From: ng0 <ng0@infotropique.org>
To: 28934@debbugs.gnu.org
Subject: [bug#28934] ROCA detect
Date: Sat, 21 Oct 2017 23:49:01 +0000 [thread overview]
Message-ID: <20171021234901.7bysdc2dx3jrours@abyayala> (raw)
[-- Attachment #1.1: Type: text/plain, Size: 222 bytes --]
Some python modules to add a tool to detect ROCA.
--
ng0
GnuPG: A88C8ADD129828D7EAC02E52E22F9BBFEE348588
GnuPG: https://dist.ng0.infotropique.org/dist/keys/
https://www.infotropique.org https://ng0.infotropique.org
[-- Attachment #1.2: 0001-gnu-Add-python-humanfriendly.patch --]
[-- Type: text/plain, Size: 1729 bytes --]
From 412e84ce5e2f03ab67c29d751667bfd7b53ef34a Mon Sep 17 00:00:00 2001
From: ng0 <ng0@infotropique.org>
Date: Sat, 21 Oct 2017 22:46:06 +0000
Subject: [PATCH 1/6] gnu: Add python-humanfriendly.
* gnu/packages/python.scm (python-humanfriendly): New variable.
---
gnu/packages/python.scm | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 0684090c3..b64bdeda6 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -1099,6 +1099,33 @@ etc.). The package is structured to make adding new modules easy.")
"python"
(package-inputs pycrypto)))))))
+(define-public python-humanfriendly
+ (package
+ (name "python-humanfriendly")
+ (version "4.4.1")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (pypi-uri "humanfriendly" version))
+ (sha256
+ (base32
+ "0pisgizjql86785jchfjv217g0lsgk114g2lja5j4y3lsc3b9szi"))))
+ (build-system python-build-system)
+ (arguments
+ `(; Tests depend on coloredlogs, which in turn depends on humanfriendly.
+ #:tests? #f))
+ (propagated-inputs
+ `(("python-monotonic" ,python-monotonic)))
+ (home-page "https://humanfriendly.readthedocs.io")
+ (synopsis "Human friendly input and output in Python")
+ (description
+ "The functions and classes in the humanfriendly package can be used
+to make text interfaces more user friendly.")
+ (license license:expat)))
+
+(define-public python2-humanfriendly
+ (package-with-python2 python-humanfriendly))
+
(define-public python-eventlet
(package
(name "python-eventlet")
--
2.14.2
[-- Attachment #1.3: 0002-gnu-Add-python-capturer.patch --]
[-- Type: text/plain, Size: 1760 bytes --]
From 81e9157501ffa3e4f47498fe802702b3bf66004c Mon Sep 17 00:00:00 2001
From: ng0 <ng0@infotropique.org>
Date: Sat, 21 Oct 2017 22:56:09 +0000
Subject: [PATCH 2/6] gnu: Add python-capturer.
* gnu/packages/python.scm (python-capturer): New variable.
---
gnu/packages/python.scm | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index b64bdeda6..d6af5c0d6 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -1126,6 +1126,34 @@ to make text interfaces more user friendly.")
(define-public python2-humanfriendly
(package-with-python2 python-humanfriendly))
+(define-public python-capturer
+ (package
+ (name "python-capturer")
+ (version "2.4")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (pypi-uri "capturer" version))
+ (sha256
+ (base32
+ "05d6ji4j8ipiq0br7bwam38qc6hd9l1djmfxlzrxx19ziyjl4089"))))
+ (build-system python-build-system)
+ (arguments
+ `(#:tests? #f))
+ (propagated-inputs
+ `(("python-humanfriendly" ,python-humanfriendly)))
+ (home-page "https://capturer.readthedocs.io")
+ (synopsis "Capture stdout and stderr streams of the current process")
+ (description
+ "The capturer package makes it easy to capture the stdout and stderr
+streams of the current process and subprocesses. Output can be relayed
+to the terminal in real time but is also available to the Python program
+for additional processing.")
+ (license license:expat)))
+
+(define-public python2-capturer
+ (package-with-python2 python-capturer))
+
(define-public python-eventlet
(package
(name "python-eventlet")
--
2.14.2
[-- Attachment #1.4: 0003-gnu-Add-python-verboselogs.patch --]
[-- Type: text/plain, Size: 1641 bytes --]
From 662d4fa2c40202cfeb2e1ce8918d23f3cc4469b2 Mon Sep 17 00:00:00 2001
From: ng0 <ng0@infotropique.org>
Date: Sat, 21 Oct 2017 23:12:17 +0000
Subject: [PATCH 3/6] gnu: Add python-verboselogs.
* gnu/packages/python.scm (python-verboselogs): New variable.
---
gnu/packages/python.scm | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index d6af5c0d6..388d47d6d 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -1154,6 +1154,32 @@ for additional processing.")
(define-public python2-capturer
(package-with-python2 python-capturer))
+(define-public python-verboselogs
+ (package
+ (name "python-verboselogs")
+ (version "1.7")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (pypi-uri "verboselogs" version))
+ (sha256
+ (base32
+ "09z4d1jiasn7k1hs5af2ckmnrd0i1d1m04bhfjhv7z6svzfdwgg3"))))
+ (build-system python-build-system)
+ (native-inputs
+ `(("python-mock" ,python-mock)
+ ("python-astroid" ,python-astroid)
+ ("python-pylint" ,python-pylint)))
+ (home-page "https://verboselogs.readthedocs.io")
+ (synopsis "Verbose logging level for Python's logging module")
+ (description
+ "The verboselogs package extends Python's logging module to add the
+log levels NOTICE, SPAM, SUCCESS and VERBOSE.")
+ (license license:expat)))
+
+(define-public python2-verboselogs
+ (package-with-python2 python-verboselogs))
+
(define-public python-eventlet
(package
(name "python-eventlet")
--
2.14.2
[-- Attachment #1.5: 0004-gnu-Add-python-coloredlogs.patch --]
[-- Type: text/plain, Size: 1821 bytes --]
From 36170f8801dbb33d91626447ff3e69bf1ac31dca Mon Sep 17 00:00:00 2001
From: ng0 <ng0@infotropique.org>
Date: Sat, 21 Oct 2017 23:29:17 +0000
Subject: [PATCH 4/6] gnu: Add python-coloredlogs.
* gnu/packages/python.scm (python-coloredlogs): New variable.
---
gnu/packages/python.scm | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 388d47d6d..12b6f891f 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -1180,6 +1180,35 @@ log levels NOTICE, SPAM, SUCCESS and VERBOSE.")
(define-public python2-verboselogs
(package-with-python2 python-verboselogs))
+(define-public python-coloredlogs
+ (package
+ (name "python-coloredlogs")
+ (version "7.3")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (pypi-uri "coloredlogs" version))
+ (sha256
+ (base32
+ "1blcann6dyg5dhps9pg12rn0q0rjrlajpmmil0gy0j4cbvnl2il9"))))
+ (build-system python-build-system)
+ (arguments
+ `(;Tests require some updated modules
+ #:tests? #f))
+ (propagated-inputs
+ `(("python-capturer" ,python-capturer)))
+ (home-page "https://coloredlogs.readthedocs.io")
+ (synopsis "Colored stream handler for Python's logging module")
+ (description
+ "The coloredlogs package enables colored terminal output for Python's
+logging module. The ColoredFormatter class inherits from
+logging.Formatter and uses ANSI escape sequences to render your logging
+messages in color. It uses only standard colors.")
+ (license license:expat)))
+
+(define-public python2-coloredlogs
+ (package-with-python2 python-coloredlogs))
+
(define-public python-eventlet
(package
(name "python-eventlet")
--
2.14.2
[-- Attachment #1.6: 0005-gnu-Add-python-pgpdump.patch --]
[-- Type: text/plain, Size: 1743 bytes --]
From 8ff7e30582a6d84b6c9bf56cd985ef9c04af9eaa Mon Sep 17 00:00:00 2001
From: ng0 <ng0@infotropique.org>
Date: Sat, 21 Oct 2017 23:41:26 +0000
Subject: [PATCH 5/6] gnu: Add python-pgpdump.
* gnu/packages/gnupg.scm (python-pgpdump): New variable.
---
gnu/packages/gnupg.scm | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index ffad57ef5..9a6ff68f8 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -850,3 +850,34 @@ them to transform your existing public key into a secret key.")
@uref{https://gnupg.org, GnuPG}. It can be used to encrypt, decrypt, and sign
files, to verify signatures, and to manage the private and public keys.")
(license license:gpl3+)))
+
+(define-public python-pgpdump
+ (package
+ (name "python-pgpdump")
+ (version "1.5")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (pypi-uri "pgpdump" version))
+ (sha256
+ (base32
+ "0s4nh8h7qsdj2yf29bspjs1zvxd4lcd11r6g11dp7fppgf2h0iqw"))))
+ (build-system python-build-system)
+ (home-page "https://github.com/toofishes/python-pgpdump")
+ (synopsis "Python library for parsing PGP packets")
+ (description
+ "Python-pgpdump is based on the pgpdump
+(http://www.mew.org/~kazu/proj/pgpdump/). Currently supported things
+include:
+
+@enumerate
+@item Signature packets
+@item Public key packets
+@item Secret key packets
+@item Trust, user ID, and user attribute packets
+@item ASCII-armor decoding and CRC check
+@end enumerate\n")
+ (license license:bsd-3)))
+
+(define-public python2-pgpdump
+ (package-with-python2 python-pgpdump))
--
2.14.2
[-- Attachment #1.7: 0006-gnu-Add-python-roca-detect.patch --]
[-- Type: text/plain, Size: 2398 bytes --]
From ed8ec89c1bd898aa927ddca9c453bc6e950e61a3 Mon Sep 17 00:00:00 2001
From: ng0 <ng0@infotropique.org>
Date: Sat, 21 Oct 2017 23:45:51 +0000
Subject: [PATCH 6/6] gnu: Add python-roca-detect.
* gnu/packages/crypto.scm (python-roca-detect): New variable.
---
gnu/packages/crypto.scm | 37 +++++++++++++++++++++++++++++++++++++
1 file changed, 37 insertions(+)
diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
index 549955d7b..bb0aa8063 100644
--- a/gnu/packages/crypto.scm
+++ b/gnu/packages/crypto.scm
@@ -632,3 +632,40 @@ data on your platform, so the seed itself will be as random as possible.
Networking and Cryptography library. These libraries have a stated goal
of improving usability, security and speed.")
(license license:asl2.0)))
+
+(define-public python-roca-detect
+ (package
+ (name "python-roca-detect")
+ (version "1.0.8")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (pypi-uri "roca-detect" version))
+ (sha256
+ (base32
+ "1di4akyw2lf5r8zfwvyhkilz8jv8g4b66rgaqwfabmjwma6gnw27"))))
+ (build-system python-build-system)
+ (native-inputs
+ ;; TODO: apk_parse_ph4, pyjks
+ `(("python2-dateutil" ,python2-dateutil)
+ ("python2-six" ,python2-six)
+ ("python2-cryptography" ,python2-cryptography)
+ ("python2-future" ,python2-future)
+ ("python2-coloredlogs" ,python2-coloredlogs)
+ ("python2-pgpdump" ,python2-pgpdump)))
+ (arguments
+ `(; Basic testing routine is quite simple and works with Py3
+ ;; but the rest of the code that processes the different
+ ;; key formats and extracts the modulus for inspection is
+ ;; not yet fully py3 ready.
+ #:python ,python-2))
+ (home-page "https://github.com/crocs-muni/roca")
+ (synopsis "ROCA detection tool")
+ (description
+ "This tool is related to the \"Return of the Coppersmith’s Attack: Practical
+Factorization of Widely Used RSA Moduli.\" paper. It enables you to test public
+RSA keys for a presence of the described vulnerability. Currently the tool
+supports the following key formats: X509 Certificate (DER encoded, PEM encoded),
+RSA PEM (encoded private key, public key), SSH public key, ASC encoded PGP key,
+APK android application, LDIFF file, and more.")
+ (license license:gpl3)))
--
2.14.2
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next reply other threads:[~2017-10-21 23:51 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-21 23:49 ng0 [this message]
2017-10-26 4:59 ` bug#28934: ROCA detect Ludovic Courtès
2017-10-26 5:16 ` [bug#28934] " ng0
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171021234901.7bysdc2dx3jrours@abyayala \
--to=ng0@infotropique.org \
--cc=28934@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).