commit ghc-x509-validation for openSUSE:Factory

root Thu, 08 Nov 2018 22:54:02 -0800

Hello community,

here is the log from the commit of package ghc-x509-validation for 
openSUSE:Factory checked in at 2018-11-09 07:53:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ghc-x509-validation (Old)
 and      /work/SRC/openSUSE:Factory/.ghc-x509-validation.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "ghc-x509-validation"

Fri Nov  9 07:53:12 2018 rev:12 rq:646366 version:1.6.11

Changes:
--------
--- /work/SRC/openSUSE:Factory/ghc-x509-validation/ghc-x509-validation.changes  
2018-10-25 09:07:34.702460669 +0200
+++ 
/work/SRC/openSUSE:Factory/.ghc-x509-validation.new/ghc-x509-validation.changes 
    2018-11-09 07:53:12.787794153 +0100
@@ -1,0 +2,6 @@
+Mon Nov  5 03:01:24 UTC 2018 - psim...@suse.com
+
+- Update x509-validation to version 1.6.11.
+  Upstream does not provide a change log file.
+
+-------------------------------------------------------------------

Old:
----
  x509-validation-1.6.10.tar.gz
  x509-validation.cabal

New:
----
  x509-validation-1.6.11.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ ghc-x509-validation.spec ++++++
--- /var/tmp/diff_new_pack.DD0qSC/_old  2018-11-09 07:53:13.431793414 +0100
+++ /var/tmp/diff_new_pack.DD0qSC/_new  2018-11-09 07:53:13.435793410 +0100
@@ -19,14 +19,13 @@
 %global pkg_name x509-validation
 %bcond_with tests
 Name:           ghc-%{pkg_name}
-Version:        1.6.10
+Version:        1.6.11
 Release:        0
 Summary:        X.509 Certificate and CRL validation
 License:        BSD-3-Clause
 Group:          Development/Libraries/Haskell
 URL:            https://hackage.haskell.org/package/%{pkg_name}
 Source0:        
https://hackage.haskell.org/package/%{pkg_name}-%{version}/%{pkg_name}-%{version}.tar.gz
-Source1:        
https://hackage.haskell.org/package/%{pkg_name}-%{version}/revision/1.cabal#/%{pkg_name}.cabal
 BuildRequires:  ghc-Cabal-devel
 BuildRequires:  ghc-asn1-encoding-devel
 BuildRequires:  ghc-asn1-types-devel
@@ -47,7 +46,7 @@
 %endif
 
 %description
-X.509 Certificate and CRL validation.
+X.509 Certificate and CRL validation. please see README.
 
 %package devel
 Summary:        Haskell %{pkg_name} library development files
@@ -63,7 +62,6 @@
 
 %prep
 %setup -q -n %{pkg_name}-%{version}
-cp -p %{SOURCE1} %{pkg_name}.cabal
 
 %build
 %ghc_lib_build

++++++ x509-validation-1.6.10.tar.gz -> x509-validation-1.6.11.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/x509-validation-1.6.10/Data/X509/Validation/Signature.hs 
new/x509-validation-1.6.11/Data/X509/Validation/Signature.hs
--- old/x509-validation-1.6.10/Data/X509/Validation/Signature.hs        
2017-07-31 22:17:24.000000000 +0200
+++ new/x509-validation-1.6.11/Data/X509/Validation/Signature.hs        
2018-11-04 11:10:41.000000000 +0100
@@ -14,11 +14,14 @@
     , SignatureFailure(..)
     ) where
 
+import Crypto.Error (CryptoFailable(..))
 import qualified Crypto.PubKey.RSA.PKCS15 as RSA
 import qualified Crypto.PubKey.RSA.PSS as PSS
 import qualified Crypto.PubKey.DSA as DSA
 import qualified Crypto.PubKey.ECC.Types as ECC
 import qualified Crypto.PubKey.ECC.ECDSA as ECDSA
+import qualified Crypto.PubKey.Ed25519 as Ed25519
+import qualified Crypto.PubKey.Ed448 as Ed448
 import Crypto.Hash
 
 import Data.ByteString (ByteString)
@@ -121,6 +124,21 @@
         rsaVerify HashSHA384 = RSA.verify (Just SHA384)
         rsaVerify HashSHA512 = RSA.verify (Just SHA512)
 
+verifySignature (SignatureALG_IntrinsicHash pubkeyALG) pubkey cdata signature
+    | pubkeyToAlg pubkey == pubkeyALG = doVerify pubkey
+    | otherwise = SignatureFailed SignaturePubkeyMismatch
+  where
+    doVerify (PubKeyEd25519 key) = eddsa Ed25519.verify Ed25519.signature key
+    doVerify (PubKeyEd448 key)   = eddsa Ed448.verify Ed448.signature key
+    doVerify _                   = SignatureFailed SignatureUnimplemented
+
+    eddsa verify toSig key =
+        case toSig signature of
+            CryptoPassed sig
+                | verify key cdata sig -> SignaturePass
+                | otherwise            -> SignatureFailed SignatureInvalid
+            CryptoFailed _             -> SignatureFailed SignatureInvalid
+
 verifyECDSA :: HashALG -> PubKeyEC -> Maybe (ByteString -> ByteString -> Bool)
 verifyECDSA hashALG key =
     ecPubKeyCurveName key >>= verifyCurve (pubkeyEC_pub key)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/x509-validation-1.6.10/Tests/Certificate.hs 
new/x509-validation-1.6.11/Tests/Certificate.hs
--- old/x509-validation-1.6.10/Tests/Certificate.hs     2017-07-31 
22:17:24.000000000 +0200
+++ new/x509-validation-1.6.11/Tests/Certificate.hs     2018-11-04 
11:10:41.000000000 +0100
@@ -35,6 +35,8 @@
 import qualified Crypto.PubKey.ECC.ECDSA  as ECDSA
 import qualified Crypto.PubKey.ECC.Generate as ECC
 import qualified Crypto.PubKey.ECC.Types  as ECC
+import qualified Crypto.PubKey.Ed25519    as Ed25519
+import qualified Crypto.PubKey.Ed448      as Ed448
 import qualified Crypto.PubKey.RSA        as RSA
 import qualified Crypto.PubKey.RSA.PKCS15 as RSA
 import qualified Crypto.PubKey.RSA.PSS    as PSS
@@ -44,6 +46,7 @@
 import Data.ASN1.BinaryEncoding (DER(..))
 import Data.ASN1.Encoding
 import Data.ASN1.Types
+import Data.ByteArray (convert)
 import Data.Maybe (catMaybes)
 import Data.String (fromString)
 import Data.X509
@@ -97,6 +100,10 @@
               -> GHash hash
               -> Alg ECDSA.PublicKey ECDSA.PrivateKey
 
+    AlgEd25519 :: Alg Ed25519.PublicKey Ed25519.SecretKey
+
+    AlgEd448   :: Alg Ed448.PublicKey Ed448.SecretKey
+
 -- | Types of public and private keys used by a signature algorithm.
 type Keys pub priv = (Alg pub priv, pub, priv)
 
@@ -112,6 +119,12 @@
     let curve = ECC.getCurveByName name
     (pub, priv) <- ECC.generate curve
     return (alg, pub, priv)
+generateKeys alg@AlgEd25519           = do
+    secret <- Ed25519.generateSecretKey
+    return (alg, Ed25519.toPublic secret, secret)
+generateKeys alg@AlgEd448             = do
+    secret <- Ed448.generateSecretKey
+    return (alg, Ed448.toPublic secret, secret)
 
 generateRSAKeys :: Alg RSA.PublicKey RSA.PrivateKey
                 -> Int
@@ -133,12 +146,16 @@
     bs    = B.cons 4 (i2ospOf_ bytes x `B.append` i2ospOf_ bytes y)
     bits  = ECC.curveSizeBits (ECC.getCurveByName name)
     bytes = (bits + 7) `div` 8
+getPubKey  AlgEd25519        key = PubKeyEd25519   key
+getPubKey  AlgEd448          key = PubKeyEd448     key
 
 getSignatureALG :: Alg pub priv -> SignatureALG
 getSignatureALG (AlgRSA    _   hash) = SignatureALG (getHashALG hash) 
PubKeyALG_RSA
 getSignatureALG (AlgRSAPSS _ _ hash) = SignatureALG (getHashALG hash) 
PubKeyALG_RSAPSS
 getSignatureALG (AlgDSA    _   hash) = SignatureALG (getHashALG hash) 
PubKeyALG_DSA
 getSignatureALG (AlgEC     _   hash) = SignatureALG (getHashALG hash) 
PubKeyALG_EC
+getSignatureALG  AlgEd25519          = SignatureALG_IntrinsicHash 
PubKeyALG_Ed25519
+getSignatureALG  AlgEd448            = SignatureALG_IntrinsicHash 
PubKeyALG_Ed448
 
 doSign :: Alg pub priv -> priv -> B.ByteString -> IO B.ByteString
 doSign (AlgRSA _ hash)        key msg = do
@@ -167,6 +184,10 @@
                  , IntVal (ECDSA.sign_s sig)
                  , End Sequence
                  ]
+doSign  AlgEd25519            key msg =
+    return $ convert $ Ed25519.sign key (Ed25519.toPublic key) msg
+doSign  AlgEd448              key msg =
+    return $ convert $ Ed448.sign key (Ed448.toPublic key) msg
 
 
 -- Certificate utilities --
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/x509-validation-1.6.10/Tests/Tests.hs 
new/x509-validation-1.6.11/Tests/Tests.hs
--- old/x509-validation-1.6.10/Tests/Tests.hs   2017-06-26 18:12:09.000000000 
+0200
+++ new/x509-validation-1.6.11/Tests/Tests.hs   2018-11-04 11:10:41.000000000 
+0100
@@ -583,6 +583,8 @@
     , treeWithAlg "RSAPSS" (AlgRSAPSS 2048 pssParams hashSHA224)
     , treeWithAlg "DSA"    (AlgDSA    dsaParams      hashSHA1)
     , treeWithAlg "ECDSA"  (AlgEC     curveName      hashSHA512)
+    , treeWithAlg "Ed25519" AlgEd25519
+    , treeWithAlg "Ed448"   AlgEd448
     ]
   where
     pssParams = PSS.defaultPSSParams SHA224
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/x509-validation-1.6.10/x509-validation.cabal 
new/x509-validation-1.6.11/x509-validation.cabal
--- old/x509-validation-1.6.10/x509-validation.cabal    2018-03-01 
22:16:09.000000000 +0100
+++ new/x509-validation-1.6.11/x509-validation.cabal    2018-11-04 
12:43:25.000000000 +0100
@@ -1,6 +1,6 @@
 Name:                x509-validation
-version:             1.6.10
-Description:         X.509 Certificate and CRL validation
+version:             1.6.11
+Description:         X.509 Certificate and CRL validation. please see README
 License:             BSD3
 License-file:        LICENSE
 Copyright:           Vincent Hanquez <vinc...@snarc.org>
@@ -25,9 +25,9 @@
                    , pem >= 0.1
                    , asn1-types >= 0.3 && < 0.4
                    , asn1-encoding >= 0.9 && < 0.10
-                   , x509 >= 1.6.5
+                   , x509 >= 1.7.5
                    , x509-store >= 1.6
-                   , cryptonite >= 0.8
+                   , cryptonite >= 0.24
   Exposed-modules:   Data.X509.Validation
   Other-modules:     Data.X509.Validation.Signature
                      Data.X509.Validation.Fingerprint
@@ -43,6 +43,7 @@
   Other-modules:     Certificate
   Build-Depends:     base >= 3 && < 5
                    , bytestring
+                   , memory
                    , data-default-class
                    , tasty
                    , tasty-hunit

commit ghc-x509-validation for openSUSE:Factory

Reply via email to