unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed
* [bug#31985] [PATCH 0/2] Improve python-libscrypt speed
@ 2018-06-26 22:24 Nicolas Goaziou
  2018-06-26 22:31 ` [bug#31985] [PATCH 1/2] gnu: Add libscrypt Nicolas Goaziou
  0 siblings, 1 reply; 8+ messages in thread
From: Nicolas Goaziou @ 2018-06-26 22:24 UTC (permalink / raw)
  To: 31985

The following patches fix a bug in python-libscrypt, which fallbacks to a slow
implementation.

Feedback welcome.

Nicolas Goaziou (2):
  gnu: Add libscrypt.
  gnu: python-pylibscrypt: Improve speed.

 gnu/packages/crypto.scm        | 28 ++++++++++++++++++++++++++++
 gnu/packages/python-crypto.scm | 21 ++++++++++++++++++---
 2 files changed, 46 insertions(+), 3 deletions(-)

-- 
2.18.0

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [bug#31985] [PATCH 1/2] gnu: Add libscrypt.
  2018-06-26 22:24 [bug#31985] [PATCH 0/2] Improve python-libscrypt speed Nicolas Goaziou
@ 2018-06-26 22:31 ` Nicolas Goaziou
  2018-06-26 22:31   ` [bug#31985] [PATCH 2/2] gnu: python-pylibscrypt: Improve speed Nicolas Goaziou
  2018-07-02 15:32   ` [bug#31985] [PATCH 1/2] gnu: Add libscrypt Ludovic Courtès
  0 siblings, 2 replies; 8+ messages in thread
From: Nicolas Goaziou @ 2018-06-26 22:31 UTC (permalink / raw)
  To: 31985

* gnu/packages/crypto.scm (libscrypt): New variable.
---
 gnu/packages/crypto.scm | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
index 338db04f5..38befb838 100644
--- a/gnu/packages/crypto.scm
+++ b/gnu/packages/crypto.scm
@@ -9,6 +9,7 @@
 ;;; Copyright © 2017 Pierre Langlois <pierre.langlois@gmx.com>
 ;;; Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
+;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -478,6 +479,33 @@ utility as a demonstration of the @code{scrypt} key derivation function.
 attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.")
     (license license:bsd-2)))
 
+(define-public libscrypt
+  (package
+    (name "libscrypt")
+    (version "1.21")
+    (source
+     (origin
+       (method git-fetch)
+       (uri (git-reference
+             (url "https://github.com/technion/libscrypt.git")
+             (commit (string-append "v" version))))
+       (file-name (git-file-name name version))
+       (sha256
+        (base32
+         "1d76ys6cp7fi4ng1w3mz2l0p9dbr7ljbk33dcywyimzjz8bahdng"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:make-flags (list (string-append "PREFIX=" %output)
+                          "CC=gcc")
+       #:phases
+       (modify-phases %standard-phases
+         (delete 'configure))))
+    (home-page "https://lolware.net/libscrypt.html")
+    (synopsis "Scrypt shared library")
+    (description "@code{libscrypt} implements @code{scrypt}
+functionality, a replacement for @code{bcrypt}.")
+    (license license:bsd-3)))
+
 (define-public perl-math-random-isaac-xs
   (package
     (name "perl-math-random-isaac-xs")
-- 
2.18.0

^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [bug#31985] [PATCH 2/2] gnu: python-pylibscrypt: Improve speed.
  2018-06-26 22:31 ` [bug#31985] [PATCH 1/2] gnu: Add libscrypt Nicolas Goaziou
@ 2018-06-26 22:31   ` Nicolas Goaziou
  2018-07-02 15:33     ` Ludovic Courtès
  2018-07-02 15:32   ` [bug#31985] [PATCH 1/2] gnu: Add libscrypt Ludovic Courtès
  1 sibling, 1 reply; 8+ messages in thread
From: Nicolas Goaziou @ 2018-06-26 22:31 UTC (permalink / raw)
  To: 31985

* gnu/packages/python-crypto.scm (python-pylibscrypt): Use "libscrypt"
  implementation instead of "openssl".

"hashlib.scrypt" requires Python 3.6+ and OpenSSL 1.1+.  Since Python is built
with OpenSSL 1.0, the library is unavailable. "pylibscrypt" defaults to a slow
pure Python implementation.  Instead, rely on the much faster "libscrypt".
---
 gnu/packages/python-crypto.scm | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/gnu/packages/python-crypto.scm b/gnu/packages/python-crypto.scm
index 6162fc835..779b86222 100644
--- a/gnu/packages/python-crypto.scm
+++ b/gnu/packages/python-crypto.scm
@@ -884,14 +884,29 @@ through the Engine interface.")
          "1b3rgzl6dbzs08vhv41b6y4n5189wv7lr27acxn104hs45745abs"))))
     (build-system python-build-system)
     (arguments
-     `(#:tests? #f))                    ;FIXME: unable to find libraries
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-before 'build 'hard-code-path-to-libscrypt
+           (lambda* (#:key inputs #:allow-other-keys)
+             (let ((libscrypt (assoc-ref inputs "libscrypt")))
+               (substitute* "pylibscrypt/pylibscrypt.py"
+                 (("find_library\\('scrypt'\\)")
+                  (string-append "'" libscrypt "/lib/libscrypt.so'")))
+               #t))))
+       ;; The library can use various scrypt implementations and tests all of
+       ;; them.  Since we only provide a single implementation, most tests
+       ;; fail.  Simply skip them.
+       #:tests? #f))
+    ;; FIXME: Using "libscrypt" is the second best choice.  The best one
+    ;; requires "hashlib.scrypt", provided by Python 3.6+ built with OpenSSL
+    ;; 1.1+.  Use that as soon as Guix provides it.
     (inputs
-     `(("openssl" ,openssl)))
+     `(("libscrypt" ,libscrypt)))
     (home-page "https://github.com/jvarho/pylibscrypt")
     (synopsis "Scrypt for Python")
     (description "There are a lot of different scrypt modules for Python, but
 none of them have everything that I'd like, so here's one more.  It uses
-hashlib.scrypt on Python 3.6 and OpenSSL 1.1.")
+@code{libscrypt}.")
     (license license:isc)))
 
 (define-public python-libnacl
-- 
2.18.0

^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [bug#31985] [PATCH 1/2] gnu: Add libscrypt.
  2018-06-26 22:31 ` [bug#31985] [PATCH 1/2] gnu: Add libscrypt Nicolas Goaziou
  2018-06-26 22:31   ` [bug#31985] [PATCH 2/2] gnu: python-pylibscrypt: Improve speed Nicolas Goaziou
@ 2018-07-02 15:32   ` Ludovic Courtès
  2018-07-02 21:19     ` Nicolas Goaziou
  1 sibling, 1 reply; 8+ messages in thread
From: Ludovic Courtès @ 2018-07-02 15:32 UTC (permalink / raw)
  To: Nicolas Goaziou; +Cc: 31985

Nicolas Goaziou <mail@nicolasgoaziou.fr> skribis:

> * gnu/packages/crypto.scm (libscrypt): New variable.

[...]

> +    (home-page "https://lolware.net/libscrypt.html")
> +    (synopsis "Scrypt shared library")

What about “Password hashing library”?

> +    (description "@code{libscrypt} implements @code{scrypt}
> +functionality, a replacement for @code{bcrypt}.")

Could you expound just a little bit?

OK with these changes, thanks!

Ludo’.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [bug#31985] [PATCH 2/2] gnu: python-pylibscrypt: Improve speed.
  2018-06-26 22:31   ` [bug#31985] [PATCH 2/2] gnu: python-pylibscrypt: Improve speed Nicolas Goaziou
@ 2018-07-02 15:33     ` Ludovic Courtès
  2018-07-02 21:19       ` bug#31985: " Nicolas Goaziou
  0 siblings, 1 reply; 8+ messages in thread
From: Ludovic Courtès @ 2018-07-02 15:33 UTC (permalink / raw)
  To: Nicolas Goaziou; +Cc: 31985

Nicolas Goaziou <mail@nicolasgoaziou.fr> skribis:

> * gnu/packages/python-crypto.scm (python-pylibscrypt): Use "libscrypt"
>   implementation instead of "openssl".
>
> "hashlib.scrypt" requires Python 3.6+ and OpenSSL 1.1+.  Since Python is built
> with OpenSSL 1.0, the library is unavailable. "pylibscrypt" defaults to a slow
> pure Python implementation.  Instead, rely on the much faster "libscrypt".

LGTM.  Thanks!

Ludo'.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [bug#31985] [PATCH 1/2] gnu: Add libscrypt.
  2018-07-02 15:32   ` [bug#31985] [PATCH 1/2] gnu: Add libscrypt Ludovic Courtès
@ 2018-07-02 21:19     ` Nicolas Goaziou
  2018-07-03  8:09       ` Ludovic Courtès
  0 siblings, 1 reply; 8+ messages in thread
From: Nicolas Goaziou @ 2018-07-02 21:19 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 31985

Hello,

ludo@gnu.org (Ludovic Courtès) writes:

> Nicolas Goaziou <mail@nicolasgoaziou.fr> skribis:
>
>> * gnu/packages/crypto.scm (libscrypt): New variable.
>
> [...]
>
>> +    (home-page "https://lolware.net/libscrypt.html")
>> +    (synopsis "Scrypt shared library")
>
> What about “Password hashing library”?

OK.

>> +    (description "@code{libscrypt} implements @code{scrypt}
>> +functionality, a replacement for @code{bcrypt}.")
>
> Could you expound just a little bit?

OK. I used:

    @code{libscrypt} implements @code{scrypt} key derivation function.
    It is designed to be far more secure against hardware brute-force
    attacks than alternative functions such as @code{PBKDF2} or
    @code{bcrypt}.

Let me know if that isn't enough (though I wouldn't know what to say in
addition to the above).

> OK with these changes, thanks!

Applied. Thank you.

Regards,

-- 
Nicolas Goaziou                                                0x80A93738

^ permalink raw reply	[flat|nested] 8+ messages in thread

* bug#31985: [PATCH 2/2] gnu: python-pylibscrypt: Improve speed.
  2018-07-02 15:33     ` Ludovic Courtès
@ 2018-07-02 21:19       ` Nicolas Goaziou
  0 siblings, 0 replies; 8+ messages in thread
From: Nicolas Goaziou @ 2018-07-02 21:19 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 31985-done

Hello,

ludo@gnu.org (Ludovic Courtès) writes:

> Nicolas Goaziou <mail@nicolasgoaziou.fr> skribis:
>
>> * gnu/packages/python-crypto.scm (python-pylibscrypt): Use "libscrypt"
>>   implementation instead of "openssl".
>>
>> "hashlib.scrypt" requires Python 3.6+ and OpenSSL 1.1+.  Since Python is built
>> with OpenSSL 1.0, the library is unavailable. "pylibscrypt" defaults to a slow
>> pure Python implementation.  Instead, rely on the much faster "libscrypt".
>
> LGTM.  Thanks!

Applied. Thank you.

Regards,

-- 
Nicolas Goaziou                                                0x80A93738

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [bug#31985] [PATCH 1/2] gnu: Add libscrypt.
  2018-07-02 21:19     ` Nicolas Goaziou
@ 2018-07-03  8:09       ` Ludovic Courtès
  0 siblings, 0 replies; 8+ messages in thread
From: Ludovic Courtès @ 2018-07-03  8:09 UTC (permalink / raw)
  To: Nicolas Goaziou; +Cc: 31985

Hello Nicolas,

Nicolas Goaziou <mail@nicolasgoaziou.fr> skribis:

> OK. I used:
>
>     @code{libscrypt} implements @code{scrypt} key derivation function.
>     It is designed to be far more secure against hardware brute-force
>     attacks than alternative functions such as @code{PBKDF2} or
>     @code{bcrypt}.
>
> Let me know if that isn't enough (though I wouldn't know what to say in
> addition to the above).

LGTM!  The guiding principle should be to give enough context to someone
who doesn’t know the package at all to get an idea of what this is
about (info "(guix) Synopses and Descriptions").

Thank you,
Ludo’.

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2018-07-03  8:10 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-06-26 22:24 [bug#31985] [PATCH 0/2] Improve python-libscrypt speed Nicolas Goaziou
2018-06-26 22:31 ` [bug#31985] [PATCH 1/2] gnu: Add libscrypt Nicolas Goaziou
2018-06-26 22:31   ` [bug#31985] [PATCH 2/2] gnu: python-pylibscrypt: Improve speed Nicolas Goaziou
2018-07-02 15:33     ` Ludovic Courtès
2018-07-02 21:19       ` bug#31985: " Nicolas Goaziou
2018-07-02 15:32   ` [bug#31985] [PATCH 1/2] gnu: Add libscrypt Ludovic Courtès
2018-07-02 21:19     ` Nicolas Goaziou
2018-07-03  8:09       ` Ludovic Courtès

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).