Update to 1.9

2017-06-27 21:13:32 +02:00 · 2017-06-27 21:13:32 +02:00 · aababb3506
commit aababb3506
parent e0298e25e9
4 changed files with 21 additions and 126 deletions
--- a/.gitignore
+++ b/.gitignore
@ -2,3 +2,4 @@
 /cryptography-1.5.3.tar.gz
 /cryptography-1.7.1.tar.gz
 /cryptography-1.7.2.tar.gz
+/cryptography-1.9.tar.gz
--- a/add_memory_limit.patch
+++ b/add_memory_limit.patch
@ -1,105 +0,0 @@
--- a/src/cryptography/hazmat/backends/openssl/backend.py
-+++ b/src/cryptography/hazmat/backends/openssl/backend.py
-@@ -9,7 +9,6 @@ import calendar
- import collections
- import contextlib
- import itertools
-import sys
- from contextlib import contextmanager
- 
- import six
-@@ -61,6 +60,7 @@ from cryptography.hazmat.primitives.ciph
- from cryptography.hazmat.primitives.ciphers.modes import (
-     CBC, CFB, CFB8, CTR, ECB, GCM, OFB
- )
-+from cryptography.hazmat.primitives.kdf import scrypt
- 
- 
- _MemoryBIO = collections.namedtuple("_MemoryBIO", ["bio", "char_ptr"])
-@@ -1894,9 +1894,10 @@ class Backend(object):
- 
-     def derive_scrypt(self, key_material, salt, length, n, r, p):
-         buf = self._ffi.new("unsigned char[]", length)
-        res = self._lib.EVP_PBE_scrypt(key_material, len(key_material), salt,
-                                       len(salt), n, r, p, sys.maxsize // 2,
-                                       buf, length)
-+        res = self._lib.EVP_PBE_scrypt(
-+            key_material, len(key_material), salt, len(salt), n, r, p,
-+            scrypt._MEM_LIMIT, buf, length
-+        )
-         self.openssl_assert(res == 1)
-         return self._ffi.buffer(buf)[:]
- 
--- a/src/cryptography/hazmat/primitives/kdf/scrypt.py
-+++ b/src/cryptography/hazmat/primitives/kdf/scrypt.py
-@@ -4,6 +4,8 @@
- 
- from __future__ import absolute_import, division, print_function
- 
-+import sys
-+
- from cryptography import utils
- from cryptography.exceptions import (
-     AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
-@@ -13,6 +15,11 @@ from cryptography.hazmat.primitives impo
- from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
- 
- 
-+# This is used by the scrypt tests to skip tests that require more memory
-+# than the MEM_LIMIT
-+_MEM_LIMIT = sys.maxsize // 2
-+
-+
- @utils.register_interface(KeyDerivationFunction)
- class Scrypt(object):
-     def __init__(self, salt, length, n, r, p, backend):
--- a/tests/hazmat/primitives/test_scrypt.py
-+++ b/tests/hazmat/primitives/test_scrypt.py
-@@ -14,7 +14,7 @@ from cryptography.exceptions import (
-     AlreadyFinalized, InvalidKey, UnsupportedAlgorithm
- )
- from cryptography.hazmat.backends.interfaces import ScryptBackend
-from cryptography.hazmat.primitives.kdf.scrypt import Scrypt
-+from cryptography.hazmat.primitives.kdf.scrypt import Scrypt, _MEM_LIMIT
- 
- from tests.utils import load_nist_vectors, load_vectors_from_file
- 
-@@ -22,10 +22,30 @@ vectors = load_vectors_from_file(
-     os.path.join("KDF", "scrypt.txt"), load_nist_vectors)
- 
- 
-+def _skip_if_memory_limited(memory_limit, params):
-+    # Memory calc adapted from OpenSSL (URL split over 2 lines, thanks PEP8)
-+    # https://github.com/openssl/openssl/blob/6286757141a8c6e14d647ec733634a
-+    # e0c83d9887/crypto/evp/scrypt.c#L189-L221
-+    blen = int(params["p"]) * 128 * int(params["r"])
-+    vlen = 32 * int(params["r"]) * (int(params["n"]) + 2) * 4
-+    memory_required = blen + vlen
-+    if memory_limit < memory_required:
-+        pytest.skip("Test exceeds Scrypt memory limit. "
-+                    "This is likely a 32-bit platform.")
-+
-+
-+def test_memory_limit_skip():
-+    with pytest.raises(pytest.skip.Exception):
-+        _skip_if_memory_limited(1000, {"p": 16, "r": 64, "n": 1024})
-+
-+    _skip_if_memory_limited(2 ** 31, {"p": 16, "r": 64, "n": 1024})
-+
-+
- @pytest.mark.requires_backend_interface(interface=ScryptBackend)
- class TestScrypt(object):
-     @pytest.mark.parametrize("params", vectors)
-     def test_derive(self, backend, params):
-+        _skip_if_memory_limited(_MEM_LIMIT, params)
-         password = params["password"]
-         work_factor = int(params["n"])
-         block_size = int(params["r"])
-@@ -77,6 +97,7 @@ class TestScrypt(object):
- 
-     @pytest.mark.parametrize("params", vectors)
-     def test_verify(self, backend, params):
-+        _skip_if_memory_limited(_MEM_LIMIT, params)
-         password = params["password"]
-         work_factor = int(params["n"])
-         block_size = int(params["r"])
--- a/python-cryptography.spec
+++ b/python-cryptography.spec
@ -6,7 +6,7 @@
 %endif

 Name:           python-cryptography
-Version:        1.7.2
+Version:        1.9
 Release:        1%{?dist}
 Summary:        PyCA's cryptography library

@ -14,8 +14,6 @@ Group:          Development/Libraries
 License:        ASL 2.0 or BSD
 URL:            https://cryptography.io/en/latest/
 Source0:        https://pypi.io/packages/source/c/cryptography/cryptography-%{version}.tar.gz
-# Patch from https://github.com/pyca/cryptography/pull/3328
-Patch0:         add_memory_limit.patch

 BuildRequires:  openssl-devel

@ -25,32 +23,30 @@ BuildRequires:  python-setuptools
 BuildRequires:  python-pretend
 BuildRequires:  python-iso8601
 BuildRequires:  python-cryptography-vectors = %{version}
-BuildRequires:  python-pyasn1-modules >= 0.1.8
-BuildRequires:  python-hypothesis
+BuildRequires:  python2-asn1crypto >= 0.21
+BuildRequires:  python-hypothesis >= 1.11.4
 BuildRequires:  pytz

-BuildRequires:  python-idna >= 2.0
-BuildRequires:  python-pyasn1 >= 0.1.8
+BuildRequires:  python-idna >= 2.1
 BuildRequires:  python-six >= 1.4.1
-BuildRequires:  python-cffi >= 1.4.1
+BuildRequires:  python-cffi >= 1.7
 BuildRequires:  python-enum34
 BuildRequires:  python-ipaddress

 %if 0%{?with_python3}
 BuildRequires:  python3-devel
-BuildRequires:  python3-pytest
+BuildRequires:  python3-pytest >= 2.9
 BuildRequires:  python3-setuptools
 BuildRequires:  python3-pretend
 BuildRequires:  python3-iso8601
 BuildRequires:  python3-cryptography-vectors = %{version}
-BuildRequires:  python3-pyasn1-modules >= 0.1.8
-BuildRequires:  python3-hypothesis
+BuildRequires:  python3-asn1crypto >= 0.21
+BuildRequires:  python3-hypothesis >= 1.11.4
 BuildRequires:  python3-pytz

-BuildRequires:  python3-idna >= 2.0
-BuildRequires:  python3-pyasn1 >= 0.1.8
+BuildRequires:  python3-idna >= 2.1
 BuildRequires:  python3-six >= 1.4.1
-BuildRequires:  python3-cffi >= 1.4.1
+BuildRequires:  python3-cffi >= 1.7
 %endif

 %description
@ -69,10 +65,10 @@ Provides:       python-cryptography
 %endif

 Requires:       openssl
-Requires:       python-idna >= 2.0
-Requires:       python-pyasn1 >= 0.1.8
+Requires:       python-idna >= 2.1
+Requires:       python2-asn1crypto >= 0.21
 Requires:       python-six >= 1.4.1
-Requires:       python-cffi >= 1.4.1
+Requires:       python-cffi >= 1.7
 Requires:       python-enum34
 Requires:       python-ipaddress

@ -87,10 +83,10 @@ Summary:        PyCA's cryptography library
 %{?python_provide:%python_provide python3-cryptography}

 Requires:       openssl
-Requires:       python3-idna >= 2.0
-Requires:       python3-pyasn1 >= 0.1.8
+Requires:       python3-idna >= 2.1
+Requires:       python3-asn1crypto >= 0.21
 Requires:       python3-six >= 1.4.1
-Requires:       python3-cffi >= 1.4.1
+Requires:       python3-cffi >= 1.7

 %description -n python3-cryptography
 cryptography is a package designed to expose cryptographic primitives and
@ -153,6 +149,9 @@ popd


 %changelog
+* Tue Jun 27 2017 Christian Heimes <cheimes@redhat.com> - 1.9-1
+- Upstream release 1.9
+
 * Wed Feb 15 2017 Christian Heimes <cheimes@redhat.com> - 1.7.2-1
 - Update to latest upstream

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (cryptography-1.7.2.tar.gz) = 8ddd119385064e1f8288ff318ec16f500b5c125a3811ccb306aeb2664fac495fcdd3cb5a7cbacd10156505c9526b9cdbd66860b35bbcd2f9a6bb285dd6cba8c5
+SHA512 (cryptography-1.9.tar.gz) = 815e9c09366935f8603a3e6e74c28ce79175596d00dbcd19d3792505237bd1cf953a4f401c2b97e4beaa7f2bbdcf9d7f95c4753d001a07fa816830af97cdd24e