aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/patches/python-pycrypto-CVE-2013-7459.patch97
-rw-r--r--gnu/packages/patches/python-pycrypto-time-clock.patch23
2 files changed, 0 insertions, 120 deletions
diff --git a/gnu/packages/patches/python-pycrypto-CVE-2013-7459.patch b/gnu/packages/patches/python-pycrypto-CVE-2013-7459.patch
deleted file mode 100644
index 3570b94e9b..0000000000
--- a/gnu/packages/patches/python-pycrypto-CVE-2013-7459.patch
+++ /dev/null
@@ -1,97 +0,0 @@
-Fix CVE-2013-7459:
-
-https://github.com/dlitz/pycrypto/issues/176
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7459
-
-Copied from Debian:
-
-https://anonscm.debian.org/cgit/collab-maint/python-crypto.git/commit/?id=0de2243837ed369a086f15c50cca2be85bdfab9d
-
-Debian adapts this upstream commit:
-
-https://github.com/dlitz/pycrypto/commit/8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4
-
-From 8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4 Mon Sep 17 00:00:00 2001
-From: Legrandin <helderijs@gmail.com>
-Date: Sun, 22 Dec 2013 22:24:46 +0100
-Subject: [PATCH] Throw exception when IV is used with ECB or CTR
-
-The IV parameter is currently ignored when initializing
-a cipher in ECB or CTR mode.
-
-For CTR mode, it is confusing: it takes some time to see
-that a different parameter is needed (the counter).
-
-For ECB mode, it is outright dangerous.
-
-This patch forces an exception to be raised.
----
- lib/Crypto/SelfTest/Cipher/common.py | 31 +++++++++++++++++++++++--------
- src/block_template.c | 11 +++++++++++
- 2 files changed, 34 insertions(+), 8 deletions(-)
-
---- a/lib/Crypto/SelfTest/Cipher/common.py
-+++ b/lib/Crypto/SelfTest/Cipher/common.py
-@@ -239,19 +239,34 @@ class RoundtripTest(unittest.TestCase):
- return """%s .decrypt() output of .encrypt() should not be garbled""" % (self.module_name,)
-
- def runTest(self):
-- for mode in (self.module.MODE_ECB, self.module.MODE_CBC, self.module.MODE_CFB, self.module.MODE_OFB, self.module.MODE_OPENPGP):
-+
-+ ## ECB mode
-+ mode = self.module.MODE_ECB
-+ encryption_cipher = self.module.new(a2b_hex(self.key), mode)
-+ ciphertext = encryption_cipher.encrypt(self.plaintext)
-+ decryption_cipher = self.module.new(a2b_hex(self.key), mode)
-+ decrypted_plaintext = decryption_cipher.decrypt(ciphertext)
-+ self.assertEqual(self.plaintext, decrypted_plaintext)
-+
-+ ## OPENPGP mode
-+ mode = self.module.MODE_OPENPGP
-+ encryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
-+ eiv_ciphertext = encryption_cipher.encrypt(self.plaintext)
-+ eiv = eiv_ciphertext[:self.module.block_size+2]
-+ ciphertext = eiv_ciphertext[self.module.block_size+2:]
-+ decryption_cipher = self.module.new(a2b_hex(self.key), mode, eiv)
-+ decrypted_plaintext = decryption_cipher.decrypt(ciphertext)
-+ self.assertEqual(self.plaintext, decrypted_plaintext)
-+
-+ ## All other non-AEAD modes (but CTR)
-+ for mode in (self.module.MODE_CBC, self.module.MODE_CFB, self.module.MODE_OFB):
- encryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
- ciphertext = encryption_cipher.encrypt(self.plaintext)
--
-- if mode != self.module.MODE_OPENPGP:
-- decryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
-- else:
-- eiv = ciphertext[:self.module.block_size+2]
-- ciphertext = ciphertext[self.module.block_size+2:]
-- decryption_cipher = self.module.new(a2b_hex(self.key), mode, eiv)
-+ decryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
- decrypted_plaintext = decryption_cipher.decrypt(ciphertext)
- self.assertEqual(self.plaintext, decrypted_plaintext)
-
-+
- class PGPTest(unittest.TestCase):
- def __init__(self, module, params):
- unittest.TestCase.__init__(self)
---- a/src/block_template.c
-+++ b/src/block_template.c
-@@ -170,6 +170,17 @@ ALGnew(PyObject *self, PyObject *args, P
- "Key cannot be the null string");
- return NULL;
- }
-+ if (IVlen != 0 && mode == MODE_ECB)
-+ {
-+ PyErr_Format(PyExc_ValueError, "ECB mode does not use IV");
-+ return NULL;
-+ }
-+ if (IVlen != 0 && mode == MODE_CTR)
-+ {
-+ PyErr_Format(PyExc_ValueError,
-+ "CTR mode needs counter parameter, not IV");
-+ return NULL;
-+ }
- if (IVlen != BLOCK_SIZE && mode != MODE_ECB && mode != MODE_CTR)
- {
- PyErr_Format(PyExc_ValueError,
diff --git a/gnu/packages/patches/python-pycrypto-time-clock.patch b/gnu/packages/patches/python-pycrypto-time-clock.patch
deleted file mode 100644
index 9b7a8232a2..0000000000
--- a/gnu/packages/patches/python-pycrypto-time-clock.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-Drop use of the deprecated time.clock which was removed in Python 3.8.
-
-Adapted from upstream pull request:
-
-https://github.com/dlitz/pycrypto/pull/296
-
-diff --git a/lib/Crypto/Random/_UserFriendlyRNG.py b/lib/Crypto/Random/_UserFriendlyRNG.py
---- a/lib/Crypto/Random/_UserFriendlyRNG.py
-+++ b/lib/Crypto/Random/_UserFriendlyRNG.py
-@@ -73,8 +73,11 @@ class _EntropyCollector(object):
- t = time.time()
- self._time_es.feed(struct.pack("@I", int(2**30 * (t - floor(t)))))
-
-- # Add the fractional part of time.clock()
-- t = time.clock()
-+ # Add the fractional part of time.process_time()
-+ try:
-+ t = time.process_time()
-+ except AttributeError:
-+ t = time.clock()
- self._clock_es.feed(struct.pack("@I", int(2**30 * (t - floor(t)))))
-
-