Hello community,
here is the log from the commit of package ghc-x509-validation for
openSUSE:Factory checked in at 2018-05-30 12:16:02
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ghc-x509-validation (Old)
and /work/SRC/openSUSE:Factory/.ghc-x509-validation.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ghc-x509-validation"
Wed May 30 12:16:02 2018 rev:9 rq:607928 version:1.6.10
Changes:
--------
--- /work/SRC/openSUSE:Factory/ghc-x509-validation/ghc-x509-validation.changes
2017-08-31 21:01:55.537369905 +0200
+++
/work/SRC/openSUSE:Factory/.ghc-x509-validation.new/ghc-x509-validation.changes
2018-05-30 12:27:58.156886999 +0200
@@ -1,0 +2,6 @@
+Mon May 14 17:02:11 UTC 2018 - [email protected]
+
+- Update x509-validation to version 1.6.10 revision 1.
+ Upstream does not provide a changelog.
+
+-------------------------------------------------------------------
Old:
----
x509-validation-1.6.8.tar.gz
New:
----
x509-validation-1.6.10.tar.gz
x509-validation.cabal
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ghc-x509-validation.spec ++++++
--- /var/tmp/diff_new_pack.hu1RvT/_old 2018-05-30 12:27:58.956858786 +0200
+++ /var/tmp/diff_new_pack.hu1RvT/_new 2018-05-30 12:27:58.960858645 +0200
@@ -1,7 +1,7 @@
#
# spec file for package ghc-x509-validation
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,17 +19,17 @@
%global pkg_name x509-validation
%bcond_with tests
Name: ghc-%{pkg_name}
-Version: 1.6.8
+Version: 1.6.10
Release: 0
Summary: X.509 Certificate and CRL validation
License: BSD-3-Clause
-Group: Development/Languages/Other
-Url: https://hackage.haskell.org/package/%{pkg_name}
+Group: Development/Libraries/Haskell
+URL: https://hackage.haskell.org/package/%{pkg_name}
Source0:
https://hackage.haskell.org/package/%{pkg_name}-%{version}/%{pkg_name}-%{version}.tar.gz
+Source1:
https://hackage.haskell.org/package/%{pkg_name}-%{version}/revision/1.cabal#/%{pkg_name}.cabal
BuildRequires: ghc-Cabal-devel
BuildRequires: ghc-asn1-encoding-devel
BuildRequires: ghc-asn1-types-devel
-BuildRequires: ghc-byteable-devel
BuildRequires: ghc-bytestring-devel
BuildRequires: ghc-containers-devel
BuildRequires: ghc-cryptonite-devel
@@ -41,7 +41,6 @@
BuildRequires: ghc-rpm-macros
BuildRequires: ghc-x509-devel
BuildRequires: ghc-x509-store-devel
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if %{with tests}
BuildRequires: ghc-tasty-devel
BuildRequires: ghc-tasty-hunit-devel
@@ -52,7 +51,7 @@
%package devel
Summary: Haskell %{pkg_name} library development files
-Group: Development/Libraries/Other
+Group: Development/Libraries/Haskell
Requires: %{name} = %{version}-%{release}
Requires: ghc-compiler = %{ghc_version}
Requires(post): ghc-compiler = %{ghc_version}
@@ -64,6 +63,7 @@
%prep
%setup -q -n %{pkg_name}-%{version}
+cp -p %{SOURCE1} %{pkg_name}.cabal
%build
%ghc_lib_build
@@ -81,10 +81,8 @@
%ghc_pkg_recache
%files -f %{name}.files
-%defattr(-,root,root,-)
-%doc LICENSE
+%license LICENSE
%files devel -f %{name}-devel.files
-%defattr(-,root,root,-)
%changelog
++++++ x509-validation-1.6.8.tar.gz -> x509-validation-1.6.10.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/x509-validation-1.6.8/Data/X509/Validation/Fingerprint.hs
new/x509-validation-1.6.10/Data/X509/Validation/Fingerprint.hs
--- old/x509-validation-1.6.8/Data/X509/Validation/Fingerprint.hs
2017-06-26 18:12:09.000000000 +0200
+++ new/x509-validation-1.6.10/Data/X509/Validation/Fingerprint.hs
2018-03-01 22:14:19.000000000 +0100
@@ -5,6 +5,7 @@
-- Stability : experimental
-- Portability : unknown
--
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
module Data.X509.Validation.Fingerprint
( Fingerprint(..)
, getFingerprint
@@ -13,16 +14,14 @@
import Crypto.Hash
import Data.X509
import Data.ASN1.Types
-import Data.ByteArray (convert)
+import Data.ByteArray (convert, ByteArrayAccess)
import Data.ByteString (ByteString)
-import Data.Byteable
-- | Fingerprint of a certificate
newtype Fingerprint = Fingerprint ByteString
deriving (Show,Eq)
-instance Byteable Fingerprint where
- toBytes (Fingerprint bs) = bs
+instance ByteArrayAccess Fingerprint
-- | Get the fingerprint of the whole signed object
-- using the hashing algorithm specified
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/x509-validation-1.6.8/Data/X509/Validation/Signature.hs
new/x509-validation-1.6.10/Data/X509/Validation/Signature.hs
--- old/x509-validation-1.6.8/Data/X509/Validation/Signature.hs 2017-06-26
18:12:09.000000000 +0200
+++ new/x509-validation-1.6.10/Data/X509/Validation/Signature.hs
2017-07-31 22:17:24.000000000 +0200
@@ -18,15 +18,12 @@
import qualified Crypto.PubKey.RSA.PSS as PSS
import qualified Crypto.PubKey.DSA as DSA
import qualified Crypto.PubKey.ECC.Types as ECC
-import qualified Crypto.PubKey.ECC.Prim as ECC
import qualified Crypto.PubKey.ECC.ECDSA as ECDSA
import Crypto.Hash
-import Crypto.Number.Serialize (os2ip)
import Data.ByteString (ByteString)
-import qualified Data.ByteString as B
import Data.X509
-import Data.List (find)
+import Data.X509.EC
import Data.ASN1.Types
import Data.ASN1.Encoding
import Data.ASN1.BinaryEncoding
@@ -126,49 +123,19 @@
verifyECDSA :: HashALG -> PubKeyEC -> Maybe (ByteString -> ByteString -> Bool)
verifyECDSA hashALG key =
- case key of
- PubKeyEC_Named curveName pub -> verifyCurve curveName pub
- PubKeyEC_Prime {} ->
- case find matchPrimeCurve $ enumFrom $ toEnum 0 of
- Nothing -> Nothing
- Just curveName -> verifyCurve curveName (pubkeyEC_pub key)
+ ecPubKeyCurveName key >>= verifyCurve (pubkeyEC_pub key)
where
- matchPrimeCurve c =
- case ECC.getCurveByName c of
- ECC.CurveFP (ECC.CurvePrime p cc) ->
- ECC.ecc_a cc == pubkeyEC_a key &&
- ECC.ecc_b cc == pubkeyEC_b key &&
- ECC.ecc_n cc == pubkeyEC_order key &&
- p == pubkeyEC_prime key
- _ -> False
-
- verifyCurve curveName pub = Just $ \msg sigBS ->
+ verifyCurve pub curveName = Just $ \msg sigBS ->
case decodeASN1' BER sigBS of
Left _ -> False
Right [Start Sequence,IntVal r,IntVal s,End Sequence] ->
- case unserializePoint (ECC.getCurveByName curveName) pub of
- Nothing -> False
- Just pubkey -> (ecdsaVerify hashALG) pubkey
(ECDSA.Signature r s) msg
+ let curve = ECC.getCurveByName curveName
+ in case unserializePoint curve pub of
+ Nothing -> False
+ Just p -> let pubkey = ECDSA.PublicKey curve p
+ in (ecdsaVerify hashALG) pubkey
(ECDSA.Signature r s) msg
Right _ -> False
- unserializePoint curve (SerializedPoint bs) =
- case B.uncons bs of
- Nothing -> Nothing
- Just (ptFormat, input) ->
- case ptFormat of
- 4 -> if B.length input /= 2 * bytes
- then Nothing
- else
- let (x, y) = B.splitAt bytes input
- p = ECC.Point (os2ip x) (os2ip y)
- in if ECC.isPointValid curve p
- then Just $ ECDSA.PublicKey curve p
- else Nothing
- -- 2 and 3 for compressed format.
- _ -> Nothing
- where bits = ECC.curveSizeBits curve
- bytes = (bits + 7) `div` 8
-
ecdsaVerify HashMD2 = ECDSA.verify MD2
ecdsaVerify HashMD5 = ECDSA.verify MD5
ecdsaVerify HashSHA1 = ECDSA.verify SHA1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/x509-validation-1.6.8/Data/X509/Validation.hs
new/x509-validation-1.6.10/Data/X509/Validation.hs
--- old/x509-validation-1.6.8/Data/X509/Validation.hs 2017-06-26
18:12:09.000000000 +0200
+++ new/x509-validation-1.6.10/Data/X509/Validation.hs 2017-07-31
22:17:01.000000000 +0200
@@ -27,6 +27,8 @@
, getFingerprint
-- * Cache
, module Data.X509.Validation.Cache
+ -- * Signature verification
+ , module Data.X509.Validation.Signature
) where
import Control.Applicative
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/x509-validation-1.6.8/Tests/Certificate.hs
new/x509-validation-1.6.10/Tests/Certificate.hs
--- old/x509-validation-1.6.8/Tests/Certificate.hs 2017-07-22
08:57:25.000000000 +0200
+++ new/x509-validation-1.6.10/Tests/Certificate.hs 2017-07-31
22:17:24.000000000 +0200
@@ -29,12 +29,11 @@
import Control.Applicative
import Crypto.Hash.Algorithms
-import Crypto.Number.Generate
import Crypto.Number.Serialize
import qualified Crypto.PubKey.DSA as DSA
import qualified Crypto.PubKey.ECC.ECDSA as ECDSA
-import qualified Crypto.PubKey.ECC.Prim as ECC
+import qualified Crypto.PubKey.ECC.Generate as ECC
import qualified Crypto.PubKey.ECC.Types as ECC
import qualified Crypto.PubKey.RSA as RSA
import qualified Crypto.PubKey.RSA.PKCS15 as RSA
@@ -110,12 +109,9 @@
let y = DSA.calculatePublic params x
return (alg, DSA.PublicKey params y, DSA.PrivateKey params x)
generateKeys alg@(AlgEC name _) = do
- d <- generateBetween 1 (n - 1)
- let p = ECC.pointBaseMul curve d
- return (alg, ECDSA.PublicKey curve p, ECDSA.PrivateKey curve d)
- where
- curve = ECC.getCurveByName name
- n = ECC.ecc_n . ECC.common_curve $ curve
+ let curve = ECC.getCurveByName name
+ (pub, priv) <- ECC.generate curve
+ return (alg, pub, priv)
generateRSAKeys :: Alg RSA.PublicKey RSA.PrivateKey
-> Int
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/x509-validation-1.6.8/x509-validation.cabal
new/x509-validation-1.6.10/x509-validation.cabal
--- old/x509-validation-1.6.8/x509-validation.cabal 2017-07-22
08:58:06.000000000 +0200
+++ new/x509-validation-1.6.10/x509-validation.cabal 2018-03-01
22:16:09.000000000 +0100
@@ -1,5 +1,5 @@
Name: x509-validation
-version: 1.6.8
+version: 1.6.10
Description: X.509 Certificate and CRL validation
License: BSD3
License-file: LICENSE
@@ -18,12 +18,11 @@
Build-Depends: base >= 3 && < 5
, bytestring
, memory
- , byteable
, mtl
, containers
, hourglass
, data-default-class
- , pem >= 0.1 && < 0.3
+ , pem >= 0.1
, asn1-types >= 0.3 && < 0.4
, asn1-encoding >= 0.9 && < 0.10
, x509 >= 1.6.5
++++++ x509-validation.cabal ++++++
Name: x509-validation
version: 1.6.10
x-revision: 1
Description: X.509 Certificate and CRL validation
License: BSD3
License-file: LICENSE
Copyright: Vincent Hanquez <[email protected]>
Author: Vincent Hanquez <[email protected]>
Maintainer: Vincent Hanquez <[email protected]>
Synopsis: X.509 Certificate and CRL validation
Build-Type: Simple
Category: Data
stability: experimental
Homepage: http://github.com/vincenthz/hs-certificate
Cabal-Version: >= 1.10
Library
Default-Language: Haskell2010
Build-Depends: base >= 3 && < 5
, bytestring
, memory
, mtl
, containers
, hourglass
, data-default-class
, pem >= 0.1
, asn1-types >= 0.3 && < 0.4
, asn1-encoding >= 0.9 && < 0.10
, x509 >= 1.7.2
, x509-store >= 1.6
, cryptonite >= 0.8
Exposed-modules: Data.X509.Validation
Other-modules: Data.X509.Validation.Signature
Data.X509.Validation.Fingerprint
Data.X509.Validation.Cache
Data.X509.Validation.Types
ghc-options: -Wall
Test-Suite test-x509-validation
Default-Language: Haskell2010
type: exitcode-stdio-1.0
hs-source-dirs: Tests
Main-is: Tests.hs
Other-modules: Certificate
Build-Depends: base >= 3 && < 5
, bytestring
, data-default-class
, tasty
, tasty-hunit
, hourglass
, asn1-types
, asn1-encoding
, x509 >= 1.7.1
, x509-store
, x509-validation
, cryptonite
ghc-options: -Wall
source-repository head
type: git
location: git://github.com/vincenthz/hs-certificate
subdir: x509-validation
