commit ghc-x509-validation for openSUSE:Factory

h_root Mon, 24 Aug 2015 23:49:06 -0700

Hello community,

here is the log from the commit of package ghc-x509-validation for 
openSUSE:Factory checked in at 2015-08-25 07:19:28
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ghc-x509-validation (Old)
 and      /work/SRC/openSUSE:Factory/.ghc-x509-validation.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "ghc-x509-validation"

Changes:
--------
--- /work/SRC/openSUSE:Factory/ghc-x509-validation/ghc-x509-validation.changes  
2015-05-28 09:54:02.000000000 +0200
+++ 
/work/SRC/openSUSE:Factory/.ghc-x509-validation.new/ghc-x509-validation.changes 
    2015-08-25 08:48:31.000000000 +0200
@@ -1,0 +2,5 @@
+Thu Aug  6 20:37:55 UTC 2015 - [email protected]
+
+- update to 1.6.0 
+
+-------------------------------------------------------------------

Old:
----
  x509-validation-1.5.2.tar.gz

New:
----
  x509-validation-1.6.0.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ ghc-x509-validation.spec ++++++
--- /var/tmp/diff_new_pack.f6QWtd/_old  2015-08-25 08:48:31.000000000 +0200
+++ /var/tmp/diff_new_pack.f6QWtd/_new  2015-08-25 08:48:31.000000000 +0200
@@ -18,8 +18,8 @@
 
 %global pkg_name x509-validation
 
-Name:           ghc-%{pkg_name}
-Version:        1.5.2
+Name:           ghc-x509-validation
+Version:        1.6.0
 Release:        0
 Summary:        X.509 Certificate and CRL validation
 License:        BSD-3-Clause
@@ -37,9 +37,7 @@
 BuildRequires:  ghc-byteable-devel
 BuildRequires:  ghc-bytestring-devel
 BuildRequires:  ghc-containers-devel
-BuildRequires:  ghc-crypto-pubkey-devel
-BuildRequires:  ghc-crypto-pubkey-types-devel
-BuildRequires:  ghc-cryptohash-devel
+BuildRequires:  ghc-cryptonite-devel
 BuildRequires:  ghc-data-default-class-devel
 BuildRequires:  ghc-directory-devel
 BuildRequires:  ghc-filepath-devel

++++++ x509-validation-1.5.2.tar.gz -> x509-validation-1.6.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/x509-validation-1.5.2/Data/X509/Validation/Fingerprint.hs 
new/x509-validation-1.6.0/Data/X509/Validation/Fingerprint.hs
--- old/x509-validation-1.5.2/Data/X509/Validation/Fingerprint.hs       
2015-05-06 18:16:32.000000000 +0200
+++ new/x509-validation-1.6.0/Data/X509/Validation/Fingerprint.hs       
2015-06-19 22:18:40.000000000 +0200
@@ -8,12 +8,12 @@
 module Data.X509.Validation.Fingerprint
     ( Fingerprint(..)
     , getFingerprint
-    , toDescr
     ) where
 
-import Crypto.PubKey.HashDescr
+import Crypto.Hash
 import Data.X509
 import Data.ASN1.Types
+import Data.ByteArray (convert)
 import Data.ByteString (ByteString)
 import Data.Byteable
 
@@ -30,16 +30,12 @@
                => SignedExact a -- ^ object to fingerprint
                -> HashALG       -- ^ algorithm to compute the fingerprint
                -> Fingerprint   -- ^ fingerprint in binary form
-getFingerprint sobj halg = Fingerprint $ hashF $ encodeSignedObject sobj
-  where hashDescr = toDescr halg
-        hashF     = hashFunction hashDescr
-
--- | Convert a hash algorithm into a Hash Description
-toDescr :: HashALG -> HashDescr
-toDescr HashMD2    = hashDescrMD2
-toDescr HashMD5    = hashDescrMD5
-toDescr HashSHA1   = hashDescrSHA1
-toDescr HashSHA224 = hashDescrSHA224
-toDescr HashSHA256 = hashDescrSHA256
-toDescr HashSHA384 = hashDescrSHA384
-toDescr HashSHA512 = hashDescrSHA512
+getFingerprint sobj halg = Fingerprint $ mkHash halg $ encodeSignedObject sobj
+  where
+    mkHash HashMD2    = convert . hashWith MD2
+    mkHash HashMD5    = convert . hashWith MD5
+    mkHash HashSHA1   = convert . hashWith SHA1
+    mkHash HashSHA224 = convert . hashWith SHA224
+    mkHash HashSHA256 = convert . hashWith SHA256
+    mkHash HashSHA384 = convert . hashWith SHA384
+    mkHash HashSHA512 = convert . hashWith SHA512
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/x509-validation-1.5.2/Data/X509/Validation/Signature.hs 
new/x509-validation-1.6.0/Data/X509/Validation/Signature.hs
--- old/x509-validation-1.5.2/Data/X509/Validation/Signature.hs 2015-05-06 
18:16:32.000000000 +0200
+++ new/x509-validation-1.6.0/Data/X509/Validation/Signature.hs 2015-06-19 
22:18:40.000000000 +0200
@@ -16,11 +16,10 @@
 
 import qualified Crypto.PubKey.RSA.PKCS15 as RSA
 import qualified Crypto.PubKey.DSA as DSA
-import qualified Crypto.Hash.SHA1 as SHA1
+import Crypto.Hash
 
 import Data.ByteString (ByteString)
 import Data.X509
-import Data.X509.Validation.Fingerprint
 import Data.ASN1.Types
 import Data.ASN1.Encoding
 import Data.ASN1.BinaryEncoding
@@ -72,11 +71,11 @@
                                                             else 
SignatureFailed SignatureInvalid
     | otherwise                       = SignatureFailed SignaturePubkeyMismatch
   where
-        verifyF (PubKeyRSA key) = Just $ RSA.verify (toDescr hashALG) key
+        verifyF (PubKeyRSA key) = Just $ rsaVerify hashALG key
         verifyF (PubKeyDSA key)
             | hashALG == HashSHA1 = Just $ \a b -> case dsaToSignature a of
                                                     Nothing     -> False
-                                                    Just dsaSig -> DSA.verify 
SHA1.hash key dsaSig b
+                                                    Just dsaSig -> DSA.verify 
SHA1 key dsaSig b
             | otherwise           = Nothing
         verifyF _ = Nothing
 
@@ -84,6 +83,17 @@
         dsaToSignature b =
             case decodeASN1' BER b of
                 Left _     -> Nothing
-                Right asn1 -> case fromASN1 asn1 of
-                                Left _            -> Nothing
-                                Right (dsaSig, _) -> Just dsaSig
+                Right asn1 ->
+                    case asn1 of
+                        Start Sequence:IntVal r:IntVal s:End Sequence:_ ->
+                            Just $ DSA.Signature { DSA.sign_r = r, DSA.sign_s 
= s }
+                        _ ->
+                            Nothing
+
+        rsaVerify HashMD2    = RSA.verify (Just MD2)
+        rsaVerify HashMD5    = RSA.verify (Just MD5)
+        rsaVerify HashSHA1   = RSA.verify (Just SHA1)
+        rsaVerify HashSHA224 = RSA.verify (Just SHA224)
+        rsaVerify HashSHA256 = RSA.verify (Just SHA256)
+        rsaVerify HashSHA384 = RSA.verify (Just SHA384)
+        rsaVerify HashSHA512 = RSA.verify (Just SHA512)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/x509-validation-1.5.2/x509-validation.cabal 
new/x509-validation-1.6.0/x509-validation.cabal
--- old/x509-validation-1.5.2/x509-validation.cabal     2015-05-06 
18:16:32.000000000 +0200
+++ new/x509-validation-1.6.0/x509-validation.cabal     2015-06-19 
22:18:40.000000000 +0200
@@ -1,5 +1,5 @@
 Name:                x509-validation
-Version:             1.5.2
+Version:             1.6.0
 Description:         X.509 Certificate and CRL validation
 License:             BSD3
 License-file:        LICENSE
@@ -16,6 +16,7 @@
 Library
   Build-Depends:     base >= 3 && < 5
                    , bytestring
+                   , memory
                    , byteable
                    , network
                    , mtl
@@ -28,11 +29,9 @@
                    , pem >= 0.1 && < 0.3
                    , asn1-types >= 0.3 && < 0.4
                    , asn1-encoding >= 0.9 && < 0.10
-                   , x509 >= 1.5.0 && < 1.6
-                   , x509-store >= 1.5 && < 1.6
-                   , crypto-pubkey >= 0.1.4 && < 0.3
-                   , crypto-pubkey-types >= 0.4 && < 0.5
-                   , cryptohash >= 0.9 && < 0.12
+                   , x509 >= 1.6 && < 1.7
+                   , x509-store >= 1.6 && < 1.7
+                   , cryptonite >= 0.3
   Exposed-modules:   Data.X509.Validation
   Other-modules:     Data.X509.Validation.Signature
                      Data.X509.Validation.Fingerprint

commit ghc-x509-validation for openSUSE:Factory

Reply via email to