Sync from SUSE:SLFO:Main python-rsa revision 4c126a811eced23a98865bb1f741f9ce

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

python-rsa.changes

@@ -0,0 +1,215 @@
+-------------------------------------------------------------------
+Fri Apr 21 12:33:27 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- add sle15_python_module_pythons (jsc#PED-68)
+
+-------------------------------------------------------------------
+Thu Apr 13 22:44:38 UTC 2023 - Matej Cepl <mcepl@suse.com>
+
+- Make calling of %{sle15modernpython} optional.
+
+-------------------------------------------------------------------
+Sun Jul 24 08:44:38 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 4.9:
+  * Remove debug logging from `rsa/key.py`
+  * Remove overlapping slots in `PrivateKey` and `PublicKey`.
+  * Do not include CHANGELOG/LICENSE/README.md in wheel
+  * Fixed Key Generation Unittest: Public and Private keys are assigned the wrong way around
+
+-------------------------------------------------------------------
+Sat Jun 25 20:49:54 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 4.8:
+  - Switch to [Poetry](https://python-poetry.org/) for dependency and release management.
+  - Compatibility with Python 3.10.
+  - Chain exceptions using `raise new_exception from old_exception`
+  - Added marker file for PEP 561. This will allow type checking tools in dependent projects
+  - Use the Chinese Remainder Theorem when decrypting with a private key. This
+    makes decryption 2-4x faster
+
+-------------------------------------------------------------------
+Mon Aug 23 14:46:41 UTC 2021 - Stefan Schubert <schubi@suse.de>
+
+- Use libalternatives instead of update-alternatives.
+
+-------------------------------------------------------------------
+Tue Mar  2 00:30:30 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 4.7.2:
+  * Fix picking/unpickling issue introduced in 4.7
+  * Fix threading issue introduced in 4.7
+
+-------------------------------------------------------------------
+Thu Jan 28 23:02:47 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 4.7 (CVE-2020-25658 bsc#1178676):
+  * CVE-2020-25658 - Bleichenbacher-style timing oracle in PKCS#1 v1.5 decryption code
+  * Add padding length check as described by PKCS#1 v1.5
+  * Reuse of blinding factors to speed up blinding operations.
+  * Declare & test support for Python 3.9
+
+-------------------------------------------------------------------
+Wed Dec  9 10:45:29 UTC 2020 - Benjamin Greiner <code@bnavigator.de>
+
+- Remove mypy test requirement. The test calls mypy via its API.
+  But mypy as importable module is only available for the default
+  python3 flavor. For packaging, we don't need to run the static
+  type checker at all.
+- Remove mock requirement.
+
+-------------------------------------------------------------------
+Sun Aug 16 21:04:02 UTC 2020 - John Vandenberg <jayvdb@gmail.com>
+
+- Replace setup.py test with pytest
+- Remove %bcond_without tests
+
+-------------------------------------------------------------------
+Tue Jun 23 15:36:45 UTC 2020 - Dirk Mueller <dmueller@suse.com>
+
+- update to 4.6.0 (CVE-2020-13757 bsc#1172389):
+  * Choose blinding factor relatively prime to N. Thanks Christian Heimes for pointing this out.
+  * Reject cyphertexts (when decrypting) and signatures (when verifying) that have been modified by prepending zero bytes. This resolves CVE-2020-13757. Thanks Carnil for pointing this out.
+  * Rolled back the switch to Poetry, and reverted back to using Pipenv + setup.py for dependency management. There apparently is an issue no-binary installs of packages build with Poetry. This fixes #148
+Limited SHA3 support to those Python versions (3.6+) that support it natively. The third-party library that adds support for this to Python 3.5 is a binary package, and thus breaks the pure-Python nature of Python-RSA. This should fix #147.
+  * Added support for Python 3.8.
+  * Dropped support for Python 2 and 3.4.
+  * Added type annotations to the source code. This will make Python-RSA easier to use in your IDE, and allows better type checking.
+  * Added static type checking via MyPy.
+  * Fix #129 Installing from source gives UnicodeDecodeError.
+  * Switched to using Poetry for package management.
+  * Choose blinding factor relatively prime to N. Thanks Christian Heimes for pointing this out.
+  * Reject cyphertexts (when decrypting) and signatures (when verifying) that
+  * have been modified by prepending zero bytes. This resolves CVE-2020-13757.
+
+-------------------------------------------------------------------
+Sat Mar 23 18:54:24 UTC 2019 - Dirk Mueller <dmueller@suse.com>
+
+- fix build on older distributions
+
+-------------------------------------------------------------------
+Sat Feb 16 13:51:23 UTC 2019 - John Vandenberg <jayvdb@gmail.com>
+
+- Update to v 4.0.0
+  * Removed deprecated modules:
+    + rsa.varblock
+    + rsa.bigfile
+    + rsa._version133
+    + rsa._version200
+  * Removed CLI commands that use the VARBLOCK/bigfile format.
+  * Ensured that PublicKey.save_pkcs1() and PrivateKey.save_pkcs1() always return bytes.
+  * Dropped support for Python 2.6 and 3.3.
+  * Dropped support for Psyco.
+  * Miller-Rabin iterations determined by bitsize of key.
+  * Added function `rsa.find_signature_hash()` to return the name of the
+    hashing algorithm used to sign a message. `rsa.verify()` now also
+    returns that name, instead of always returning `True`.
+  * Add support for SHA-224 for PKCS1 signatures.
+  * Transitioned from `requirements.txt` to Pipenv for package management.
+
+-------------------------------------------------------------------
+Tue Dec  4 12:53:58 UTC 2018 - Matej Cepl <mcepl@suse.com>
+
+- Remove superfluous devel dependency for noarch package
+
+-------------------------------------------------------------------
+Mon May  1 16:30:14 UTC 2017 - toddrme2178@gmail.com
+
+- Update to Version 3.4.2
+  * Fixed dates in CHANGELOG.txt
+- Update to Version 3.4.1
+  * Included tests/private.pem in MANIFEST.in
+  * Included README.md and CHANGELOG.txt in MANIFEST.in
+- Update to Version 3.4
+  * Moved development to Github: https://github.com/sybrenstuvel/python-rsa
+  * Solved side-channel vulnerability by implementing blinding, fixes #19
+  * Deprecated the VARBLOCK format and rsa.bigfile module due to security issues, see
+    https://github.com/sybrenstuvel/python-rsa/issues/13
+  * Integration with Travis-CI, Coveralls and Code Climate
+  * Deprecated the old rsa._version133 and rsa._version200 submodules, they will be
+    completely removed in version 4.0.
+  * Add an 'exponent' argument to key.newkeys()
+  * Switched from Solovay-Strassen to Miller-Rabin primality testing, to
+    comply with NIST FIPS 186-4 as probabilistic primality test
+    (Appendix C, subsection C.3):
+  * Fixed bugs #12, #14, #27, #30, #49
+- Update to Version 3.3
+  * Thanks to Filippo Valsorda: Fix BB'06 attack in verify() by
+    switching from parsing to comparison.
+  * Simplified Tox configuration and dropped Python 3.2 support. The
+    coverage package uses a u'' prefix, which was reintroduced in 3.3
+    for ease of porting.
+- Update to Version 3.2.3
+  * Added character encoding markers for Python 2.x
+- Update to Version 3.2.1
+  * Added per-file licenses
+  * Added support for wheel packages
+  * Made example code more consistent and up to date with Python 3.4
+- Update to Version 3.2
+  * Mentioned support for Python 3 in setup.py
+- Implement single-spec version.
+- Fix source URL.
+- Remove cve_2016-1494.diff, fixed in latest version.
+
+-------------------------------------------------------------------
+Tue Jan  5 18:39:56 UTC 2016 - rjschwei@suse.com
+
+- Fix CVE 2016-1494 (bsc#960680)
+  - Add patch cve_2016-1494.diff
+
+-------------------------------------------------------------------
+Tue Dec  1 15:02:09 UTC 2015 - rjschwei@suse.com
+
+- Include version 3.1.4 in SLE 12 (FATE#319904, bsc#954690)
+
+-------------------------------------------------------------------
+Fri Nov 20 17:53:48 UTC 2015 - p.drouand@gmail.com
+
+- Fix coreutils requirement
+
+-------------------------------------------------------------------
+Wed Sep 23 11:35:21 UTC 2015 - rjschwei@suse.com
+
+- require coreutils (bsc#935595)
+  + %pre section uses rm which is part of coreutils package
+
+-------------------------------------------------------------------
+Tue May 12 14:50:12 UTC 2015 - benoit.monin@gmx.fr
+
+- update to version 3.1.4:
+  * no changelog available
+- add test dependency python-unittest2
+- fix update-alternatives
+- run the tests with run_tests.py
+- add README.rst to the package documentation
+
+-------------------------------------------------------------------
+Sat Nov 08 20:23:00 UTC 2014 - Led <ledest@gmail.com>
+
+- fix bashisms in pre script
+
+-------------------------------------------------------------------
+Fri Oct 11 23:06:55 UTC 2013 - p.drouand@gmail.com
+
+- Update to version 3.1.2
+  + No changelog available
+- Replace python-distribute with python-setuptools BuildRequires
+- Remove rsa-use-system-setuptools.patch; merged upstream
+- Implement update-alternatives
+
+-------------------------------------------------------------------
+Mon Aug 12 15:26:44 UTC 2013 - speilicke@suse.com
+
+- Add rsa-use-system-setuptools.patch
+
+-------------------------------------------------------------------
+Fri Nov 23 11:18:01 UTC 2012 - speilicke@suse.com
+
+- Update to version 3.1.1:
+  + Upstream provides no changelog
+
+-------------------------------------------------------------------
+Fri May 18 00:58:19 UTC 2012 - jfunk@funktronics.ca
+
+- Initial release
+

python-rsa.spec

@@ -0,0 +1,105 @@
+#
+# spec file for package python-rsa
+#
+# Copyright (c) 2023 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%if 0%{?suse_version} > 1500
+%bcond_without libalternatives
+%else
+%bcond_with libalternatives
+%endif
+
+%{?!python_module:%define python_module() python-%{**} python3-%{**}}
+%define skip_python2 1
+%{?sle15_python_module_pythons}
+Name:           python-rsa
+Version:        4.9
+Release:        0
+Summary:        Pure-Python RSA Implementation
+License:        Apache-2.0
+Group:          Development/Languages/Python
+URL:            https://stuvel.eu/rsa
+Source:         https://files.pythonhosted.org/packages/source/r/rsa/rsa-%{version}.tar.gz
+BuildRequires:  %{python_module setuptools}
+BuildRequires:  fdupes
+BuildRequires:  python-rpm-macros >= 20210929
+Requires:       python-pyasn1 >= 0.1.3
+%if %{with libalternatives}
+Requires:       alts
+BuildRequires:  alts
+%else
+Requires(post): update-alternatives
+Requires(preun):update-alternatives
+%endif
+Requires(pre):  coreutils
+BuildArch:      noarch
+# SECTION test requirements
+BuildRequires:  %{python_module pyasn1 >= 0.1.3}
+BuildRequires:  %{python_module pytest}
+# /SECTION
+%python_subpackages
+
+%description
+Python-RSA is a pure-Python RSA implementation. It supports encryption and
+decryption, signing and verifying signatures, and key generation according to
+PKCS#1 version 1.5.
+
+%prep
+%setup -q -n rsa-%{version}
+
+%build
+export LC_ALL=en_US.utf8
+%python_build
+
+%install
+export LC_ALL=en_US.utf8
+%python_install
+%python_expand %fdupes %{buildroot}%{$python_sitelib}
+
+%python_clone -a %{buildroot}%{_bindir}/pyrsa-priv2pub
+%python_clone -a %{buildroot}%{_bindir}/pyrsa-decrypt
+%python_clone -a %{buildroot}%{_bindir}/pyrsa-encrypt
+%python_clone -a %{buildroot}%{_bindir}/pyrsa-keygen
+%python_clone -a %{buildroot}%{_bindir}/pyrsa-sign
+%python_clone -a %{buildroot}%{_bindir}/pyrsa-verify
+
+%pre
+# If libalternatives is used: Removing old update-alternatives entries.
+%python_libalternatives_reset_alternative pyrsa-priv2pub
+
+%post
+%{python_install_alternative pyrsa-priv2pub pyrsa-decrypt pyrsa-encrypt pyrsa-keygen pyrsa-sign pyrsa-verify}
+
+%preun
+%python_uninstall_alternative pyrsa-priv2pub
+
+%check
+# don't run the static type checker test -- mypy is only available for the default python3 flavor
+# pytest --ignore tests/test_mypy.py
+
+%files %{python_files}
+%license LICENSE
+%doc README.md
+%python_alternative %{_bindir}/pyrsa-decrypt
+%python_alternative %{_bindir}/pyrsa-encrypt
+%python_alternative %{_bindir}/pyrsa-keygen
+%python_alternative %{_bindir}/pyrsa-priv2pub
+%python_alternative %{_bindir}/pyrsa-sign
+%python_alternative %{_bindir}/pyrsa-verify
+%{python_sitelib}/rsa
+%{python_sitelib}/rsa-%{version}*-info
+
+%changelog