!20 【更新版本】更新master分支到最新的发布版本4.9

From: @kkzhs_admin 
Reviewed-by: @shinwell_hu 
Signed-off-by: @shinwell_hu

0001-Fix-CVE-2020-13757.patch

@@ -1,48 +0,0 @@
-From 93af6f2f89a9bf28361e67716c4240e691520f30 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= <sybren@stuvel.eu>
-Date: Wed, 3 Jun 2020 14:39:23 +0200
-Subject: [PATCH] Fix CVE-2020-13757: detect cyphertext modifications by
- prepending zero bytes
-
-Reject cyphertexts that have been modified by prepending zero bytes, by
-checking the cyphertext length against the expected size (given the
-decryption key). This resolves CVE-2020-13757.
-
-The same approach is used when verifying a signature.
-
-Thanks Carnil for pointing this out on https://github.com/sybrenstuvel/python-rsa/issues/146
----
- rsa/pkcs1.py        |  9 +++++++++
- 1 files changed, 9 insertions(+)
-
-diff --git a/rsa/pkcs1.py b/rsa/pkcs1.py
-index 28f0dc5..cdf830b 100644
---- a/rsa/pkcs1.py
-+++ b/rsa/pkcs1.py
-@@ -232,6 +232,12 @@ def decrypt(crypto, priv_key):
-     decrypted = priv_key.blinded_decrypt(encrypted)
-     cleartext = transform.int2bytes(decrypted, blocksize)
- 
-+    # Detect leading zeroes in the crypto. These are not reflected in the
-+    # encrypted value (as leading zeroes do not influence the value of an
-+    # integer). This fixes CVE-2020-13757.
-+    if len(crypto) > blocksize:
-+        raise DecryptionError('Decryption failed')
-+
-     # If we can't find the cleartext marker, decryption failed.
-     if cleartext[0:2] != b('\x00\x02'):
-         raise DecryptionError('Decryption failed')
-@@ -310,6 +316,9 @@ def verify(message, signature, pub_key):
-     cleartext = HASH_ASN1[method_name] + message_hash
-     expected = _pad_for_signing(cleartext, keylength)
- 
-+    if len(signature) != keylength:
-+        raise VerificationError('Verification failed')
-+
-     # Compare with the signed one
-     if expected != clearsig:
-         raise VerificationError('Verification failed')
- 
--- 
-1.8.3.1
-

python-rsa.spec

@@ -1,88 +1,106 @@
+%global _empty_manifest_terminate_build 0
 Name:           python-rsa
-Version:        3.4.2
-Release:        12
+Version:        4.9
+Release:        1
 Summary:        Pure-Python RSA implementation
-License:        ASL 2.0
-URL:            http://stuvel.eu/rsa
-Source0:        https://pypi.python.org/packages/source/r/rsa/rsa-%{version}.tar.gz
+License:        Apache-2.0
+URL:            https://stuvel.eu/rsa
+Source0:        https://files.pythonhosted.org/packages/aa/65/7d973b89c4d2351d7fb232c2e452547ddfa243e93131e7cfa766da627b52/rsa-%{version}.tar.gz
 BuildArch:      noarch
-
-Patch1: 0001-Fix-CVE-2020-13757.patch
-
 %description
 Python-RSA is a pure-Python RSA implementation. It supports
 encryption and decryption, signing and verifying signatures,
 and key generation according to PKCS#1 version 1.5.
 
-%package -n     python2-rsa
-%{?python_provide:%python_provide python2-rsa}
+%package -n python3-rsa
 Summary:        Pure-Python RSA implementation
-BuildRequires:  python2-devel, python2-setuptools, python2-pyasn1 >= 0.1.3
-Requires:       python2-pyasn1 >= 0.1.3, python2-setuptools
-
-%description -n python2-rsa
-Python-RSA is a pure-Python RSA implementation. It supports
-encryption and decryption, signing and verifying signatures,
-and key generation according to PKCS#1 version 1.5.
-
-%package -n     python3-rsa
-%{?python_provide:%python_provide python3-rsa}
-Summary:        Pure-Python RSA implementation
-BuildRequires:  python3-devel, python3-setuptools, python3-pyasn1 >= 0.1.3, python3-unittest2
-Requires:       python3-pyasn1 >= 0.1.3, python3-setuptools
-
+Provides:       python-rsa
+# Base build requires
+BuildRequires:  python3-devel
+BuildRequires:  python3-setuptools
+BuildRequires:  python3-pbr
+BuildRequires:  python3-pip
+BuildRequires:  python3-wheel
+# General requires
+BuildRequires:  python3-pyasn1
+# General requires
+Requires:       python3-pyasn1
 %description -n python3-rsa
 Python-RSA is a pure-Python RSA implementation. It supports
 encryption and decryption, signing and verifying signatures,
 and key generation according to PKCS#1 version 1.5.
 
+%package help
+Summary:        Pure-Python RSA implementation
+Provides:       python3-rsa-doc
+%description help
+Python-RSA is a pure-Python RSA implementation. It supports
+encryption and decryption, signing and verifying signatures,
+and key generation according to PKCS#1 version 1.5.
+
 %prep
-%autosetup -n rsa-%{version} -p1
+%autosetup -n rsa-%{version}
 
 %build
-%py2_build
 %py3_build
 
 %install
-%py2_install
-cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-priv2pub $RPM_BUILD_ROOT%{_bindir}/pyrsa-priv2pub-2
-cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-keygen $RPM_BUILD_ROOT%{_bindir}/pyrsa-keygen-2
-cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-2
-cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-2
-cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-sign $RPM_BUILD_ROOT%{_bindir}/pyrsa-sign-2
-cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-verify $RPM_BUILD_ROOT%{_bindir}/pyrsa-verify-2
-cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-bigfile $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-bigfile-2
-cp $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-bigfile $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-bigfile-2
-
 %py3_install
-mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-priv2pub $RPM_BUILD_ROOT%{_bindir}/pyrsa-priv2pub-3
-mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-keygen $RPM_BUILD_ROOT%{_bindir}/pyrsa-keygen-3
-mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-3
-mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-3
-mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-sign $RPM_BUILD_ROOT%{_bindir}/pyrsa-sign-3
-mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-verify $RPM_BUILD_ROOT%{_bindir}/pyrsa-verify-3
-mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-bigfile $RPM_BUILD_ROOT%{_bindir}/pyrsa-encrypt-bigfile-3
-mv $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-bigfile $RPM_BUILD_ROOT%{_bindir}/pyrsa-decrypt-bigfile-3
 
-%files -n python2-rsa
-%doc README.md
-%license LICENSE
-%{_bindir}/pyrsa-*-2
-%{python2_sitelib}/*
-
-%files -n python3-rsa
-%doc README.md
-%license LICENSE
-%{_bindir}/pyrsa-*-3
-%{python3_sitelib}/*
+install -d -m755 %{buildroot}/%{_pkgdocdir}
+if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
+if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
+if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
+if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
+pushd %{buildroot}
+if [ -d usr/lib ]; then
+    find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/lib64 ]; then
+    find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/bin ]; then
+    find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/sbin ]; then
+    find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+touch doclist.lst
+if [ -d usr/share/man ]; then
+    find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst
+fi
+popd
+mv %{buildroot}/filelist.lst .
+mv %{buildroot}/doclist.lst .
 
 %check
-%{__python2} setup.py test
 %{__python3} setup.py test
 
+%files -n python3-rsa -f filelist.lst
+%dir %{python3_sitelib}/*
+
+%files help -f doclist.lst
+%{_docdir}/*
+
 %changelog
+* Wed Aug 03 2022 kkz <zhaoshuag@uniontech.com> - 4.9-1
+- Upgrade package python3-rsa to version 4.9
+
+* Tue May 31 2022 OpenStack_SIG <openstack@openeuler.org> - 4.8-1
+- Upgrade package python3-rsa to version 4.8
+
+* Mon Aug 09 2021 OpenStack_SIG <openstack@openeuler.org> - 4.7.2-1
+- Package update to 4.7.2
+
+* Tue Dec 15 2020 yanglongkang <yanglongkang@huawei.com> - 3.4.2-14
+- fix CVE-2020-25658
+
+* Fri Oct 30 2020 yanglongkang <yanglongkang@huawei.com> - 3.4.2-13
+- remove python2 dependency
+
 * Tue Aug 4 2020 yanglongkang <yanglongkang@huawei.com> - 3.4.2-12
 - fix CVE-2020-13757
 
 * Mon Feb 10 2020 Ruijun Ge <geruijun@huawei.com> - 3.4.2-11
 - package init
+

python-rsa.yaml

@@ -2,3 +2,4 @@ version_control: github
 src_repo: sybrenstuevl/python-rsa
 tag_prefix: version-
 seperator: .
+