Opened 7 years ago

Closed 7 years ago

#14854 closed enhancement (fixed)

Update pycrypto to 2.6.1

Reported by: jpflori Owned by: jdemeyer
Priority: major Milestone: sage-6.1
Component: packages: standard Keywords: spkg pycrypto
Cc: Merged in:
Authors: Jean-Pierre Flori Reviewers: Volker Braun
Report Upstream: N/A Work issues:
Branch: u/jpflori/ticket/14854 (Commits) Commit: 83eeb4b6f2ba9581f98e4542897c47354eb17372
Dependencies: #12399 Stopgaps:

Change History (19)

comment:1 Changed 7 years ago by jpflori

  • Keywords spkg pycrypto added

This would be a good time to cleanup spkg scripts.

comment:2 Changed 7 years ago by jpflori

  • Authors set to Jean-Pierre Flori
  • Branch set to u/jpflori/ticket/14854
  • Commit set to e0fbe47211e50eeb6ce8f1063f1fdeed097701db
  • Dependencies set to #12399
  • Description modified (diff)
  • Status changed from new to needs_review

Trivial update on top of #12399.


New commits:

e0fbe47Update PyCrypto to version 2.6.1.
528d988Let PyCrypto build on FreeBSD.

comment:3 Changed 7 years ago by jpflori

  • Summary changed from Update pycrypto to 2.6.0 to Update pycrypto to 2.6.1

comment:4 Changed 7 years ago by vbraun

This was in #15531 but I'm pretty sure it applies here just as well:

sage -t --long src/sage/crypto/block_cipher/miniaes.py  # 1 doctest failed
sage -t --long src/sage/crypto/block_cipher/sdes.py  # 1 doctest failed
sage -t --long src/sage/crypto/classical_cipher.py  # 1 doctest failed
sage -t --long src/sage/crypto/stream_cipher.py  # 1 doctest failed
sage -t --long src/sage/crypto/util.py  # 1 doctest failed
sage -t --long src/sage/crypto/public_key/blum_goldwasser.py  # 1 doctest failed
sage -t --long src/sage/monoids/string_monoid.py  # 1 doctest failed
sage -t --long src/sage/monoids/string_monoid_element.py  # 1 doctest failed

comment:5 Changed 7 years ago by jpflori

Oops, I'll have a look at it.

comment:6 Changed 7 years ago by jpflori

The errors are because pycrpto wants a secure (hum, let's say more side channel attacks resistant) implem of modular exponentiation or issues a warning. It's available as mpz_powm_sec from recent GMP releases, but MPIR does not supply that. (Also note that wiith FLINT 2.4 we should be able to build all of Sage IIRC on top of gmp, time for a new spkg?) So we should just ignore the warnings (or add them to the doctests but would fail with Sage on top of GMP). Anyway, we don't really care within Sage, at least that's my point of view, nobody would or should use Sage to do real crypto.

comment:7 Changed 7 years ago by git

  • Commit changed from e0fbe47211e50eeb6ce8f1063f1fdeed097701db to a76e9a36883efe7787b122f5ce201d05d152b773

Branch pushed to git repo; I updated commit sha1. New commits:

a76e9a3Filter pycrypto warning about insecure modular exponentiaiton.

comment:8 Changed 7 years ago by jpflori

The solution I've implemented is to filter pycrypto warnings in the warnings module. Feel free to say it is a bad solution and we should rather modify the tests, or move the piece of code I've added somewhere else (maybe it really slows down Sage startup, I don't know).

comment:9 Changed 7 years ago by jpflori

On a different topic, the only funciton actually used is in the monoids files, and that's only the byte_to_long function, so maybe we should implement this ourselves. I don't suggest to remove the pycrypto pkg though.

comment:10 Changed 7 years ago by vbraun

I'd rather modify the tests and preserve the warning...

comment:11 Changed 7 years ago by jpflori

Should we explicitely match the warning or filter it with "..."?

comment:12 Changed 7 years ago by vbraun

Explicit is better than implicit (one of Python's credos), but then I don't care that much ;-)

comment:13 Changed 7 years ago by jpflori

Let's go for explicit. As I said, I think we should get rid of the pycrypto use in the monoid stuff anyway, so when that's the case it will force us to remove the explicit things rather than leaving ... evrywhere.

comment:14 Changed 7 years ago by jpflori

Unfortunately I'm not sure I can do anything else as what I did as the warning only comes up the first time the BinaryStrings?().encoding("") is used so it depends on the order the tests within the file will be run.

Maybe better reimplement bytes_to_long and long_to_bytes directly.

comment:15 Changed 7 years ago by vbraun

The order of doctests is top to bottom, isn't it?

comment:16 Changed 7 years ago by git

  • Commit changed from a76e9a36883efe7787b122f5ce201d05d152b773 to 83eeb4b6f2ba9581f98e4542897c47354eb17372

Branch pushed to git repo; I updated commit sha1. New commits:

83eeb4bReplace bytes_to_long/long_to_bytes by ord/chr.
706b4feRevert "Filter pycrypto warning about insecure modular exponentiaiton."

comment:17 Changed 7 years ago by jpflori

I've replaced the pycrypto functions by plain python funcitons which seem to be adequate for our use.

comment:18 Changed 7 years ago by vbraun

  • Reviewers set to Volker Braun
  • Status changed from needs_review to positive_review

lgtm

comment:19 Changed 7 years ago by vbraun

  • Resolution set to fixed
  • Status changed from positive_review to closed
Note: See TracTickets for help on using tickets.