Hello community, here is the log from the commit of package python-libnacl for openSUSE:Factory checked in at 2015-06-12 20:31:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-libnacl (Old) and /work/SRC/openSUSE:Factory/.python-libnacl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-libnacl" Changes: -------- --- /work/SRC/openSUSE:Factory/python-libnacl/python-libnacl.changes 2015-03-18 13:08:40.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.python-libnacl.new/python-libnacl.changes 2015-06-12 20:31:39.000000000 +0200 @@ -1,0 +2,9 @@ +Thu Jun 11 20:39:13 UTC 2015 - abo...@gmail.com + +- Updated to 1.4.3 +- crypto_onetimeauth_verify fixes + + Fix a call to the crypto_onetimeauth_verify routine into the right libsodium system + + Add tests for crypto_onetimeauth_verify +- Add support for reading file streams for key loading + +------------------------------------------------------------------- Old: ---- libnacl-1.4.2.tar.gz New: ---- libnacl-1.4.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-libnacl.spec ++++++ --- /var/tmp/diff_new_pack.GnZ5xo/_old 2015-06-12 20:31:40.000000000 +0200 +++ /var/tmp/diff_new_pack.GnZ5xo/_new 2015-06-12 20:31:40.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package python-libnacl # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,7 +16,7 @@ # Name: python-libnacl -Version: 1.4.2 +Version: 1.4.3 Release: 0 License: Apache-2.0 Summary: Python bindings for libsodium/tweetnacl based on ctypes ++++++ libnacl-1.4.2.tar.gz -> libnacl-1.4.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.2/PKG-INFO new/libnacl-1.4.3/PKG-INFO --- old/libnacl-1.4.2/PKG-INFO 2015-03-17 18:02:58.000000000 +0100 +++ new/libnacl-1.4.3/PKG-INFO 2015-06-11 21:43:55.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: libnacl -Version: 1.4.2 +Version: 1.4.3 Summary: Python bindings for libsodium/tweetnacl based on ctypes Home-page: https://libnacl.readthedocs.org/ Author: Thomas S Hatch diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.2/doc/conf.py new/libnacl-1.4.3/doc/conf.py --- old/libnacl-1.4.2/doc/conf.py 2015-03-17 17:57:04.000000000 +0100 +++ new/libnacl-1.4.3/doc/conf.py 2015-06-11 20:50:56.000000000 +0200 @@ -46,14 +46,14 @@ # General information about the project. project = u'libnacl' -copyright = u'2014, Thomas S Hatch' +copyright = u'2015, Thomas S Hatch' # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the # built documents. # # The short X.Y version. -version = '1.4.2' +version = '1.4.3' # The full version, including alpha/beta/rc tags. release = version diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.2/doc/topics/releases/1.4.3.rst new/libnacl-1.4.3/doc/topics/releases/1.4.3.rst --- old/libnacl-1.4.2/doc/topics/releases/1.4.3.rst 1970-01-01 01:00:00.000000000 +0100 +++ new/libnacl-1.4.3/doc/topics/releases/1.4.3.rst 2015-06-11 20:50:28.000000000 +0200 @@ -0,0 +1,17 @@ +=========================== +libnacl 1.4.3 Release Notes +=========================== + +crypto_onetimeauth_verify fixes +=============================== + +* Fix a call to the crypto_onetimeauth_verify routine into the right libsodium system +* Add tests for crypto_onetimeauth_verify + +Improved support for MacOSX +=========================== + +* Improved the lookup procedure for finding libsodium on MacOSX + +Add support for reading file streams for key loading +==================================================== diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.2/libnacl/__init__.py new/libnacl-1.4.3/libnacl/__init__.py --- old/libnacl-1.4.2/libnacl/__init__.py 2015-03-17 17:11:06.000000000 +0100 +++ new/libnacl-1.4.3/libnacl/__init__.py 2015-06-11 18:36:09.000000000 +0200 @@ -41,6 +41,13 @@ except OSError: pass try: + libidx = __file__.find('lib') + if libidx > 0: + libpath = __file__[0:libidx+3] + '/libsodium.dylib' + return ctypes.cdll.LoadLibrary(libpath) + except OSError: + pass + try: return ctypes.cdll.LoadLibrary('tweetnacl.dylib') except OSError: msg = ('Could not locate nacl lib, searched for libsodium, ' @@ -55,6 +62,13 @@ return ctypes.cdll.LoadLibrary('/usr/local/lib/libsodium.so') except OSError: pass + try: + libidx = __file__.find('lib') + if libidx > 0: + libpath = __file__[0:libidx+3] + '/libsodium.so' + return ctypes.cdll.LoadLibrary(libpath) + except OSError: + pass for soname_ver in __SONAMES: try: @@ -404,7 +418,7 @@ Verifies that the given authentication token is correct for the given message and key ''' - ret = nacl.crypto_onetimeauth(tok, msg, ctypes.c_ulonglong(len(msg)), key) + ret = nacl.crypto_onetimeauth_verify(tok, msg, ctypes.c_ulonglong(len(msg)), key) if ret: raise ValueError('Failed to auth msg') return msg diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.2/libnacl/base.py new/libnacl-1.4.3/libnacl/base.py --- old/libnacl-1.4.2/libnacl/base.py 2015-03-17 17:53:55.000000000 +0100 +++ new/libnacl-1.4.3/libnacl/base.py 2015-06-11 18:30:10.000000000 +0200 @@ -31,9 +31,9 @@ if hasattr(self, 'seed'): return libnacl.encode.hex_encode(self.seed) - def save(self, path, serial='json'): + def for_json(self): ''' - Safely save keys with perms of 0400 + Return a dictionary of the secret values we need to store. ''' pre = {} sk = self.hex_sk() @@ -48,6 +48,15 @@ pre['verify'] = vk.decode('utf-8') if seed: pre['sign'] = seed.decode('utf-8') + + return pre + + def save(self, path, serial='json'): + ''' + Safely save keys with perms of 0400 + ''' + pre = self.for_json() + if serial == 'msgpack': import msgpack packaged = msgpack.dumps(pre) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.2/libnacl/utils.py new/libnacl-1.4.3/libnacl/utils.py --- old/libnacl-1.4.2/libnacl/utils.py 2015-03-17 17:53:30.000000000 +0100 +++ new/libnacl-1.4.3/libnacl/utils.py 2015-06-11 20:45:31.000000000 +0200 @@ -12,19 +12,30 @@ import libnacl.dual -def load_key(path, serial='json'): +def load_key(path_or_file, serial='json'): ''' Read in a key from a file and return the applicable key object based on the contents of the file ''' - with open(path, 'rb') as fp_: - packaged = fp_.read() - if serial == 'msgpack': - import msgpack - key_data = msgpack.loads(packaged) - elif serial == 'json': - import json - key_data = json.loads(packaged.decode(encoding='UTF-8')) + if hasattr(path_or_file, 'read'): + stream = path_or_file + else: + if serial == 'json': + stream = open(path_or_file, 'r') + else: + stream = open(path_or_file, 'rb') + + try: + if serial == 'msgpack': + import msgpack + key_data = msgpack.load(stream) + elif serial == 'json': + import json + key_data = json.loads(stream.read(), encoding='UTF-8') + finally: + if stream != path_or_file: + stream.close() + if 'priv' in key_data and 'sign' in key_data and 'pub' in key_data: return libnacl.dual.DualSecret( libnacl.encode.hex_decode(key_data['priv']), diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.2/libnacl/version.py new/libnacl-1.4.3/libnacl/version.py --- old/libnacl-1.4.2/libnacl/version.py 2015-03-17 17:56:49.000000000 +0100 +++ new/libnacl-1.4.3/libnacl/version.py 2015-06-11 20:51:08.000000000 +0200 @@ -1 +1 @@ -__version__ = '1.4.2' +__version__ = '1.4.3' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.2/tests/unit/test_auth_verify.py new/libnacl-1.4.3/tests/unit/test_auth_verify.py --- old/libnacl-1.4.2/tests/unit/test_auth_verify.py 1970-01-01 01:00:00.000000000 +0100 +++ new/libnacl-1.4.3/tests/unit/test_auth_verify.py 2015-06-11 20:22:06.000000000 +0200 @@ -0,0 +1,48 @@ +# Import nacl libs +import libnacl +import libnacl.utils + +# Import python libs +import unittest + + +class TestAuthVerify(unittest.TestCase): + ''' + Test onetimeauth functions + ''' + def test_auth_verify(self): + msg = b'Anybody can invent a cryptosystem he cannot break himself. Except Bruce Schneier.' + key1 = libnacl.utils.salsa_key() + key2 = libnacl.utils.salsa_key() + + sig1 = libnacl.crypto_auth(msg, key1) + sig2 = libnacl.crypto_auth(msg, key2) + + self.assertTrue(libnacl.crypto_auth_verify(sig1, msg, key1)) + self.assertTrue(libnacl.crypto_auth_verify(sig2, msg, key2)) + with self.assertRaises(ValueError) as context: + libnacl.crypto_auth_verify(sig1, msg, key2) + self.assertTrue('Failed to auth msg' in context.exception.args) + + with self.assertRaises(ValueError) as context: + libnacl.crypto_auth_verify(sig2, msg, key1) + self.assertTrue('Failed to auth msg' in context.exception.args) + + def test_onetimeauth_verify(self): + msg = b'Anybody can invent a cryptosystem he cannot break himself. Except Bruce Schneier.' + key1 = libnacl.utils.rand_nonce() + key2 = libnacl.utils.rand_nonce() + + sig1 = libnacl.crypto_onetimeauth(msg, key1) + sig2 = libnacl.crypto_onetimeauth(msg, key2) + + self.assertTrue(libnacl.crypto_onetimeauth_verify(sig1, msg, key1)) + self.assertTrue(libnacl.crypto_onetimeauth_verify(sig2, msg, key2)) + with self.assertRaises(ValueError) as context: + libnacl.crypto_onetimeauth_verify(sig1, msg, key2) + self.assertTrue('Failed to auth msg' in context.exception.args) + + with self.assertRaises(ValueError) as context: + libnacl.crypto_onetimeauth_verify(sig2, msg, key1) + self.assertTrue('Failed to auth msg' in context.exception.args) + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.4.2/tests/unit/test_save.py new/libnacl-1.4.3/tests/unit/test_save.py --- old/libnacl-1.4.2/tests/unit/test_save.py 2015-03-17 17:37:45.000000000 +0100 +++ new/libnacl-1.4.3/tests/unit/test_save.py 2015-06-11 20:46:30.000000000 +0200 @@ -45,6 +45,12 @@ alice_dec = bob_load_box.decrypt(alice_enc) self.assertEqual(bob_dec, msg) self.assertEqual(alice_dec, msg) + + bob2 = libnacl.utils.load_key(bob_path) + self.assertEqual(bob.sk, bob2.sk) + self.assertEqual(bob.pk, bob2.pk) + self.assertEqual(bob.vk, bob2.vk) + os.remove(bob_path) os.remove(alice_path)
