Mark Wooding [Fri, 22 Nov 2019 18:55:46 +0000 (18:55 +0000)]
mp.c: Spell `MP' and `GF' in the correct case in docstrings.
Mark Wooding [Fri, 22 Nov 2019 17:23:15 +0000 (17:23 +0000)]
group.c: Fix capitalization of `ECPt' in docstring.
Mark Wooding [Fri, 22 Nov 2019 17:22:27 +0000 (17:22 +0000)]
ec.c: Add missing optional argument to docstring.
Mark Wooding [Fri, 11 Oct 2019 08:53:00 +0000 (09:53 +0100)]
bytestring.c (bytestring_pyrepeat): Don't divide by zero.
Mark Wooding [Fri, 18 Oct 2019 21:37:00 +0000 (22:37 +0100)]
field.c: Fix misleading docstrings.
It seems that the `value' and `_value' properties have always been able
to return `GF' for binary field elements.
Mark Wooding [Fri, 11 Oct 2019 10:06:05 +0000 (11:06 +0100)]
buffer.c: Fix docstrings.
Mark Wooding [Sat, 19 Oct 2019 19:33:28 +0000 (20:33 +0100)]
util.c: Fix docstrings for generic-map iterator classes.
Mark Wooding [Sat, 19 Oct 2019 19:32:51 +0000 (20:32 +0100)]
group.c: Fix docstring keyword for `G.checkgroup'.
Mark Wooding [Tue, 15 Oct 2019 11:09:44 +0000 (12:09 +0100)]
ec.c (ecpt_pyrichcompare): Fix point comparisons.
Previously we'd just reject comparisons of points with different curves.
Instead, support comparing curveless points with curvy ones by just
comparing the points coordinatewise.
Unfortunately, to make equality be transitive, this means permitting
comparisons between points on different curves, which is unpleasant.
Mark Wooding [Tue, 15 Oct 2019 11:02:59 +0000 (12:02 +0100)]
ec.c (ecpt_pyhash): Fix hashing.
Previously, hashing a curveless point would just crash, which is
surprisingly bad form. Replace this mess with a simpler thing which
just converts the point to external form and hashes the coordinates.
Mark Wooding [Tue, 15 Oct 2019 10:48:39 +0000 (11:48 +0100)]
field.c, mp.c: Hash `GF' and `FE' objects the same as `MP'.
They can be compared for equality, and so they must hash the same way.
Mark Wooding [Tue, 15 Oct 2019 10:48:12 +0000 (11:48 +0100)]
mp.c: Factor out and export `mphash'.
Mark Wooding [Sat, 12 Oct 2019 12:44:54 +0000 (13:44 +0100)]
ec.c (ec2osp, os2ecp): Collect flags correctly.
Previously `ec2osp' collected an `int', which probably wasn't completely
terrible, and `os2ecp' collected a float, which probably was.
Mark Wooding [Fri, 11 Oct 2019 09:00:46 +0000 (10:00 +0100)]
ec.c: Fix reported function name in `ec2osp'.
Mark Wooding [Fri, 11 Oct 2019 09:00:19 +0000 (10:00 +0100)]
ec.c: Fix keyword-argument list for `os2ecp'.
Mark Wooding [Fri, 18 Oct 2019 21:15:46 +0000 (22:15 +0100)]
ec.c (eccurve_pyrichcompare): Check that second operand has correct type.
A segfault waiting to happen, which has been lurking since the
beginning.
Mark Wooding [Fri, 18 Oct 2019 20:57:12 +0000 (21:57 +0100)]
ec.c (ecpt_pymul): Don't leak the scalar value.
Mark Wooding [Fri, 18 Oct 2019 20:17:37 +0000 (21:17 +0100)]
ec.c: Don't drop through into an error case.
Mark Wooding [Fri, 18 Oct 2019 20:16:24 +0000 (21:16 +0100)]
ec.c: Fix three-argument point construction.
This has been wrong literally forever.
Mark Wooding [Sat, 19 Oct 2019 19:25:39 +0000 (20:25 +0100)]
buffer.c: Don't advertise `WBUF.putecpt' as a keyword method.
Mark Wooding [Sat, 19 Oct 2019 19:23:46 +0000 (20:23 +0100)]
catacomb/__init__.py (BaseRat, MP, GF): Add missing true-division methods.
Since these all produce exact (rational) results, they satisfy the true-
division requirements.
Mark Wooding [Sat, 19 Oct 2019 19:21:02 +0000 (20:21 +0100)]
catacomb/__init__.py (BaseRat): Add missing reverse-multiplication method.
Mark Wooding [Sun, 20 Oct 2019 01:27:53 +0000 (02:27 +0100)]
catacomb/__init__.py (BaseRat): Make comparisons actually work.
This was broken in
83c77564338b3e410eb2ca2db3d35173dd6666cc.
Mark Wooding [Sat, 12 Oct 2019 20:07:05 +0000 (21:07 +0100)]
buffer.c (wbmeth_putblkN): Check input block size.
Otherwise the C code fails an assertion.
Mark Wooding [Fri, 11 Oct 2019 09:01:11 +0000 (10:01 +0100)]
buffer.c: Return 64-bit values, even if they're too big for `getulong'.
Mark Wooding [Sat, 19 Oct 2019 19:02:08 +0000 (20:02 +0100)]
util.c: Use Python's machinery for handling 64-bit integers.
Where available.
Mark Wooding [Sat, 19 Oct 2019 18:59:59 +0000 (19:59 +0100)]
util.c: Augment `convu64' to collect its argument via `kludge64'.
Otherwise integers too large for `unsigned long' get rejected with an
error, even though they ought to be acceptable as a `uint64'.
Mark Wooding [Sat, 19 Oct 2019 17:19:07 +0000 (18:19 +0100)]
key.c, pgen.c: Add missing guards for `del' to property `set' functions.
Mark Wooding [Sat, 19 Oct 2019 16:10:41 +0000 (17:10 +0100)]
*.py: Use `str.replace' rather than `str.translate'.
It seems that the `None' argument to `str.translate' was a brief
experiment added in 2.6 which didn't survive into 3.0.
Mark Wooding [Fri, 14 Jul 2017 22:13:56 +0000 (23:13 +0100)]
buffer.c: Fix typoed variable name in `assert'.
Evidently I've never actually compiled this code with the assertions
turned on before.
(cherry picked from commit
a11849068dd55f5997365984cce759c0f2d7caeb)
Mark Wooding [Fri, 4 Oct 2019 14:40:28 +0000 (15:40 +0100)]
Deploy the new <ctype.h> and `foocmp' macros from mLib.
Mark Wooding [Tue, 1 Oct 2019 10:41:28 +0000 (11:41 +0100)]
algorithms.c: Delete pointless line break.
Mark Wooding [Tue, 1 Oct 2019 10:40:41 +0000 (11:40 +0100)]
Set ELF visibility to keep all of our external symbols to ourselves.
Mark Wooding [Tue, 1 Oct 2019 12:02:59 +0000 (13:02 +0100)]
debian/: Bump to Debhelper 10.
Mark Wooding [Tue, 1 Oct 2019 12:01:19 +0000 (13:01 +0100)]
debian/changelog: Prepare for the next version.
Mark Wooding [Sun, 22 Sep 2019 00:21:47 +0000 (01:21 +0100)]
Release 1.3.0.1.
Mark Wooding [Sun, 22 Sep 2019 00:20:50 +0000 (01:20 +0100)]
setup.py: Update required Catacomb version.
Missed from the previous release. Brown-paper-bag time.
Mark Wooding [Sat, 21 Sep 2019 22:00:38 +0000 (23:00 +0100)]
Release 1.3.0.
Mark Wooding [Sat, 21 Sep 2019 21:52:18 +0000 (22:52 +0100)]
debian/control: Bump `catacomb-dev' dependency for AEAD stuff.
Mark Wooding [Sat, 21 Sep 2019 12:26:15 +0000 (13:26 +0100)]
setup.py: Update mLib dependency to match `debian/control'.
Mark Wooding [Sat, 21 Sep 2019 10:47:01 +0000 (11:47 +0100)]
Merge branch 'mdw/aead'
* mdw/aead:
algorithms.c, etc.: Support the new AEAD abstraction.
algorithms.py: Support the new blockcipher-based MAC modes.
algorithms.c: Add missing `copy' methods on hash and Keccak objects.
catacomb/__init__.py: Add `KeySZ.pad' method.
Mark Wooding [Fri, 9 Nov 2018 15:35:14 +0000 (15:35 +0000)]
algorithms.c, etc.: Support the new AEAD abstraction.
The new machinery means we can reimplement `secret_box' and
`secret_unbox' using Catacomb's `..._naclbox' AE scheme.
Mark Wooding [Fri, 9 Nov 2018 15:34:46 +0000 (15:34 +0000)]
algorithms.py: Support the new blockcipher-based MAC modes.
Mark Wooding [Thu, 7 Feb 2019 11:42:05 +0000 (11:42 +0000)]
algorithms.c: Add missing `copy' methods on hash and Keccak objects.
Mark Wooding [Sun, 11 Nov 2018 00:13:12 +0000 (00:13 +0000)]
catacomb/__init__.py: Add `KeySZ.pad' method.
This is the converse of `best': choose the smallest acceptable size
larger than some given value.
Mark Wooding [Sat, 21 Sep 2019 10:42:37 +0000 (11:42 +0100)]
pock.1: Explicitly resolve the absolute-value wrapping from Hasse.
The following calculation doesn't hint that the term in the |...| has
been negated until quite late, making it a little misleading.
Mark Wooding [Sat, 21 Sep 2019 10:42:23 +0000 (11:42 +0100)]
pock.1: Fix clumsy wording in Pocklington proof.
Mark Wooding [Sat, 21 Sep 2019 10:40:14 +0000 (11:40 +0100)]
pock.1: Make a less fatuous observation.
Of course a has order dividing p - 1 in Z/pZ. This is Lagrange's
theorem.
It's valuable to observe that a has order dividing n - 1 because this
makes the next step, where we deduce the order of t = a^{(n-1)/q}, work.
Mark Wooding [Sat, 21 Sep 2019 10:37:57 +0000 (11:37 +0100)]
pock.1: Fix Pocklington proof.
Obviously t^q = a^{n-1} == 1 (mod n). It makes sense now.
Mark Wooding [Sat, 21 Sep 2019 10:37:24 +0000 (11:37 +0100)]
pock.1: Mention Baillie-PSW and why `pock' is still useful.
Mark Wooding [Sat, 21 Sep 2019 10:44:31 +0000 (11:44 +0100)]
pock: Add the `-s' option to the usage synopsis.
Mark Wooding [Sat, 21 Sep 2019 10:44:05 +0000 (11:44 +0100)]
pock: Consistently use lowercase and no dots in option help.
Mark Wooding [Thu, 7 Feb 2019 11:28:33 +0000 (11:28 +0000)]
pock: Set the sieve vector size correctly.
Having calculated `sievesz' so carefully, it seems a shame not to use it
-- especially when that results in the sieve vector being thirty times
larger than it should be.
More seriously, this causes the `smallprimes' iterator to continue way
past its proper end-point. Fortunately, all of the uses in this program
are safe.
Mark Wooding [Thu, 7 Feb 2019 11:27:20 +0000 (11:27 +0000)]
pock: Report `duplicate label' as an expected error.
It shouldn't result in a backtrace.
Mark Wooding [Mon, 24 Dec 2018 15:21:16 +0000 (15:21 +0000)]
Release 1.2.1.1.
Mark Wooding [Wed, 16 Aug 2017 03:54:26 +0000 (04:54 +0100)]
debian/control: Build-depend on `python-all-dev', not explicit versions.
Mark Wooding [Wed, 16 Aug 2017 03:54:08 +0000 (04:54 +0100)]
debian/: Use `dh_python2' for packaging.
Mark Wooding [Fri, 28 Jul 2017 23:58:08 +0000 (00:58 +0100)]
setup.py: Fix the advertised package URL.
Unfortunately the old URL was terrible both because it was poorly chosen
and because it was broken long ago (if indeed it ever worked in the
first place).
Mark Wooding [Sun, 11 Nov 2018 00:19:41 +0000 (00:19 +0000)]
pock: Actually, the word `check' isn't optional.
Fix the usage synopsis. The manpage has this right.
Mark Wooding [Fri, 9 Nov 2018 12:22:16 +0000 (12:22 +0000)]
algorithms.c, knock-on: Eliminate `f_freeme' flags.
These were being carefully set and checked on ciphers, hashes, and MACs,
for no good reason because the flag was always set. Abolish it.
The flag still exists for `grand' objects because they get injected into
Python through the `pgen' event-handling machinery, and Python mustn't
destroy them just because it loses its reference. (It also mustn't try
to hang onto them, so there's a longstanding bug in there.)
Mark Wooding [Fri, 9 Nov 2018 17:02:20 +0000 (17:02 +0000)]
algorithms.c: Slightly simplify integer-hashing methods.
There's no need for these to have an `end' label.
Mark Wooding [Fri, 9 Nov 2018 12:28:16 +0000 (12:28 +0000)]
bytestring.c: Implement indexing, slicing, concatenation and repeating.
Now these return bytestring objects, rather than Python strings.
Mark Wooding [Fri, 9 Nov 2018 12:27:42 +0000 (12:27 +0000)]
bytestring.c: Cache empty and singleton strings.
Mark Wooding [Fri, 9 Nov 2018 12:27:07 +0000 (12:27 +0000)]
bytestring.c (dowrap): Factor out allocating the bytestring object.
Mark Wooding [Fri, 9 Nov 2018 12:16:59 +0000 (12:16 +0000)]
Consistently make keyword-lists be static and read-only.
We had an exciting mix of static and automatic storage durations, and
none were marked as `const'. Python isn't `const'-correct, so we have
to cast away the `const'-ness: introduce a new macro `KWLIST' to do
this.
Also constify some other related tables, such as method names in
`pgev_python'.
Mark Wooding [Fri, 9 Nov 2018 12:29:39 +0000 (12:29 +0000)]
catacomb/__init__.py: Missed a `ByteString.zero' opportunity.
Mark Wooding [Fri, 9 Nov 2018 12:34:20 +0000 (12:34 +0000)]
catacomb-python.h: Eliminate redundant declaration of `convgcipher'.
There's another one a bit further down.
Mark Wooding [Fri, 9 Nov 2018 17:23:00 +0000 (17:23 +0000)]
rand.c, pgen.c: Invalidate random generators from pgen events.
I've not actually seen a crash from a Python program which keeps hold of
the random generator from a prime-generation event and tries to use it
after the operation has finished, but it was certainly possible.
Arrange for the event object to retain the random generator object (so
it always hands out the same one when requested), and invalidates it
when the event is itself invalidated.
This also involves messing with the `grand' code to cope with the idea
of invalidated random generators.
Mark Wooding [Wed, 16 Aug 2017 03:54:26 +0000 (04:54 +0100)]
debian/control: Build-depend on `python-all-dev', not explicit versions.
Mark Wooding [Wed, 16 Aug 2017 03:54:08 +0000 (04:54 +0100)]
debian/: Use `dh_python2' for packaging.
Mark Wooding [Wed, 16 Aug 2017 03:52:41 +0000 (04:52 +0100)]
debian/copyright, .mailmap: Convert to machine-readable format.
Mark Wooding [Sat, 29 Jul 2017 00:14:12 +0000 (01:14 +0100)]
*.c: Spruce up class docstrings.
Mostly, include constructor synopses.
Also, be consistent about outdenting the docstrings.
Mark Wooding [Sat, 29 Jul 2017 00:12:14 +0000 (01:12 +0100)]
buffer.c: Add `WriteBuffer.contents' property.
I'm fed of writing `C.ByteString(buf)'.
Mark Wooding [Sat, 29 Jul 2017 00:10:52 +0000 (01:10 +0100)]
algorithms.c: Reformat some of the `keysz' code.
Nothing major. Remove the separate check that max >= 0 since it's
implied by 0 <= min <= dfl <= max.
Mark Wooding [Fri, 28 Jul 2017 23:58:08 +0000 (00:58 +0100)]
setup.py: Fix the advertised package URL.
Unfortunately the old URL was terrible both because it was poorly chosen
and because it was broken long ago (if indeed it ever worked in the
first place).
Mark Wooding [Sun, 28 May 2017 18:03:08 +0000 (19:03 +0100)]
pock: New program for generating and verifying primality certificates.
Mark Wooding [Fri, 14 Jul 2017 22:19:41 +0000 (23:19 +0100)]
catacomb/__init__.py: Awful bodge for symbol conflict.
It seems that, in Debian jessie and later, the main Python binary now
exports `md5_init' and friends. Unfortunately, this overrides
Catacomb's existing `md5_init' with a rather different version, and the
result is a segfault (on i386) or wrong answers (on amd64).
So, as an unpleasant bodge (while this broken thing makes its way
through Debian, see bug #868366), try to force the `RTLD_DEEPBIND' flag
when loading the module. This is unfortunate, because Python doesn't
actually advertise this flag, at least in my version.
Mark Wooding [Fri, 14 Jul 2017 22:18:13 +0000 (23:18 +0100)]
catacomb/__init__.py: Rearrange the imports.
Sort the ordinary Python imports into alphabetical order (by module
name, rather than by import, if I'm only taking one or two symbols).
Move the main extension import into its own section, because it's going
to grow.
Mark Wooding [Fri, 14 Jul 2017 22:16:02 +0000 (23:16 +0100)]
catacomb/__init__.py: Import `sys' as a whole.
We're only using `argv' in one place, so this isn't a significant
hardship. And I'll want more things from `sys' soon.
Mark Wooding [Fri, 14 Jul 2017 22:13:56 +0000 (23:13 +0100)]
buffer.c: Fix typoed variable name in `assert'.
Evidently I've never actually compiled this code with the assertions
turned on before.
Mark Wooding [Fri, 14 Jul 2017 22:12:33 +0000 (23:12 +0100)]
rand.c: Newline to placate GCC.
Honestly, I don't see how a reader would think that the statement
following the `goto' was similarly covered by the conditional, but my
styling is obviously very different from everyone else's.
Mark Wooding [Sun, 28 May 2017 18:03:08 +0000 (19:03 +0100)]
pwsafe.1: Documentation for the password safe.
Mark Wooding [Sun, 28 May 2017 18:02:55 +0000 (19:02 +0100)]
pwsafe: Change the default crypto.
Use Rijndael rather than Blowfish (wtf?) and SHA256 instead of
RIPEMD-160.
Defaults will continue to change.
Mark Wooding [Sun, 28 May 2017 18:03:08 +0000 (19:03 +0100)]
MANIFEST.in: Make a separate section for scripts.
Just `pwsafe' for now.
Mark Wooding [Sun, 28 May 2017 18:03:08 +0000 (19:03 +0100)]
catacomb/__init__.py: Show selected `hash' in *DSA{Pub,Priv} objects.
Mark Wooding [Sun, 28 May 2017 15:25:56 +0000 (16:25 +0100)]
MANIFEST.in: Include any manual pages.
Not that there are any yet.
Mark Wooding [Sun, 28 May 2017 15:25:32 +0000 (16:25 +0100)]
MANIFEST.in: Add an Emacs mode dropping.
Mark Wooding [Fri, 7 Jul 2017 20:18:42 +0000 (21:18 +0100)]
Merge remote-tracking branch 'origin/HEAD'
* origin/HEAD:
catacomb/pwsafe.py: Fix stupid error which breaks `delete'.
Mark Wooding [Sat, 1 Jul 2017 09:43:44 +0000 (10:43 +0100)]
catacomb/pwsafe.py: Fix stupid error which breaks `delete'.
Mark Wooding [Fri, 16 Jun 2017 00:01:24 +0000 (01:01 +0100)]
Release 1.2.1.
Mark Wooding [Sun, 28 May 2017 18:03:08 +0000 (19:03 +0100)]
pubkey.c (dsa_setup): Make sure `u' is None or an MP object.
Don't just store the caller's object and hope for the best.
Mark Wooding [Sun, 28 May 2017 18:03:08 +0000 (19:03 +0100)]
pubkey.c: Fix keyword-argument order for KCDSAPriv constructor.
Mark Wooding [Sun, 28 May 2017 18:03:08 +0000 (19:03 +0100)]
ec.c: Fix embarrassing use-after-free in EC point hashing.
The hashed data is sometimes (unpredictably) mangled by freeing causing
hash mismatches, which is annoying. Also, obviously incorrect.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
Release 1.2.0.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
pubkey.c: Allow RSA key generation with user-chosen public exponent.
New feature in the underlying library.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
mp.c: Add binding for `leastcongruent' function.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
pubkey.c: Add support for Ed448 signatures, following RFC8032.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
catacomb/__init__.py: Settle on SHAKE256 for X448 box-key generation.
This matches Ed448 hashing, which is probably a good thing.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
pubkey.c: Support the `ed2559ctx' signature scheme from RFC8032.
Main difference is the addition of a personalization string.
In the wrapper classes, forward unknown keyword arguments on to the
underlying implementation.
Mark Wooding [Thu, 11 May 2017 09:42:15 +0000 (10:42 +0100)]
pubkey.c: Capture
Ed25519 binding in a macro.
Now we can add more EdDSA instances with similar shapes without too much
trouble.
Also, slightly sneakily, make EdDSA verification functions take keyword
arguments.