juju-core

Merge lp:~dave-cheney/juju-core/179-remove-thirdparty-pbkdf2-dependency into lp:~go-bot/juju-core/trunk

  1. 179-remove-thirdparty-pbkdf2-dependency
  2. Merge into trunk
Proposed by Dave Cheney
Status: Merged
Approved by: Dave Cheney
Approved revision: no longer in the source branch.
Merged at revision: 2758
Proposed branch: lp:~dave-cheney/juju-core/179-remove-thirdparty-pbkdf2-dependency
Merge into: lp:~go-bot/juju-core/trunk
Prerequisite: lp:~dave-cheney/juju-core/178-update-errgo-and-loggo-dependencies
Diff against target: 282 lines (+3/-239)
5 files modified
cmd/package_test.go (+1/-1)
thirdparty/pbkdf2/pbkdf2.go (+0/-79)
thirdparty/pbkdf2/pbkdf2_test.go (+0/-157)
utils/fslock/package_test.go (+1/-1)
utils/password.go (+1/-1)
To merge this branch: bzr merge lp:~dave-cheney/juju-core/179-remove-thirdparty-pbkdf2-dependency
Reviewer Review Type Date Requested Status
Ian Booth Approve
Review via email: mp+220341@code.launchpad.net

Commit message

Remove thirdparty/pbkdf2

In preparation for the migration to github remove the private copy of pbkdf2.

It is probable that when this package was added, somewhere around 18 months ago, we did not have godeps or a established way of managing dependencies, so vendoring the package made sense at the time.

The only differences between our privat copy and the upstream is our inclusion of our note that the package is a fork.

Description of the change

Remove thirdparty/pbkdf2

In preparation for the migration to github remove the private copy of pbkdf2.

It is probable that when this package was added, somewhere around 18 months ago, we did not have godeps or a established way of managing dependencies, so vendoring the package made sense at the time.

The only differences between our privat copy and the upstream is our inclusion of our note that the package is a fork.

ubuntu@winton-02:~$ diff -u ~/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2.go /home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2.go
--- /home/ubuntu/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2.go 2014-05-21 00:46:49.130817000 +0000
+++ /home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2.go 2014-05-21 00:46:54.275885894 +0000
@@ -1,5 +1,3 @@
-// Original package at code.google.com/p/go.crypto/pbkdf2
-
 // Copyright 2012 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
ubuntu@winton-02:~$ diff -u ~/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2_test.go /home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2_test.go

https://codereview.appspot.com/98460044/

To post a comment you must log in.
Revision history for this message
Dave Cheney (dave-cheney) wrote :

Reviewers: mp+220341_code.launchpad.net,

Message:
Please take a look.

Description:
Remove thirdparty/pbkdf2

In preparation for the migration to github remove the private copy of
pbkdf2.

It is probable that when this package was added, somewhere around 18
months ago, we did not have godeps or a established way of managing
dependencies, so vendoring the package made sense at the time.

The only differences between our privat copy and the upstream is our
inclusion of our note that the package is a fork.

ubuntu@winton-02:~$ diff -u
~/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2.go
/home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2.go
--- /home/ubuntu/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2.go
        2014-05-21 00:46:49.130817000 +0000
+++ /home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2.go
2014-05-21 00:46:54.275885894 +0000
@@ -1,5 +1,3 @@
-// Original package at code.google.com/p/go.crypto/pbkdf2
-
  // Copyright 2012 The Go Authors. All rights reserved.
  // Use of this source code is governed by a BSD-style
  // license that can be found in the LICENSE file.
ubuntu@winton-02:~$ diff -u
~/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2_test.go
/home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2_test.go

https://code.launchpad.net/~dave-cheney/juju-core/179-remove-thirdparty-pbkdf2-dependency/+merge/220341

Requires:
https://code.launchpad.net/~dave-cheney/juju-core/178-update-errgo-and-loggo-dependencies/+merge/220340

(do not edit description out of merge proposal)

Please review this at https://codereview.appspot.com/98460044/

Affected files (+3, -237 lines):
   A [revision details]
   D thirdparty/pbkdf2/pbkdf2.go
   D thirdparty/pbkdf2/pbkdf2_test.go
   M utils/password.go

Revision history for this message
Andrew Wilkins (axwalk) wrote :

On 2014/05/21 01:33:16, dfc wrote:
> Please take a look.

LGTM

https://codereview.appspot.com/98460044/

Revision history for this message
Ian Booth (wallyworld) :
review: Approve
Revision history for this message
Go Bot (go-bot) wrote :
Download full text (11.4 KiB)

The attempt to merge lp:~dave-cheney/juju-core/179-remove-thirdparty-pbkdf2-dependency into lp:juju-core failed. Below is the output from the failed tests.

ok launchpad.net/juju-core 0.011s
ok launchpad.net/juju-core/agent 0.902s
ok launchpad.net/juju-core/agent/mongo 0.477s
ok launchpad.net/juju-core/agent/tools 0.166s
ok launchpad.net/juju-core/bzr 5.421s
ok launchpad.net/juju-core/cert 2.031s
ok launchpad.net/juju-core/charm 0.423s
? launchpad.net/juju-core/charm/hooks [no test files]
? launchpad.net/juju-core/charm/testing [no test files]
ok launchpad.net/juju-core/cloudinit 0.134s
ok launchpad.net/juju-core/cloudinit/sshinit 0.709s

----------------------------------------------------------------------
FAIL: package_test.go:20: Dependencies.TestPackageDependencies

package_test.go:26:
    // This test is to ensure we don't bring in dependencies without thinking.
    // Looking at the "environs/config", it is just for JujuHome. This should
    // really be moved into "juju/osenv".
    c.Assert(testbase.FindJujuCoreImports(c, "launchpad.net/juju-core/cmd"),
        gc.DeepEquals,
        []string{"juju/arch", "juju/osenv", "names", "thirdparty/pbkdf2", "utils", "version"})
... obtained []string = []string{"juju/arch", "juju/osenv", "names", "utils", "version"}
... expected []string = []string{"juju/arch", "juju/osenv", "names", "thirdparty/pbkdf2", "utils", "version"}

OOPS: 57 passed, 1 FAILED
--- FAIL: Test (0.02 seconds)
FAIL
FAIL launchpad.net/juju-core/cmd 0.153s
ok launchpad.net/juju-core/cmd/charm-admin 0.236s
? launchpad.net/juju-core/cmd/charmd [no test files]
? launchpad.net/juju-core/cmd/charmload [no test files]
ok launchpad.net/juju-core/cmd/envcmd 0.163s
ok launchpad.net/juju-core/cmd/juju 224.318s
ok launchpad.net/juju-core/cmd/jujud 67.173s
ok launchpad.net/juju-core/cmd/plugins/juju-metadata 10.599s
? launchpad.net/juju-core/cmd/plugins/juju-restore [no test files]
ok launchpad.net/juju-core/cmd/plugins/local 0.160s
? launchpad.net/juju-core/cmd/plugins/local/juju-local [no test files]
ok launchpad.net/juju-core/constraints 0.023s
ok launchpad.net/juju-core/container 0.167s
ok launchpad.net/juju-core/container/factory 0.155s
ok launchpad.net/juju-core/container/kvm 0.180s
ok launchpad.net/juju-core/container/kvm/mock 0.149s
? launchpad.net/juju-core/container/kvm/testing [no test files]
ok launchpad.net/juju-core/container/lxc 4.314s
? launchpad.net/juju-core/container/lxc/mock [no test files]
? launchpad.net/juju-core/container/lxc/testing [no test files]
? launchpad.net/juju-core/container/testing [no test files]
ok launchpad.net/juju-core/downloader 5.223s
ok launchpad.net/juju-core/environs 2.244s
ok launchpad.net/juju-core/environs/bootstrap 12.563s
ok launchpad.net/juju-core/environs/cloudinit 0.443s
ok launchpad.net/juju-core/environs/config 1.640s
ok launchpad.net/juju-core/environs/configstore 0.145s
ok launchpad.net/juju-core/environs/filestorage 0.028s
ok launchpad.net/juju-core/environs/httpstorage 0.629s
ok launchpad.net/juju-core/environs/imagemetadata 0.424s
? launchpad.net/juju-core/environs/imagemetadata/testing ...

Revision history for this message
Dave Cheney (dave-cheney) wrote :

Please take a look.

https://codereview.appspot.com/98460044/

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'cmd/package_test.go'
2--- cmd/package_test.go 2014-05-01 23:32:37 +0000
3+++ cmd/package_test.go 2014-05-21 02:36:03 +0000
4@@ -23,5 +23,5 @@
5 // really be moved into "juju/osenv".
6 c.Assert(testbase.FindJujuCoreImports(c, "launchpad.net/juju-core/cmd"),
7 gc.DeepEquals,
8- []string{"juju/arch", "juju/osenv", "names", "thirdparty/pbkdf2", "utils", "version"})
9+ []string{"juju/arch", "juju/osenv", "names", "utils", "version"})
10 }
11
12=== removed directory 'thirdparty'
13=== removed directory 'thirdparty/pbkdf2'
14=== removed file 'thirdparty/pbkdf2/pbkdf2.go'
15--- thirdparty/pbkdf2/pbkdf2.go 2012-10-05 14:27:52 +0000
16+++ thirdparty/pbkdf2/pbkdf2.go 1970-01-01 00:00:00 +0000
17@@ -1,79 +0,0 @@
18-// Original package at code.google.com/p/go.crypto/pbkdf2
19-
20-// Copyright 2012 The Go Authors. All rights reserved.
21-// Use of this source code is governed by a BSD-style
22-// license that can be found in the LICENSE file.
23-
24-/*
25-Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC
26-2898 / PKCS #5 v2.0.
27-
28-A key derivation function is useful when encrypting data based on a password
29-or any other not-fully-random data. It uses a pseudorandom function to derive
30-a secure encryption key based on the password.
31-
32-While v2.0 of the standard defines only one pseudorandom function to use,
33-HMAC-SHA1, the drafted v2.1 specification allows use of all five FIPS Approved
34-Hash Functions SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 for HMAC. To
35-choose, you can pass the `New` functions from the different SHA packages to
36-pbkdf2.Key.
37-*/
38-package pbkdf2
39-
40-import (
41- "crypto/hmac"
42- "hash"
43-)
44-
45-// Key derives a key from the password, salt and iteration count, returning a
46-// []byte of length keylen that can be used as cryptographic key. The key is
47-// derived based on the method described as PBKDF2 with the HMAC variant using
48-// the supplied hash function.
49-//
50-// For example, to use a HMAC-SHA-1 based PBKDF2 key derivation function, you
51-// can get a derived key for e.g. AES-256 (which needs a 32-byte key) by
52-// doing:
53-//
54-// dk := pbkdf2.Key([]byte("some password"), salt, 4096, 32, sha1.New)
55-//
56-// Remember to get a good random salt. At least 8 bytes is recommended by the
57-// RFC.
58-//
59-// Using a higher iteration count will increase the cost of an exhaustive
60-// search but will also make derivation proportionally slower.
61-func Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte {
62- prf := hmac.New(h, password)
63- hashLen := prf.Size()
64- numBlocks := (keyLen + hashLen - 1) / hashLen
65-
66- var buf [4]byte
67- dk := make([]byte, 0, numBlocks*hashLen)
68- U := make([]byte, hashLen)
69- for block := 1; block <= numBlocks; block++ {
70- // N.B.: || means concatenation, ^ means XOR
71- // for each block T_i = U_1 ^ U_2 ^ ... ^ U_iter
72- // U_1 = PRF(password, salt || uint(i))
73- prf.Reset()
74- prf.Write(salt)
75- buf[0] = byte(block >> 24)
76- buf[1] = byte(block >> 16)
77- buf[2] = byte(block >> 8)
78- buf[3] = byte(block)
79- prf.Write(buf[:4])
80- dk = prf.Sum(dk)
81- T := dk[len(dk)-hashLen:]
82- copy(U, T)
83-
84- // U_n = PRF(password, U_(n-1))
85- for n := 2; n <= iter; n++ {
86- prf.Reset()
87- prf.Write(U)
88- U = U[:0]
89- U = prf.Sum(U)
90- for x := range U {
91- T[x] ^= U[x]
92- }
93- }
94- }
95- return dk[:keyLen]
96-}
97
98=== removed file 'thirdparty/pbkdf2/pbkdf2_test.go'
99--- thirdparty/pbkdf2/pbkdf2_test.go 2012-10-05 14:27:52 +0000
100+++ thirdparty/pbkdf2/pbkdf2_test.go 1970-01-01 00:00:00 +0000
101@@ -1,157 +0,0 @@
102-// Copyright 2012 The Go Authors. All rights reserved.
103-// Use of this source code is governed by a BSD-style
104-// license that can be found in the LICENSE file.
105-
106-package pbkdf2
107-
108-import (
109- "bytes"
110- "crypto/sha1"
111- "crypto/sha256"
112- "hash"
113- "testing"
114-)
115-
116-type testVector struct {
117- password string
118- salt string
119- iter int
120- output []byte
121-}
122-
123-// Test vectors from RFC 6070, http://tools.ietf.org/html/rfc6070
124-var sha1TestVectors = []testVector{
125- {
126- "password",
127- "salt",
128- 1,
129- []byte{
130- 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
131- 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
132- 0x2f, 0xe0, 0x37, 0xa6,
133- },
134- },
135- {
136- "password",
137- "salt",
138- 2,
139- []byte{
140- 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
141- 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
142- 0xd8, 0xde, 0x89, 0x57,
143- },
144- },
145- {
146- "password",
147- "salt",
148- 4096,
149- []byte{
150- 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
151- 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
152- 0x65, 0xa4, 0x29, 0xc1,
153- },
154- },
155- // // This one takes too long
156- // {
157- // "password",
158- // "salt",
159- // 16777216,
160- // []byte{
161- // 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4,
162- // 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c,
163- // 0x26, 0x34, 0xe9, 0x84,
164- // },
165- // },
166- {
167- "passwordPASSWORDpassword",
168- "saltSALTsaltSALTsaltSALTsaltSALTsalt",
169- 4096,
170- []byte{
171- 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
172- 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
173- 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
174- 0x38,
175- },
176- },
177- {
178- "pass\000word",
179- "sa\000lt",
180- 4096,
181- []byte{
182- 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
183- 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3,
184- },
185- },
186-}
187-
188-// Test vectors from
189-// http://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors
190-var sha256TestVectors = []testVector{
191- {
192- "password",
193- "salt",
194- 1,
195- []byte{
196- 0x12, 0x0f, 0xb6, 0xcf, 0xfc, 0xf8, 0xb3, 0x2c,
197- 0x43, 0xe7, 0x22, 0x52, 0x56, 0xc4, 0xf8, 0x37,
198- 0xa8, 0x65, 0x48, 0xc9,
199- },
200- },
201- {
202- "password",
203- "salt",
204- 2,
205- []byte{
206- 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3,
207- 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0,
208- 0x2a, 0x30, 0x3f, 0x8e,
209- },
210- },
211- {
212- "password",
213- "salt",
214- 4096,
215- []byte{
216- 0xc5, 0xe4, 0x78, 0xd5, 0x92, 0x88, 0xc8, 0x41,
217- 0xaa, 0x53, 0x0d, 0xb6, 0x84, 0x5c, 0x4c, 0x8d,
218- 0x96, 0x28, 0x93, 0xa0,
219- },
220- },
221- {
222- "passwordPASSWORDpassword",
223- "saltSALTsaltSALTsaltSALTsaltSALTsalt",
224- 4096,
225- []byte{
226- 0x34, 0x8c, 0x89, 0xdb, 0xcb, 0xd3, 0x2b, 0x2f,
227- 0x32, 0xd8, 0x14, 0xb8, 0x11, 0x6e, 0x84, 0xcf,
228- 0x2b, 0x17, 0x34, 0x7e, 0xbc, 0x18, 0x00, 0x18,
229- 0x1c,
230- },
231- },
232- {
233- "pass\000word",
234- "sa\000lt",
235- 4096,
236- []byte{
237- 0x89, 0xb6, 0x9d, 0x05, 0x16, 0xf8, 0x29, 0x89,
238- 0x3c, 0x69, 0x62, 0x26, 0x65, 0x0a, 0x86, 0x87,
239- },
240- },
241-}
242-
243-func testHash(t *testing.T, h func() hash.Hash, hashName string, vectors []testVector) {
244- for i, v := range vectors {
245- o := Key([]byte(v.password), []byte(v.salt), v.iter, len(v.output), h)
246- if !bytes.Equal(o, v.output) {
247- t.Errorf("%s %d: expected %x, got %x", hashName, i, v.output, o)
248- }
249- }
250-}
251-
252-func TestWithHMACSHA1(t *testing.T) {
253- testHash(t, sha1.New, "SHA1", sha1TestVectors)
254-}
255-
256-func TestWithHMACSHA256(t *testing.T) {
257- testHash(t, sha256.New, "SHA256", sha256TestVectors)
258-}
259
260=== modified file 'utils/fslock/package_test.go'
261--- utils/fslock/package_test.go 2014-01-21 05:25:30 +0000
262+++ utils/fslock/package_test.go 2014-05-21 02:36:03 +0000
263@@ -20,5 +20,5 @@
264 func (*Dependencies) TestPackageDependencies(c *gc.C) {
265 // This test is to ensure we don't bring in dependencies without thinking.
266 c.Assert(testbase.FindJujuCoreImports(c, "launchpad.net/juju-core/utils/fslock"),
267- gc.DeepEquals, []string{"juju/osenv", "thirdparty/pbkdf2", "utils"})
268+ gc.DeepEquals, []string{"juju/osenv", "utils"})
269 }
270
271=== modified file 'utils/password.go'
272--- utils/password.go 2013-11-07 09:32:37 +0000
273+++ utils/password.go 2014-05-21 02:36:03 +0000
274@@ -10,7 +10,7 @@
275 "fmt"
276 "io"
277
278- "launchpad.net/juju-core/thirdparty/pbkdf2"
279+ "code.google.com/p/go.crypto/pbkdf2"
280 )
281
282 // CompatSalt is because Juju 1.16 and older used a hard-coded salt to compute

Subscribers

People subscribed via source and target branches

to status/vote changes: