[Python-modules-commits] [python-cryptography] 01/03: Import python-cryptography_1.5.3.orig.tar.gz
Tristan Seligmann
mithrandi at moszumanska.debian.org
Tue Nov 8 03:44:00 UTC 2016
This is an automated email from the git hooks/post-receive script.
mithrandi pushed a commit to branch master
in repository python-cryptography.
commit c551c1690dc2ec0a12f779eaab780da45e40d1c6
Author: Tristan Seligmann <mithrandi at debian.org>
Date: Tue Nov 8 05:34:19 2016 +0200
Import python-cryptography_1.5.3.orig.tar.gz
---
CHANGELOG.rst | 7 +++++++
PKG-INFO | 2 +-
src/cryptography.egg-info/PKG-INFO | 2 +-
src/cryptography/__about__.py | 2 +-
src/cryptography/hazmat/primitives/kdf/hkdf.py | 2 +-
tests/hazmat/primitives/test_hkdf.py | 11 +++++++++++
6 files changed, 22 insertions(+), 4 deletions(-)
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 0bfd328..9b0bf29 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -1,6 +1,13 @@
Changelog
=========
+1.5.3 - 2016-11-05
+~~~~~~~~~~~~~~~~~~
+
+* **SECURITY ISSUE**: Fixed a bug where ``HKDF`` would return an empty
+ byte-string if used with a ``length`` less than ``algorithm.digest_size``.
+ Credit to **Markus Döring** for reporting the issue.
+
1.5.2 - 2016-09-26
~~~~~~~~~~~~~~~~~~
diff --git a/PKG-INFO b/PKG-INFO
index 3c67042..9de24de 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: cryptography
-Version: 1.5.2
+Version: 1.5.3
Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
Home-page: https://github.com/pyca/cryptography
Author: The cryptography developers
diff --git a/src/cryptography.egg-info/PKG-INFO b/src/cryptography.egg-info/PKG-INFO
index 3c67042..9de24de 100644
--- a/src/cryptography.egg-info/PKG-INFO
+++ b/src/cryptography.egg-info/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: cryptography
-Version: 1.5.2
+Version: 1.5.3
Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
Home-page: https://github.com/pyca/cryptography
Author: The cryptography developers
diff --git a/src/cryptography/__about__.py b/src/cryptography/__about__.py
index 02d6494..6baca0d 100644
--- a/src/cryptography/__about__.py
+++ b/src/cryptography/__about__.py
@@ -14,7 +14,7 @@ __summary__ = ("cryptography is a package which provides cryptographic recipes"
" and primitives to Python developers.")
__uri__ = "https://github.com/pyca/cryptography"
-__version__ = "1.5.2"
+__version__ = "1.5.3"
__author__ = "The cryptography developers"
__email__ = "cryptography-dev at python.org"
diff --git a/src/cryptography/hazmat/primitives/kdf/hkdf.py b/src/cryptography/hazmat/primitives/kdf/hkdf.py
index f738bbd..82ed9b1 100644
--- a/src/cryptography/hazmat/primitives/kdf/hkdf.py
+++ b/src/cryptography/hazmat/primitives/kdf/hkdf.py
@@ -91,7 +91,7 @@ class HKDFExpand(object):
output = [b""]
counter = 1
- while (self._algorithm.digest_size // 8) * len(output) < self._length:
+ while self._algorithm.digest_size * (len(output) - 1) < self._length:
h = hmac.HMAC(key_material, self._algorithm, backend=self._backend)
h.update(output[-1])
h.update(self._info)
diff --git a/tests/hazmat/primitives/test_hkdf.py b/tests/hazmat/primitives/test_hkdf.py
index e33529c..a05fd75 100644
--- a/tests/hazmat/primitives/test_hkdf.py
+++ b/tests/hazmat/primitives/test_hkdf.py
@@ -142,6 +142,17 @@ class TestHKDF(object):
hkdf.verify(b"foo", u"bar")
+ def test_derive_short_output(self, backend):
+ hkdf = HKDF(
+ hashes.SHA256(),
+ 4,
+ salt=None,
+ info=None,
+ backend=backend
+ )
+
+ assert hkdf.derive(b"\x01" * 16) == b"gJ\xfb{"
+
@pytest.mark.requires_backend_interface(interface=HMACBackend)
class TestHKDFExpand(object):
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-cryptography.git
More information about the Python-modules-commits
mailing list