Hello community, here is the log from the commit of package python-libnacl for openSUSE:Factory checked in at 2015-02-20 12:01:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-libnacl (Old) and /work/SRC/openSUSE:Factory/.python-libnacl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-libnacl" Changes: -------- --- /work/SRC/openSUSE:Factory/python-libnacl/python-libnacl.changes 2014-11-04 17:30:41.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.python-libnacl.new/python-libnacl.changes 2015-02-20 12:01:45.000000000 +0100 @@ -1,0 +2,7 @@ +Thu Feb 19 18:50:58 UTC 2015 - [email protected] + +- Updated to 1.4.1 + + Fix for crypto_auth_verify and crypto_auth_onetimeverify + + Lint fixes and updates + +------------------------------------------------------------------- Old: ---- libnacl-1.4.0.tar.gz New: ---- libnacl-1.4.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-libnacl.spec ++++++ --- /var/tmp/diff_new_pack.DfBFI0/_old 2015-02-20 12:01:45.000000000 +0100 +++ /var/tmp/diff_new_pack.DfBFI0/_new 2015-02-20 12:01:45.000000000 +0100 @@ -16,7 +16,7 @@ # Name: python-libnacl -Version: 1.4.0 +Version: 1.4.1 Release: 0 License: Apache-2.0 Summary: Python bindings for libsodium/tweetnacl based on ctypes ++++++ libnacl-1.4.0.tar.gz -> libnacl-1.4.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.0/PKG-INFO new/libnacl-1.4.1/PKG-INFO --- old/libnacl-1.4.0/PKG-INFO 2014-11-03 06:18:49.000000000 +0100 +++ new/libnacl-1.4.1/PKG-INFO 2015-02-18 18:28:29.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: libnacl -Version: 1.4.0 +Version: 1.4.1 Summary: Python bindings for libsodium/tweetnacl based on ctypes Home-page: https://libnacl.readthedocs.org/ Author: Thomas S Hatch diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.0/README.rst new/libnacl-1.4.1/README.rst --- old/libnacl-1.4.0/README.rst 2014-10-03 22:21:33.000000000 +0200 +++ new/libnacl-1.4.1/README.rst 2015-02-18 17:34:19.000000000 +0100 @@ -8,3 +8,26 @@ as well as being completely portable. The file in libnacl/__init__.py can be pulled out and placed directly in any project to give a single file binding to all of nacl. + +Higher Level Classes +==================== + +The libnacl code also ships with many high level classes which make nacl +cryptography easy and safe, for documentation please see: +http://libnacl.readthedocs.org/ + +Why libnacl +=========== + +There are a number of libraries out there binding to libsodium, so why make +libnacl? + +1. libnacl does not have any non-python hard deps outside of libsodium +2. libnacl does not need to be compiled +3. libnacl is easy to package and very portable +4. Inclusion of high level pythonic encryption classes +5. Ability to have a single embeddable and transferable bindings file + that can be added directly to python applications without needing + to dep libnacl + +This makes libnacl very portable, very easy to use and easy to distribute. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.0/doc/conf.py new/libnacl-1.4.1/doc/conf.py --- old/libnacl-1.4.0/doc/conf.py 2014-10-03 22:21:33.000000000 +0200 +++ new/libnacl-1.4.1/doc/conf.py 2015-02-18 18:06:14.000000000 +0100 @@ -53,7 +53,7 @@ # built documents. # # The short X.Y version. -version = '1.3.6' +version = '1.4.1' # The full version, including alpha/beta/rc tags. release = version diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.0/doc/index.rst new/libnacl-1.4.1/doc/index.rst --- old/libnacl-1.4.0/doc/index.rst 2014-10-03 22:21:33.000000000 +0200 +++ new/libnacl-1.4.1/doc/index.rst 2014-11-03 06:21:58.000000000 +0100 @@ -15,6 +15,7 @@ topics/raw_secret topics/raw_sign topics/raw_hash + topics/raw_generichash topics/releases/index diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.0/doc/topics/releases/1.4.1.rst new/libnacl-1.4.1/doc/topics/releases/1.4.1.rst --- old/libnacl-1.4.0/doc/topics/releases/1.4.1.rst 1970-01-01 01:00:00.000000000 +0100 +++ new/libnacl-1.4.1/doc/topics/releases/1.4.1.rst 2015-02-18 18:00:38.000000000 +0100 @@ -0,0 +1,9 @@ +=========================== +libnacl 1.4.1 Release Notes +=========================== + +Misc Fixes +========== + +* Fix for crypto_auth_verify and crypto_auth_onetimeverify +* Lint fixes and updates diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.0/libnacl/__init__.py new/libnacl-1.4.1/libnacl/__init__.py --- old/libnacl-1.4.0/libnacl/__init__.py 2014-11-03 05:04:03.000000000 +0100 +++ new/libnacl-1.4.1/libnacl/__init__.py 2015-02-18 17:34:19.000000000 +0100 @@ -291,7 +291,7 @@ vk) if ret: raise ValueError('Failed to validate message') - return msg.raw[:msglen.value] + return msg.raw[:msglen.value] # pylint: disable=invalid-slice-index # Authenticated Symmetric Encryption @@ -374,16 +374,15 @@ return tok.raw[:crypto_auth_BYTES] -def crypto_auth_verify(msg, key): +def crypto_auth_verify(tok, msg, key): ''' Verifies that the given authentication token is correct for the given message and key ''' - tok = ctypes.create_string_buffer(crypto_auth_BYTES) ret = nacl.crypto_auth_verify(tok, msg, ctypes.c_ulonglong(len(msg)), key) if ret: raise ValueError('Failed to auth msg') - return tok.raw[:crypto_auth_BYTES] + return msg # One time authentication @@ -400,16 +399,15 @@ return tok.raw[:crypto_onetimeauth_BYTES] -def crypto_onetimeauth_verify(msg, key): +def crypto_onetimeauth_verify(tok, msg, key): ''' Verifies that the given authentication token is correct for the given message and key ''' - tok = ctypes.create_string_buffer(crypto_onetimeauth_BYTES) ret = nacl.crypto_onetimeauth(tok, msg, ctypes.c_ulonglong(len(msg)), key) if ret: raise ValueError('Failed to auth msg') - return tok.raw[:crypto_onetimeauth_BYTES] + return msg # Hashing @@ -497,11 +495,11 @@ The time taken by the function is independent of the contents of string1 and string2. In contrast, the standard C comparison function - memcmp(string1,string2,16) takes time that is dependent on the longest + memcmp(string1,string2,32) takes time that is dependent on the longest matching prefix of string1 and string2. This often allows for easy timing attacks. ''' - return not nacl.crypto_verify_16(string1, string2) + return not nacl.crypto_verify_32(string1, string2) # Random byte generation diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.0/libnacl/version.py new/libnacl-1.4.1/libnacl/version.py --- old/libnacl-1.4.0/libnacl/version.py 2014-11-03 05:40:28.000000000 +0100 +++ new/libnacl-1.4.1/libnacl/version.py 2015-02-18 18:04:44.000000000 +0100 @@ -1 +1 @@ -__version__ = '1.4.0' +__version__ = '1.4.1' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.0/libnacl.egg-info/PKG-INFO new/libnacl-1.4.1/libnacl.egg-info/PKG-INFO --- old/libnacl-1.4.0/libnacl.egg-info/PKG-INFO 2014-11-03 06:18:49.000000000 +0100 +++ new/libnacl-1.4.1/libnacl.egg-info/PKG-INFO 2015-02-18 18:28:29.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: libnacl -Version: 1.4.0 +Version: 1.4.1 Summary: Python bindings for libsodium/tweetnacl based on ctypes Home-page: https://libnacl.readthedocs.org/ Author: Thomas S Hatch diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.0/libnacl.egg-info/SOURCES.txt new/libnacl-1.4.1/libnacl.egg-info/SOURCES.txt --- old/libnacl-1.4.0/libnacl.egg-info/SOURCES.txt 2014-11-03 06:18:49.000000000 +0100 +++ new/libnacl-1.4.1/libnacl.egg-info/SOURCES.txt 2015-02-18 18:28:29.000000000 +0100 @@ -25,6 +25,7 @@ doc/topics/releases/1.3.3.rst doc/topics/releases/1.3.4.rst doc/topics/releases/1.4.0.rst +doc/topics/releases/1.4.1.rst doc/topics/releases/index.rst libnacl/__init__.py libnacl/base.py diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.0/setup.cfg new/libnacl-1.4.1/setup.cfg --- old/libnacl-1.4.0/setup.cfg 2014-11-03 06:18:49.000000000 +0100 +++ new/libnacl-1.4.1/setup.cfg 2015-02-18 18:28:29.000000000 +0100 @@ -1,5 +1,5 @@ [egg_info] +tag_build = tag_date = 0 tag_svn_revision = 0 -tag_build = -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
