python3-pycrypto: remove obsolete pycrypto module

pycrypto hasn't had a commit upstream since June 2014, which for a security-critical module is not a good sign. Everyone has migrated to the pycryptodome or cryptography modules, so remove pycrypto from meta-python. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
author: Ross Burton <ross@burtonini.com> 2022-01-14 14:10:08 +0000
committer: Khem Raj <raj.khem@gmail.com> 2022-01-18 08:59:58 -0800
commit: 84769a963974cffc5d877e57a46a289a84bc293d (patch)
tree: d83cd83cd726a7d27cd8a8ce08e1b6bde4b0a59e /meta-python/recipes-devtools/python/python3-pycrypto
parent: 214cfe90f7ce72736d9814624550bb6935b842e7 (diff)
download: meta-openembedded-84769a963974cffc5d877e57a46a289a84bc293d.tar.gz
3 files changed, 0 insertions, 155 deletions
diff --git a/meta-python/recipes-devtools/python/python3-pycrypto/0001-Replace-time.clock-with-time.process_time.patch b/meta-python/recipes-devtools/python/python3-pycrypto/0001-Replace-time.clock-with-time.process_time.patch
deleted file mode 100644
index 282fdd3e2..000000000
--- a/meta-python/recipes-devtools/python/python3-pycrypto/0001-Replace-time.clock-with-time.process_time.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 1d90727ff2368012d6e2f91b1a3198f626495b7f Mon Sep 17 00:00:00 2001
-From: Ming Liu <liu.ming50@gmail.com>
-Date: Sat, 25 Jan 2020 14:36:16 +0100
-Subject: [PATCH] Replace time.clock() with time.process_time()
-The use of time.clock() is deprecated in python 3.8, change to use
-time.process_time().
-Reference:
-https://docs.python.org/3.3/library/time.html#time.clock
-Upstream-Status: Pending
-Signed-off-by: Ming Liu <liu.ming50@gmail.com>
---
- lib/Crypto/Random/_UserFriendlyRNG.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/lib/Crypto/Random/_UserFriendlyRNG.py b/lib/Crypto/Random/_UserFriendlyRNG.py
-index 957e006..d2a0259 100644
--- a/lib/Crypto/Random/_UserFriendlyRNG.py
-+++ b/lib/Crypto/Random/_UserFriendlyRNG.py
-@@ -74,7 +74,7 @@ class _EntropyCollector(object):
-         self._time_es.feed(struct.pack("@I", int(2**30 * (t - floor(t)))))
- 
-         # Add the fractional part of time.clock()
-        t = time.clock()
-+        t = time.process_time()
-         self._clock_es.feed(struct.pack("@I", int(2**30 * (t - floor(t)))))
- 
- 
-- 
-2.7.4
diff --git a/meta-python/recipes-devtools/python/python3-pycrypto/CVE-2013-7459.patch b/meta-python/recipes-devtools/python/python3-pycrypto/CVE-2013-7459.patch
deleted file mode 100644
index 9006c5c35..000000000
--- a/meta-python/recipes-devtools/python/python3-pycrypto/CVE-2013-7459.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-From 8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4 Mon Sep 17 00:00:00 2001
-From: Legrandin <helderijs@gmail.com>
-Date: Sun, 22 Dec 2013 22:24:46 +0100
-Subject: [PATCH] Throw exception when IV is used with ECB or CTR
-The IV parameter is currently ignored when initializing
-a cipher in ECB or CTR mode.
-For CTR mode, it is confusing: it takes some time to see
-that a different parameter is needed (the counter).
-For ECB mode, it is outright dangerous.
-This patch forces an exception to be raised.
-Upstream-Status: Backport
-[https://github.com/dlitz/pycrypto/commit/8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4]
-CVE: CVE-2013-7459
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
- lib/Crypto/SelfTest/Cipher/common.py | 31 +++++++++++++++++++++++--------
- src/block_template.c                 | 11 +++++++++++
- 2 files changed, 34 insertions(+), 8 deletions(-)
-diff --git a/lib/Crypto/SelfTest/Cipher/common.py b/lib/Crypto/SelfTest/Cipher/common.py
-index 8bebed9..91ec743 100644
--- a/lib/Crypto/SelfTest/Cipher/common.py
-+++ b/lib/Crypto/SelfTest/Cipher/common.py
-@@ -239,19 +239,34 @@ class RoundtripTest(unittest.TestCase):
-         return """%s .decrypt() output of .encrypt() should not be garbled""" % (self.module_name,)
- 
-     def runTest(self):
-        for mode in (self.module.MODE_ECB, self.module.MODE_CBC, self.module.MODE_CFB, self.module.MODE_OFB, self.module.MODE_OPENPGP):
-+
-+        ## ECB mode
-+        mode = self.module.MODE_ECB
-+        encryption_cipher = self.module.new(a2b_hex(self.key), mode)
-+        ciphertext = encryption_cipher.encrypt(self.plaintext)
-+        decryption_cipher = self.module.new(a2b_hex(self.key), mode)
-+        decrypted_plaintext = decryption_cipher.decrypt(ciphertext)
-+        self.assertEqual(self.plaintext, decrypted_plaintext)
-+
-+        ## OPENPGP mode
-+        mode = self.module.MODE_OPENPGP
-+        encryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
-+        eiv_ciphertext = encryption_cipher.encrypt(self.plaintext)
-+        eiv = eiv_ciphertext[:self.module.block_size+2]
-+        ciphertext = eiv_ciphertext[self.module.block_size+2:]
-+        decryption_cipher = self.module.new(a2b_hex(self.key), mode, eiv)
-+        decrypted_plaintext = decryption_cipher.decrypt(ciphertext)
-+        self.assertEqual(self.plaintext, decrypted_plaintext)
-+
-+        ## All other non-AEAD modes (but CTR)
-+        for mode in (self.module.MODE_CBC, self.module.MODE_CFB, self.module.MODE_OFB):
-             encryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
-             ciphertext = encryption_cipher.encrypt(self.plaintext)
-            
-            if mode != self.module.MODE_OPENPGP:
-                decryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
-            else:
-                eiv = ciphertext[:self.module.block_size+2]
-                ciphertext = ciphertext[self.module.block_size+2:]
-                decryption_cipher = self.module.new(a2b_hex(self.key), mode, eiv)
-+            decryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
-             decrypted_plaintext = decryption_cipher.decrypt(ciphertext)
-             self.assertEqual(self.plaintext, decrypted_plaintext)
- 
-+
- class PGPTest(unittest.TestCase):
-     def __init__(self, module, params):
-         unittest.TestCase.__init__(self)
-diff --git a/src/block_template.c b/src/block_template.c
-index c36b316..8746948 100644
--- a/src/block_template.c
-+++ b/src/block_template.c
-@@ -170,6 +170,17 @@ ALGnew(PyObject *self, PyObject *args, PyObject *kwdict)
-                                "Key cannot be the null string");
-                return NULL;
-        }
-+       if (IVlen != 0 && mode == MODE_ECB)
-+       {
-+               PyErr_Format(PyExc_ValueError, "ECB mode does not use IV");
-+               return NULL;
-+       }
-+       if (IVlen != 0 && mode == MODE_CTR)
-+       {
-+               PyErr_Format(PyExc_ValueError,
-+                       "CTR mode needs counter parameter, not IV");
-+               return NULL;
-+       }
-        if (IVlen != BLOCK_SIZE && mode != MODE_ECB && mode != MODE_CTR)
-        {
-                PyErr_Format(PyExc_ValueError,
-- 
-2.7.4
diff --git a/meta-python/recipes-devtools/python/python3-pycrypto/cross-compiling.patch b/meta-python/recipes-devtools/python/python3-pycrypto/cross-compiling.patch
deleted file mode 100644
index 712f3e8dd..000000000
--- a/meta-python/recipes-devtools/python/python3-pycrypto/cross-compiling.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-Index: pycrypto-2.6/setup.py
-===================================================================
--- pycrypto-2.6.orig/setup.py
-+++ pycrypto-2.6/setup.py
-@@ -271,7 +271,8 @@ class PCTBuildConfigure(Command):
-         if not os.path.exists("config.status"):
-             if os.system("chmod 0755 configure") != 0:
-                 raise RuntimeError("chmod error")
-            cmd = "sh configure"    # we use "sh" here so that it'll work on mingw32 with standard python.org binaries
-+            host = os.environ.get("HOST_SYS")
-+            cmd = "ac_cv_func_malloc_0_nonnull=yes sh configure --host " + host   # we use "sh" here so that it'll work on mingw32 with standard python.org binaries
-             if self.verbose < 1:
-                 cmd += " -q"
-             if os.system(cmd) != 0:
-@@ -370,7 +371,7 @@ kw = {'name':"pycrypto",
-       'ext_modules': plat_ext + [
-             # _fastmath (uses GNU mp library)
-             Extension("Crypto.PublicKey._fastmath",
-                      include_dirs=['src/','/usr/include/'],
-+                      include_dirs=['src/'],
-                       libraries=['gmp'],
-                       sources=["src/_fastmath.c"]),
-
author	Ross Burton <ross@burtonini.com>	2022-01-14 14:10:08 +0000
committer	Khem Raj <raj.khem@gmail.com>	2022-01-18 08:59:58 -0800
commit	84769a963974cffc5d877e57a46a289a84bc293d (patch)
tree	d83cd83cd726a7d27cd8a8ce08e1b6bde4b0a59e /meta-python/recipes-devtools/python/python3-pycrypto
parent	214cfe90f7ce72736d9814624550bb6935b842e7 (diff)
download	meta-openembedded-84769a963974cffc5d877e57a46a289a84bc293d.tar.gz

diff --git a/meta-python/recipes-devtools/python/python3-pycrypto/0001-Replace-time.clock-with-time.process_time.patch b/meta-python/recipes-devtools/python/python3-pycrypto/0001-Replace-time.clock-with-time.process_time.patch deleted file mode 100644 index 282fdd3e2..000000000 --- a/meta-python/recipes-devtools/python/python3-pycrypto/0001-Replace-time.clock-with-time.process_time.patch +++ /dev/null
@@ -1,34 +0,0 @@
1	From 1d90727ff2368012d6e2f91b1a3198f626495b7f Mon Sep 17 00:00:00 2001
2	From: Ming Liu <liu.ming50@gmail.com>
3	Date: Sat, 25 Jan 2020 14:36:16 +0100
4	Subject: [PATCH] Replace time.clock() with time.process_time()
5
6	The use of time.clock() is deprecated in python 3.8, change to use
7	time.process_time().
8
9	Reference:
10	https://docs.python.org/3.3/library/time.html#time.clock
11
12	Upstream-Status: Pending
13
14	Signed-off-by: Ming Liu <liu.ming50@gmail.com>
15	---
16	lib/Crypto/Random/_UserFriendlyRNG.py \| 2 +-
17	1 file changed, 1 insertion(+), 1 deletion(-)
18
19	diff --git a/lib/Crypto/Random/_UserFriendlyRNG.py b/lib/Crypto/Random/_UserFriendlyRNG.py
20	index 957e006..d2a0259 100644
21	--- a/lib/Crypto/Random/_UserFriendlyRNG.py
22	+++ b/lib/Crypto/Random/_UserFriendlyRNG.py
23	@@ -74,7 +74,7 @@ class _EntropyCollector(object):
24	self._time_es.feed(struct.pack("@I", int(2*30 (t - floor(t)))))
25
26	# Add the fractional part of time.clock()
27	- t = time.clock()
28	+ t = time.process_time()
29	self._clock_es.feed(struct.pack("@I", int(2*30 (t - floor(t)))))
30
31
32	--
33	2.7.4
34


diff --git a/meta-python/recipes-devtools/python/python3-pycrypto/CVE-2013-7459.patch b/meta-python/recipes-devtools/python/python3-pycrypto/CVE-2013-7459.patch deleted file mode 100644 index 9006c5c35..000000000 --- a/meta-python/recipes-devtools/python/python3-pycrypto/CVE-2013-7459.patch +++ /dev/null
@@ -1,98 +0,0 @@
1	From 8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4 Mon Sep 17 00:00:00 2001
2	From: Legrandin <helderijs@gmail.com>
3	Date: Sun, 22 Dec 2013 22:24:46 +0100
4	Subject: [PATCH] Throw exception when IV is used with ECB or CTR
5
6	The IV parameter is currently ignored when initializing
7	a cipher in ECB or CTR mode.
8
9	For CTR mode, it is confusing: it takes some time to see
10	that a different parameter is needed (the counter).
11
12	For ECB mode, it is outright dangerous.
13
14	This patch forces an exception to be raised.
15
16	Upstream-Status: Backport
17	[https://github.com/dlitz/pycrypto/commit/8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4]
18
19	CVE: CVE-2013-7459
20
21	Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
22	---
23	lib/Crypto/SelfTest/Cipher/common.py \| 31 +++++++++++++++++++++++--------
24	src/block_template.c \| 11 +++++++++++
25	2 files changed, 34 insertions(+), 8 deletions(-)
26
27	diff --git a/lib/Crypto/SelfTest/Cipher/common.py b/lib/Crypto/SelfTest/Cipher/common.py
28	index 8bebed9..91ec743 100644
29	--- a/lib/Crypto/SelfTest/Cipher/common.py
30	+++ b/lib/Crypto/SelfTest/Cipher/common.py
31	@@ -239,19 +239,34 @@ class RoundtripTest(unittest.TestCase):
32	return """%s .decrypt() output of .encrypt() should not be garbled""" % (self.module_name,)
33
34	def runTest(self):
35	- for mode in (self.module.MODE_ECB, self.module.MODE_CBC, self.module.MODE_CFB, self.module.MODE_OFB, self.module.MODE_OPENPGP):
36	+
37	+ ## ECB mode
38	+ mode = self.module.MODE_ECB
39	+ encryption_cipher = self.module.new(a2b_hex(self.key), mode)
40	+ ciphertext = encryption_cipher.encrypt(self.plaintext)
41	+ decryption_cipher = self.module.new(a2b_hex(self.key), mode)
42	+ decrypted_plaintext = decryption_cipher.decrypt(ciphertext)
43	+ self.assertEqual(self.plaintext, decrypted_plaintext)
44	+
45	+ ## OPENPGP mode
46	+ mode = self.module.MODE_OPENPGP
47	+ encryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
48	+ eiv_ciphertext = encryption_cipher.encrypt(self.plaintext)
49	+ eiv = eiv_ciphertext[:self.module.block_size+2]
50	+ ciphertext = eiv_ciphertext[self.module.block_size+2:]
51	+ decryption_cipher = self.module.new(a2b_hex(self.key), mode, eiv)
52	+ decrypted_plaintext = decryption_cipher.decrypt(ciphertext)
53	+ self.assertEqual(self.plaintext, decrypted_plaintext)
54	+
55	+ ## All other non-AEAD modes (but CTR)
56	+ for mode in (self.module.MODE_CBC, self.module.MODE_CFB, self.module.MODE_OFB):
57	encryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
58	ciphertext = encryption_cipher.encrypt(self.plaintext)
59	-
60	- if mode != self.module.MODE_OPENPGP:
61	- decryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
62	- else:
63	- eiv = ciphertext[:self.module.block_size+2]
64	- ciphertext = ciphertext[self.module.block_size+2:]
65	- decryption_cipher = self.module.new(a2b_hex(self.key), mode, eiv)
66	+ decryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
67	decrypted_plaintext = decryption_cipher.decrypt(ciphertext)
68	self.assertEqual(self.plaintext, decrypted_plaintext)
69
70	+
71	class PGPTest(unittest.TestCase):
72	def __init__(self, module, params):
73	unittest.TestCase.__init__(self)
74	diff --git a/src/block_template.c b/src/block_template.c
75	index c36b316..8746948 100644
76	--- a/src/block_template.c
77	+++ b/src/block_template.c
78	@@ -170,6 +170,17 @@ ALGnew(PyObject self, PyObject args, PyObject *kwdict)
79	"Key cannot be the null string");
80	return NULL;
81	}
82	+ if (IVlen != 0 && mode == MODE_ECB)
83	+ {
84	+ PyErr_Format(PyExc_ValueError, "ECB mode does not use IV");
85	+ return NULL;
86	+ }
87	+ if (IVlen != 0 && mode == MODE_CTR)
88	+ {
89	+ PyErr_Format(PyExc_ValueError,
90	+ "CTR mode needs counter parameter, not IV");
91	+ return NULL;
92	+ }
93	if (IVlen != BLOCK_SIZE && mode != MODE_ECB && mode != MODE_CTR)
94	{
95	PyErr_Format(PyExc_ValueError,
96	--
97	2.7.4
98


diff --git a/meta-python/recipes-devtools/python/python3-pycrypto/cross-compiling.patch b/meta-python/recipes-devtools/python/python3-pycrypto/cross-compiling.patch deleted file mode 100644 index 712f3e8dd..000000000 --- a/meta-python/recipes-devtools/python/python3-pycrypto/cross-compiling.patch +++ /dev/null
@@ -1,23 +0,0 @@
1	Index: pycrypto-2.6/setup.py
2	===================================================================
3	--- pycrypto-2.6.orig/setup.py
4	+++ pycrypto-2.6/setup.py
5	@@ -271,7 +271,8 @@ class PCTBuildConfigure(Command):
6	if not os.path.exists("config.status"):
7	if os.system("chmod 0755 configure") != 0:
8	raise RuntimeError("chmod error")
9	- cmd = "sh configure" # we use "sh" here so that it'll work on mingw32 with standard python.org binaries
10	+ host = os.environ.get("HOST_SYS")
11	+ cmd = "ac_cv_func_malloc_0_nonnull=yes sh configure --host " + host # we use "sh" here so that it'll work on mingw32 with standard python.org binaries
12	if self.verbose < 1:
13	cmd += " -q"
14	if os.system(cmd) != 0:
15	@@ -370,7 +371,7 @@ kw = {'name':"pycrypto",
16	'ext_modules': plat_ext + [
17	# _fastmath (uses GNU mp library)
18	Extension("Crypto.PublicKey._fastmath",
19	- include_dirs=['src/','/usr/include/'],
20	+ include_dirs=['src/'],
21	libraries=['gmp'],
22	sources=["src/_fastmath.c"]),
23