDEP}]' 'python2*') - )" - -REQUIRED_USE="test? ( gmp )" - -DOCS=( ACKS ChangeLog README TODO ) -PATCHES=( - "${FILESDIR}"/${P}-cross-compile.patch - "${FILESDIR}"/${P}-CVE-2013-7459.patch -) - -python_prepare_all() { - # Fix Crypto.PublicKey.RSA._RSAobj.exportKey(format="OpenSSH") with Python 3 - # https://github.com/dlitz/pycrypto/commit/ab25c6fe95ee92fac3187dcd90e0560ccacb084a - sed \ - -e "/keyparts =/s/'ssh-rsa'/b('ssh-rsa')/" \ - -e "s/keystring = ''.join/keystring = b('').join/" \ - -e "s/return 'ssh-rsa '/return b('ssh-rsa ')/" \ - -i lib/Crypto/PublicKey/RSA.py || die - - distutils-r1_python_prepare_all -} - -python_configure_all() { - # the configure does not interact with python in any way, - # it just sets up the C header file. - econf \ - $(use_with gmp) \ - --without-mpir -} - -python_compile_all() { - if use doc; then - rst2html.py Doc/pycrypt.rst > Doc/index.html || die - epydoc --config=Doc/epydoc-config --exclude-introspect="^Crypto\.(Random\.OSRNG\.nt|Util\.winrandom)$" || die - HTML_DOCS=( Doc/apidoc/. Doc/index.html ) - fi -} - -python_compile() { - if ! python_is_python3; then - local -x CFLAGS="${CFLAGS}" - append-cflags -fno-strict-aliasing - fi - - distutils-r1_python_compile -} - -python_test() { - esetup.py test -} diff --git a/profiles/base/package.use.mask b/profiles/base/package.use.mask index fc41d647b114..a626c92c4796 100644 --- a/profiles/base/package.use.mask +++ b/profiles/base/package.use.mask @@ -128,7 +128,6 @@ dev-python/zeep tornado # Michał Górny (2020-01-29) # Require dev-python/epydoc which is being removed. -<=dev-python/pycrypto-2.6.1-r2 doc <=dev-python/restkit-4.2.2 doc <=dev-python/suds-0.6-r1 doc diff --git a/profiles/package.mask b/profiles/package.mask index 2027819d5711..6c1309330d2a 100644 --- a/profiles/package.mask +++ b/profiles/package.mask @@ -649,12 +649,6 @@ games-util/pogo-manager-bin net-p2p/bisq sci-mathematics/geogebra -# Michał Górny (2020-04-18) -# Long dead, vulnerable. All revdeps have either been ported away, -# removed or had their optional deps removed. -# Removal in 30 days. Bug #703682. -dev-python/pycrypto - # Matt Turner (2020-04-12) # In conjunction with Firefox's sandbox, breaks loading of i965 driver. # Bug #716574 -- 2.26.2