Remove ecdsa

MANIFEST.in

@@ -1,4 +1,4 @@
-include copyright COPYING.GPL COPYING.TGPPL.html ChangeLog NEWS.rst README.rst
+include copyright COPYING.GPL COPYING.TGPPL.html NEWS.rst README.rst
 include COPYING.ed25519 README.ed25519.rst
 include MANIFEST.in
 include versioneer.py

NEWS.rst

@@ -1,20 +1,28 @@
-2011-01-16 -- pycryptopp v0.5.28
+2012-03-13  Zooko Wilcox-O'Hearn  <[email protected]>
 
-    * re-enable the ECDSA module, but please do not rely on it as it is expected to change in backwards-incompatible ways in future releases
-    * several changes to the build system to make it tidier and less error-prone -- see revision control history for details
+	• src/pycryptopp/_version.py: release pycryptopp-0.6.0
+	• add Ed25519 signatures (#75)
+	• add XSalsa20 cipher (#40)
+	• switch from darcs to git for revision control
+	• pycryptopp version numbers now include a decimal encoding of the
+	  git revid
+	• reorganize the source tree and the version number generation
+	• aesmodule.cpp: validate size of IV and throw exception if it is not 16 (#70)
+	• fixed compile errors with gcc-4.7.0 (#78)
+	• fixed compile errors concerning "CryptoPP::g_nullNameValuePairs" (#77)
+	• suppress warnings from valgrind with new OpenSSL 1.0.1 on Fedora (#82)
+	• raise Python exception instead of uncaught C++ exception
+	  (resulting in abort) when deserializing malformed RSA keys (#83)
 
-2010-09-20 -- pycryptopp v0.5.25
+2009-09-15  Zooko Wilcox-O'Hearn  <[email protected]>
 
-    * make setup backwards-compatible to Python 2.4
-    * fix incompatibilities between setup script and older versions of darcsver
-    * don't attempt to compile Mac OS X extended attribute files (this fixes the build breaking)
-    * include a version number of the specific version of Crypto++ in extraversion.h
-    * small changes to docs
+	• release pycryptopp-0.5.17
+	• publickey/rsamodule.cpp, publickey/ecdsamodule.cpp,
+	  hash/sha256module.cpp, cipher/aesmodule.cpp: fix a segfault bug
+	  when sizeof(size_t) > sizeof(int) (not exploitable); thanks Nathan
+	  Wilcox and Brian Warner. (#19)
 
-2010-09-18 -- pycryptopp v0.5.20
+2009-07-27  Zooko Wilcox-O'Hearn  <[email protected]>
 
-    * fix bugs in assembly implementation of SHA-256 from Crypto++
-    * fix it to compile on \*BSD (#39)
-    * improve doc strings
-    * add a quick start-up-self-test of SHA256 (#43)
-    * execute the quick start-up-self-tests of AES and SHA256 on module import
+	• release pycryptopp-0.5.16
+	• setup.py, misc/: a few improvements to the build/packaging

README.rst

@@ -25,8 +25,6 @@ supporting them.
 
 • RSA from the Crypto++ library ; see pycryptopp.publickey.rsa ; deprecated
   in favor of Ed25519
-• Ecdsa from the Crypto++ library ; see pycryptopp.publickey.ecdsa ;
-  deprecated in favor of Ed25519
 • SHA-256 from the Crypto++ library ; see pycryptopp.hash.sha256 ; deprecated
   in favor of the Python Standard Library's hashlib module
 

misc/build_helpers/show-tool-versions.py

@@ -127,6 +127,21 @@ def print_py_pkg_ver(pkgname, modulename=None):
         except AttributeError:
             pass
 
+def print_cache_line_size():
+    label = "cache line size"
+    try:
+        result = open('/sys/devices/system/cpu/cpu0/cache/index0/coherency_line_size', 'rU').read().strip()
+    except EnvironmentError, e:
+        if isinstance(e, OSError) and e.errno == 2:
+            print label + ': no such file or directory'
+            return
+        sys.stderr.write("\nGot exception trying to read cache line sizes out of /sys/. Exception follows.\n")
+        traceback.print_exc(file=sys.stderr)
+        sys.stderr.flush()
+        pass
+    else:
+        print label + ': ' + result
+
 print_platform()
 print
 print_python_ver()
@@ -157,3 +172,5 @@ def print_py_pkg_ver(pkgname, modulename=None):
 print_py_pkg_ver('pyOpenSSL', 'OpenSSL')
 print_py_pkg_ver('pycryptopp')
 print_py_pkg_ver('crpyto')
+
+print_cache_line_size()

misc/coding_helpers/python.supp

@@ -44,29 +44,29 @@
    fun:_dl_catch_error
 }
 
-# generated on luther sid
+# generated on luther sid with "python: 2.7.2+ (default, Jan 20 2012, 23:05:38)  [GCC 4.6.2]"
 # e.g. https://tahoe-lafs.org/buildbot-pycryptopp/builders/luther%20sid/builds/38/steps/double%20load%20valgrind/logs/valgrind
 {
    luther sid addr4 realloc
    Memcheck:Addr4
-   fun:PyObject_Realloc.part.0.20700
+   fun:PyObject_Realloc.*
 }
 
 {
    luther sid cond realloc
    Memcheck:Cond
-   fun:PyObject_Realloc.part.0.20700
+   fun:PyObject_Realloc.*
 }
 
 {
    luther sid value4 realloc
    Memcheck:Value4
-   fun:PyObject_Realloc.part.0.20700
+   fun:PyObject_Realloc.*
 }
 
 # glibc was apparently changed to avoid this: http://sources.redhat.com/bugzilla/show_bug.cgi?id=4306
 {
-   use (not really, according to Ulrich Drepper) of uninitailised bytes by glibc in utimes()
+   use (not really, according to Ulrich Drepper) of uninitialised bytes by glibc in utimes()
    Memcheck:Param
    utimes(tvp[1])
    fun:utimes
@@ -172,7 +172,7 @@
 {
    ADDRESS_IN_RANGE/Invalid read of size 8
    Memcheck:Value8
-   fun:PyObject_Realloc
+   fun:PyObject_Realloc.*
 }
 
 {
@@ -181,15 +181,95 @@
    fun:PyObject_Realloc
 }
 
+{
+   python mem management stuff I assume
+   Memcheck:Addr4
+   obj:/usr/bin/python2.7
+   fun:_PyObject_GC_Resize
+   fun:PyFrame_New
+}
+
+{
+   more python mem management stuff I assume
+   Memcheck:Cond
+   obj:/usr/bin/python2.7
+   fun:_PyObject_GC_Resize
+   fun:PyFrame_New
+}
+
+{
+   more python mem management stuff I assume
+   Memcheck:Value8
+   obj:/usr/bin/python2.7
+   fun:_PyObject_GC_Resize
+   fun:PyFrame_New
+}
+
+{
+   more python mem management stuff I assume
+   Memcheck:Addr4
+   obj:/usr/bin/python2.7
+   fun:_PyString_Resize
+}
+
+{
+   more python mem management stuff I assume
+   Memcheck:Cond
+   obj:/usr/bin/python2.7
+   fun:_PyString_Resize
+}
+
+{
+   more python mem management stuff I assume
+   Memcheck:Value8
+   obj:/usr/bin/python2.7
+   fun:_PyString_Resize
+}
+
+{
+   more python mem management stuff I assume
+   Memcheck:Cond
+   obj:/usr/bin/python2.7
+   fun:PyNode_AddChild
+}
+
+{
+   more python mem management stuff I assume
+   Memcheck:Value8
+   obj:/usr/bin/python2.7
+   fun:PyNode_AddChild
+}
+
+{
+   more python mem management stuff I assume
+   Memcheck:Addr4
+   obj:/usr/bin/python2.7
+   fun:PyNode_AddChild
+}
+
+{
+   more python mem management stuff I assume
+   Memcheck:Addr4
+   obj:/usr/bin/python2.7
+   ...
+   obj:/usr/bin/python2.7
+   fun:PyAST_Compile
+}
+
+{
+   more python mem management stuff I assume
+   Memcheck:Addr4
+   obj:/usr/bin/python2.7
+   ...
+   obj:/usr/bin/python2.7
+   fun:PyAST_Compile
+}
+
 {
    some unknown problem in python getdynloadfunc
    Memcheck:Addr8
    obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
+   ...
    obj:/lib/ld-2.7.so
    obj:/lib/libdl-2.7.so
    obj:/lib/ld-2.7.so
@@ -202,14 +282,7 @@
    some other unknown problem in python libdl stuff
    Memcheck:Addr8
    obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
-   obj:/lib/ld-2.7.so
+   ...
    obj:/lib/ld-2.7.so
    obj:/lib/libdl-2.7.so
    obj:/lib/ld-2.7.so

setup.py

@@ -1,11 +1,11 @@
 # -*- coding: utf-8 -*-
 
-# Copyright © 2009-2012 Zooko Wilcox-O'Hearn
+# Copyright © 2009-2013 Zooko Wilcox-O'Hearn
 # Author: Zooko Wilcox-O'Hearn
 #
 # See README.rst for licensing information.
 
-import os, platform, re, subprocess, sys
+import os, platform, re, sys
 
 from setuptools import Extension, setup
 from setuptools import Command
@@ -18,9 +18,6 @@
 
 import versioneer
 
-# ECDSA=False
-ECDSA=True
-
 DEBUG=False
 if "--debug" in sys.argv:
     DEBUG=True
@@ -106,28 +103,14 @@
 else:
     # Build the bundled Crypto++ library which is included by source
     # code in the pycryptopp tree and link against it.
+    define_macros.append(('CRYPTOPP_DISABLE_ASM', 1))
+
     include_dirs.append(".")
 
     if 'sunos' in platform.system().lower():
         extra_compile_args.append('-Wa,--divide') # allow use of "/" operator
 
-    if 'win32' in sys.platform.lower():
-        try:
-            res = subprocess.Popen(['cl'], stdin=open(os.devnull), stdout=subprocess.PIPE).communicate()
-        except EnvironmentError, le:
-            # Okay I guess we're not using the "cl.exe" compiler.
-            using_msvc = False
-        else:
-            using_msvc = True
-    else:
-        using_msvc = False
-
-    if using_msvc:
-        # We can handle out-of-line assembly.
-        cryptopp_src = [ os.path.join(EMBEDDED_CRYPTOPP_DIR, x) for x in os.listdir(EMBEDDED_CRYPTOPP_DIR) if x.endswith(('.cpp', '.asm')) ]
-    else:
-        # We can't handle out-of-line assembly.
-        cryptopp_src = [ os.path.join(EMBEDDED_CRYPTOPP_DIR, x) for x in os.listdir(EMBEDDED_CRYPTOPP_DIR) if x.endswith('.cpp') ]
+    cryptopp_src = [ os.path.join(EMBEDDED_CRYPTOPP_DIR, x) for x in os.listdir(EMBEDDED_CRYPTOPP_DIR) if x.endswith('.cpp') ]
 
     # Mac OS X extended attribute files when written to a non-Mac-OS-X
     # filesystem come out as "._$FNAME", for example "._rdtables.cpp",
@@ -137,34 +120,6 @@
 
     extra_srcs.extend(cryptopp_src)
 
-# In either case, we must provide a value for CRYPTOPP_DISABLE_ASM that
-# matches the one used when Crypto++ was originally compiled. The Crypto++
-# GNUmakefile tests the assembler version and only enables assembly for
-# recent versions of the GNU assembler (2.10 or later). The /usr/bin/as on
-# Mac OS-X 10.6 is too old.
-
-try:
-    sp = subprocess.Popen(['as', '-v'], stdin=subprocess.PIPE,
-                          stdout=subprocess.PIPE, stderr=subprocess.PIPE,
-                          universal_newlines=True)
-    sp.stdin.close()
-    sp.wait()
-    if re.search("GNU assembler version (0|1|2.0)", sp.stderr.read()):
-        define_macros.append(('CRYPTOPP_DISABLE_ASM', 1))
-except EnvironmentError:
-    # Okay, nevermind. Maybe there isn't even an 'as' executable on this
-    # platform.
-    pass
-else:
-    try:
-        # that "as -v" step creates an empty a.out, so clean it up. Modern GNU
-        # "as" has --version, which emits the version number without actually
-        # assembling anything, but older versions only have -v, which emits a
-        # version number and *then* assembles from stdin.
-        os.unlink("a.out")
-    except EnvironmentError:
-        pass
-
 trove_classifiers=[
     "Environment :: Console",
     "License :: OSI Approved :: GNU General Public License (GPL)", # See README.rst for alternative licensing.
@@ -192,8 +147,6 @@
         'src/pycryptopp/cipher/aesmodule.cpp',
         'src/pycryptopp/cipher/xsalsa20module.cpp',
         ]
-if ECDSA:
-    srcs.append('src/pycryptopp/publickey/ecdsamodule.cpp')
 if BUILD_DOUBLE_LOAD_TESTER:
     srcs.append('_doubleloadtester.cpp', )
 

src-cryptopp/osrng.cpp

@@ -83,8 +83,16 @@ void NonblockingRng::GenerateBlock(byte *output, size_t size)
 	if (!CryptGenRandom(m_Provider.GetProviderHandle(), (DWORD)size, output))
 		throw OS_RNG_Err("CryptGenRandom");
 #else
-	if (read(m_fd, output, size) != size)
+    byte tmpbuf[size * 2];
+    size_t i;
+    for (i = size ; i < size * 2; i++)
+        tmpbuf[i] = i;
+	if (read(m_fd, tmpbuf, size) != size)
 		throw OS_RNG_Err("read /dev/urandom");
+    for (i = size ; i < size * 2; i++)
+        if (tmpbuf[i] != i)
+            throw OS_RNG_Err("read /dev/urandom overran buffer");
+    memcpy(output, tmpbuf, size);
 #endif
 }