Hello community,
here is the log from the commit of package python-libnacl for openSUSE:Factory checked in at 2014-08-15 09:55:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-libnacl (Old)
and /work/SRC/openSUSE:Factory/.python-libnacl.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-libnacl"
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-libnacl/python-libnacl.changes 2014-07-31 07:42:06.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.python-libnacl.new/python-libnacl.changes 2014-08-15 09:56:19.000000000 +0200
@@ -1,0 +2,6 @@
+Thu Aug 14 18:57:32 UTC 2014 - aboe76@gmail.com
+
+- Updated to 1.3.2:
+ + Add detection of the libsodium.so.10 lib created by libsodium 0.6
+
+-------------------------------------------------------------------
Old:
----
libnacl-1.2.0.tar.gz
New:
----
libnacl-1.3.2.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-libnacl.spec ++++++
--- /var/tmp/diff_new_pack.0mLLlH/_old 2014-08-15 09:56:20.000000000 +0200
+++ /var/tmp/diff_new_pack.0mLLlH/_new 2014-08-15 09:56:20.000000000 +0200
@@ -16,7 +16,7 @@
#
Name: python-libnacl
-Version: 1.2.0
+Version: 1.3.2
Release: 0
License: Apache-2.0
Summary: Python bindings for libsodium/tweetnacl based on ctypes
++++++ libnacl-1.2.0.tar.gz -> libnacl-1.3.2.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/PKG-INFO new/libnacl-1.3.2/PKG-INFO
--- old/libnacl-1.2.0/PKG-INFO 2014-07-24 01:07:51.000000000 +0200
+++ new/libnacl-1.3.2/PKG-INFO 2014-08-13 04:50:56.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: libnacl
-Version: 1.2.0
+Version: 1.3.2
Summary: Python bindings for libsodium/tweetnacl based on ctypes
Home-page: https://libnacl.readthedocs.org/
Author: Thomas S Hatch
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/doc/index.rst new/libnacl-1.3.2/doc/index.rst
--- old/libnacl-1.2.0/doc/index.rst 2014-06-09 21:38:26.000000000 +0200
+++ new/libnacl-1.3.2/doc/index.rst 2014-08-13 04:25:43.000000000 +0200
@@ -9,10 +9,12 @@
topics/public
topics/secret
topics/sign
+ topics/dual
topics/raw_public
topics/raw_secret
topics/raw_sign
topics/raw_hash
+ topics/releases/index
Indices and tables
@@ -21,4 +23,3 @@
* :ref:`genindex`
* :ref:`modindex`
* :ref:`search`
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/doc/topics/raw_public.rst new/libnacl-1.3.2/doc/topics/raw_public.rst
--- old/libnacl-1.2.0/doc/topics/raw_public.rst 2014-06-09 21:38:26.000000000 +0200
+++ new/libnacl-1.3.2/doc/topics/raw_public.rst 2014-08-13 04:25:43.000000000 +0200
@@ -32,13 +32,12 @@
reused. This means that the nonce needs to be generated in such a way that
the probability of reusing the nonce string with the same keypair is very
low. The libnacl wrapper ships with a convenience function which generates a
-nonce from the microsecond timestamp plus 4 random chars. This is a fairly safe
-way to generate the nonce:
+nonce from random bytes:
.. code-block:: python
import libnacl.utils
- nonce = libnacl.utils.time_nonce()
+ nonce = libnacl.utils.rand_nonce()
Now, with a nonce a cryptographic box can be created, Alice will send a
message:
@@ -67,7 +66,7 @@
alice_pk, alice_sk = libnacl.crypto_keypair()
bob_pk, bob_sk = libnacl.crypto_keypair()
- nonce = libnacl.utils.time_nonce()
+ nonce = libnacl.utils.rand_nonce()
msg = 'Quiet, quiet. Quiet! There are ways of telling whether she is a witch.'
box = libnacl.crypto_box(msg, nonce, bob_pk, alice_sk)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/doc/topics/raw_secret.rst new/libnacl-1.3.2/doc/topics/raw_secret.rst
--- old/libnacl-1.2.0/doc/topics/raw_secret.rst 2014-06-09 21:38:26.000000000 +0200
+++ new/libnacl-1.3.2/doc/topics/raw_secret.rst 2014-08-13 04:25:43.000000000 +0200
@@ -19,8 +19,7 @@
provides a convenience function for the generation of this key called
libnacl.utils.salsa_key, then generate a nonce, a new nonce should be used
every time a new message is encrypted. A convenience function to create a unique
-nonce based on a microsecond timestamp plus 4 random characters is provided
-by the libnacl.utils.time_nonce function:
+nonce based on random bytes:
.. code-block:: python
@@ -28,7 +27,7 @@
import libnacl.utils
key = libnacl.utils.salsa_key()
- nonce = libnacl.utils.time_nonce()
+ nonce = libnacl.utils.rand_nonce()
With the key and nonce in hand, the cryptographic secret box can now be
generated:
@@ -53,7 +52,7 @@
import libnacl.utils
key = libnacl.utils.salsa_key()
- nonce = libnacl.utils.time_nonce()
+ nonce = libnacl.utils.rand_nonce()
msg = 'Who are you who are so wise in the ways of science?'
box = libnacl.crypto_secretbox(msg, nonce, key)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/doc/topics/releases/1.0.0.rst new/libnacl-1.3.2/doc/topics/releases/1.0.0.rst
--- old/libnacl-1.2.0/doc/topics/releases/1.0.0.rst 1970-01-01 01:00:00.000000000 +0100
+++ new/libnacl-1.3.2/doc/topics/releases/1.0.0.rst 2014-08-13 04:25:43.000000000 +0200
@@ -0,0 +1,13 @@
+===========================
+libnacl 1.0.0 Release Notes
+===========================
+
+This is the first stable release of libnacl, the python bindings for Daniel J.
+Bernstein's nacl library via libsodium or tweetnacl.
+
+NaCl Base Functions
+===================
+
+This release features direct access to the underlying functions from nacl
+exposed via importing libnacl. These functions are fully documented and can
+be safely used directly.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/doc/topics/releases/1.1.0.rst new/libnacl-1.3.2/doc/topics/releases/1.1.0.rst
--- old/libnacl-1.2.0/doc/topics/releases/1.1.0.rst 1970-01-01 01:00:00.000000000 +0100
+++ new/libnacl-1.3.2/doc/topics/releases/1.1.0.rst 2014-08-13 04:25:43.000000000 +0200
@@ -0,0 +1,21 @@
+===========================
+libnacl 1.1.0 Release Notes
+===========================
+
+This release introduces the addition of high level classes that make using
+NaCl even easier.
+
+High level NaCl
+===============
+
+The addition of the high level classes give a more pythonic abstraction to
+using the underlying NaCl cryptography.
+
+These classes can be found in libnacl.public, libnacl.sign and libnacl.secret.
+
+Easy Nonce Generation
+=====================
+
+The new classes will automatically generate a nonce value per encrypted
+message. The default nonce which is generated can be found in
+`libnacl.utils.time_nonce`.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/doc/topics/releases/1.2.0.rst new/libnacl-1.3.2/doc/topics/releases/1.2.0.rst
--- old/libnacl-1.2.0/doc/topics/releases/1.2.0.rst 1970-01-01 01:00:00.000000000 +0100
+++ new/libnacl-1.3.2/doc/topics/releases/1.2.0.rst 2014-08-13 04:25:43.000000000 +0200
@@ -0,0 +1,22 @@
+===========================
+libnacl 1.2.0 Release Notes
+===========================
+
+This release introduces the DualKey class, secure key saving and loading, as
+well as enhancements to the time_nonce function.
+
+Dual Key Class
+==============
+
+Dual Keys are classes which can encrypt and sign data. These classes generate
+and maintain both Curve25519 and Ed25519 keys, as well as all methods for both
+encryption and signing.
+
+Time Nonce Improvements
+=======================
+
+The original time nonce routine used the first 20 chars of the 24 char nonce
+for the microsecond timestamp (based on salt's jid), leaving 4 chars for random
+data. This new nonce uses far fewer chars for the timestamp by hex encoding the
+float of microseconds into just 13 chars, leaving 11 chars of random data. This
+makes the default nonce safer and more secure.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/doc/topics/releases/1.3.0.rst new/libnacl-1.3.2/doc/topics/releases/1.3.0.rst
--- old/libnacl-1.2.0/doc/topics/releases/1.3.0.rst 1970-01-01 01:00:00.000000000 +0100
+++ new/libnacl-1.3.2/doc/topics/releases/1.3.0.rst 2014-08-13 04:25:43.000000000 +0200
@@ -0,0 +1,6 @@
+===========================
+libnacl 1.3.0 Release Notes
+===========================
+
+This release removes the time_nonce function and replaces it with the
+rand_nonce function.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/doc/topics/releases/1.3.1.rst new/libnacl-1.3.2/doc/topics/releases/1.3.1.rst
--- old/libnacl-1.2.0/doc/topics/releases/1.3.1.rst 1970-01-01 01:00:00.000000000 +0100
+++ new/libnacl-1.3.2/doc/topics/releases/1.3.1.rst 2014-08-13 04:25:43.000000000 +0200
@@ -0,0 +1,5 @@
+===========================
+libnacl 1.3.1 Release Notes
+===========================
+
+Bring back a safe time_nonce function.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/doc/topics/releases/1.3.2.rst new/libnacl-1.3.2/doc/topics/releases/1.3.2.rst
--- old/libnacl-1.2.0/doc/topics/releases/1.3.2.rst 1970-01-01 01:00:00.000000000 +0100
+++ new/libnacl-1.3.2/doc/topics/releases/1.3.2.rst 2014-08-13 04:48:49.000000000 +0200
@@ -0,0 +1,5 @@
+===========================
+libnacl 1.3.1 Release Notes
+===========================
+
+Add detection of the libsodium.so.10 lib created by libsodium 0.6
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/doc/topics/releases/index.rst new/libnacl-1.3.2/doc/topics/releases/index.rst
--- old/libnacl-1.2.0/doc/topics/releases/index.rst 1970-01-01 01:00:00.000000000 +0100
+++ new/libnacl-1.3.2/doc/topics/releases/index.rst 2014-08-13 04:25:43.000000000 +0200
@@ -0,0 +1,9 @@
+=============
+Release notes
+=============
+
+.. toctree::
+ :maxdepth: 1
+ :glob:
+
+ [0-9]*
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/libnacl/__init__.py new/libnacl-1.3.2/libnacl/__init__.py
--- old/libnacl-1.2.0/libnacl/__init__.py 2014-07-09 05:14:32.000000000 +0200
+++ new/libnacl-1.3.2/libnacl/__init__.py 2014-08-13 04:40:25.000000000 +0200
@@ -43,6 +43,10 @@
except OSError:
pass
try:
+ return ctypes.cdll.LoadLibrary('libsodium.so.10')
+ except OSError:
+ pass
+ try:
return ctypes.cdll.LoadLibrary('libsodium.so.5')
except OSError:
pass
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/libnacl/public.py new/libnacl-1.3.2/libnacl/public.py
--- old/libnacl-1.2.0/libnacl/public.py 2014-07-09 05:14:32.000000000 +0200
+++ new/libnacl-1.3.2/libnacl/public.py 2014-08-13 04:25:43.000000000 +0200
@@ -53,11 +53,11 @@
def encrypt(self, msg, nonce=None, pack_nonce=True):
'''
Encrypt the given message with the given nonce, if the nonce is not
- provided it will be generated from the libnacl.utils.time_nonce
+ provided it will be generated from the libnacl.utils.rand_nonce
function
'''
if nonce is None:
- nonce = libnacl.utils.time_nonce()
+ nonce = libnacl.utils.rand_nonce()
elif len(nonce) != libnacl.crypto_box_NONCEBYTES:
raise ValueError('Invalid nonce size')
ctxt = libnacl.crypto_box_afternm(msg, nonce, self._k)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/libnacl/secret.py new/libnacl-1.3.2/libnacl/secret.py
--- old/libnacl-1.2.0/libnacl/secret.py 2014-06-25 18:36:42.000000000 +0200
+++ new/libnacl-1.3.2/libnacl/secret.py 2014-08-13 04:25:43.000000000 +0200
@@ -22,10 +22,10 @@
def encrypt(self, msg, nonce=None):
'''
Encrypt the given message. If a nonce is not given it will be
- generated via the time_nonce function
+ generated via the rand_nonce function
'''
if nonce is None:
- nonce = libnacl.utils.time_nonce()
+ nonce = libnacl.utils.rand_nonce()
if len(nonce) != libnacl.crypto_secretbox_NONCEBYTES:
raise ValueError('Invalid Nonce')
ctxt = libnacl.crypto_secretbox(msg, nonce, self.sk)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/libnacl/utils.py new/libnacl-1.3.2/libnacl/utils.py
--- old/libnacl-1.2.0/libnacl/utils.py 2014-07-24 00:37:38.000000000 +0200
+++ new/libnacl-1.3.2/libnacl/utils.py 2014-08-13 04:40:25.000000000 +0200
@@ -1,5 +1,8 @@
# -*- coding: utf-8 -*-
+import struct
+import time
+
# Import nacl libs
import libnacl
import libnacl.encode
@@ -7,10 +10,6 @@
import libnacl.sign
import libnacl.dual
-# Import python libs
-import time
-import binascii
-
def load_key(path, serial='json'):
'''
@@ -50,16 +49,20 @@
return libnacl.randombytes(libnacl.crypto_secretbox_KEYBYTES)
-def time_nonce(size=24):
+def rand_nonce():
+ '''
+ Generates and returns a random bytestring of the size defined in libsodium
+ as crypto_box_NONCEBYTES
'''
- Generates a safe nonce
+ return libnacl.randombytes(libnacl.crypto_box_NONCEBYTES)
- The nonce generated here is done by grabbing the 20 digit microsecond
- timestamp and appending 4 random chars
+
+def time_nonce():
+ '''
+ Generates and returns a nonce as in rand_nonce() but using a timestamp for the first 8 bytes.
+
+ This function now exists mostly for backwards compatibility, as rand_nonce() is usually preferred.
'''
- size = max(int(size), 16)
- front = '{0:0x}'.format(int(time.time() * 1000000))
- extra = size - len(front)
- back = binascii.hexlify(libnacl.randombytes(extra // 2 + extra % 2))
- nonce = ((front + back.decode(encoding='UTF-8'))[:size])
- return nonce.encode(encoding='UTF-8')
+ nonce = rand_nonce()
+ return (struct.pack('=d', time.time()) + nonce)[:len(nonce)]
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/libnacl/version.py new/libnacl-1.3.2/libnacl/version.py
--- old/libnacl-1.2.0/libnacl/version.py 2014-07-24 00:44:48.000000000 +0200
+++ new/libnacl-1.3.2/libnacl/version.py 2014-08-13 04:46:51.000000000 +0200
@@ -1 +1 @@
-__version__ = '1.2.0'
+__version__ = '1.3.2'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libnacl-1.2.0/pkg/rpm/python-libnacl.spec new/libnacl-1.3.2/pkg/rpm/python-libnacl.spec
--- old/libnacl-1.2.0/pkg/rpm/python-libnacl.spec 1970-01-01 01:00:00.000000000 +0100
+++ new/libnacl-1.3.2/pkg/rpm/python-libnacl.spec 2014-08-13 04:25:43.000000000 +0200
@@ -0,0 +1,113 @@
+%if 0%{?fedora} > 12 || 0%{?rhel} > 6
+%global with_python3 1
+%else
+
+%if 0%{?rhel} == 5
+%global with_python26 1
+%global pybasever 2.6
+%endif
+
+%{!?__python2: %global __python2 /usr/bin/python%{?pybasever}}
+%{!?python2_sitearch: %global python2_sitearch %(%{__python2} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
+%{!?python2_sitelib: %global python2_sitelib %(%{__python2} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
+%endif
+
+%global srcname libnacl
+
+Name: python-%{srcname}
+Version: 1.1.0
+Release: 1%{?dist}
+Summary: Python bindings for libsodium/tweetnacl based on ctypes
+
+Group: Development/Libraries
+License: ASL 2.0
+URL: https://github.com/saltstack/libnacl
+Source0: https://pypi.python.org/packages/source/l/%{srcname}/%{srcname}-%{version}.tar.gz
+
+BuildRoot: %{_tmppath}/%{srcname}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildArch: noarch
+
+BuildRequires: libsodium
+Requires: libsodium
+
+%if 0%{?with_python26}
+BuildRequires: python26-devel
+BuildRequires: python26-setuptools
+%else
+BuildRequires: python-devel
+BuildRequires: python-setuptools
+%endif
+
+%if 0%{?with_python3}
+BuildRequires: python3-devel
+BuildRequires: python3-setuptools
+%endif
+
+%description
+This library is used to gain direct access to the functions exposed by Daniel
+J. Bernstein's nacl library via libsodium or tweetnacl. It has been constructed
+to maintain extensive documentation on how to use nacl as well as being
+completely portable. The file in libnacl/__init__.py can be pulled out and
+placed directly in any project to give a single file binding to all of nacl.
+
+%if 0%{?with_python3}
+%package -n python3-%{srcname}
+Summary: Python bindings for libsodium/tweetnacl based on ctypes
+Group: Development/Libraries
+Requires: libsodium
+
+%description -n python3-%{srcname}
+This library is used to gain direct access to the functions exposed by Daniel
+J. Bernstein's nacl library via libsodium or tweetnacl. It has been constructed
+to maintain extensive documentation on how to use nacl as well as being
+completely portable. The file in libnacl/__init__.py can be pulled out and
+placed directly in any project to give a single file binding to all of nacl.
+%endif
+
+
+%prep
+%setup -q -n %{srcname}-%{version}
+
+%if 0%{?with_python3}
+rm -rf %{py3dir}
+cp -a . %{py3dir}
+%endif
+
+%build
+%{__python} setup.py build
+
+%if 0%{?with_python3}
+pushd %{py3dir}
+%{__python3} setup.py build
+popd
+%endif
+
+%install
+rm -rf %{buildroot}
+python setup.py install --skip-build --root %{buildroot}
+
+%if 0%{?with_python3}
+pushd %{py3dir}
+%{__python3} setup.py install --skip-build --root %{buildroot}
+popd
+%endif
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,-)
+%{python2_sitelib}/*
+
+%if 0%{?with_python3}
+%files -n python3-%{srcname}
+%defattr(-,root,root,-)
+%{python3_sitelib}/*
+%endif
+
+%changelog
+* Fri Jun 20 2014 Erik Johnson