juju-core

Merge lp:~dave-cheney/juju-core/179-remove-thirdparty-pbkdf2-dependency into lp:~go-bot/juju-core/trunk

  1. 179-remove-thirdparty-pbkdf2-dependency
  2. Merge into trunk
Proposed by Dave Cheney
Status: Merged
Approved by: Dave Cheney
Approved revision: no longer in the source branch.
Merged at revision: 2758
Proposed branch: lp:~dave-cheney/juju-core/179-remove-thirdparty-pbkdf2-dependency
Merge into: lp:~go-bot/juju-core/trunk
Prerequisite: lp:~dave-cheney/juju-core/178-update-errgo-and-loggo-dependencies
Diff against target: 282 lines (+3/-239)
5 files modified
cmd/package_test.go (+1/-1)
thirdparty/pbkdf2/pbkdf2.go (+0/-79)
thirdparty/pbkdf2/pbkdf2_test.go (+0/-157)
utils/fslock/package_test.go (+1/-1)
utils/password.go (+1/-1)
To merge this branch: bzr merge lp:~dave-cheney/juju-core/179-remove-thirdparty-pbkdf2-dependency
Reviewer Review Type Date Requested Status
Ian Booth Approve
Review via email: mp+220341@code.launchpad.net

Commit message

Remove thirdparty/pbkdf2

In preparation for the migration to github remove the private copy of pbkdf2.

It is probable that when this package was added, somewhere around 18 months ago, we did not have godeps or a established way of managing dependencies, so vendoring the package made sense at the time.

The only differences between our privat copy and the upstream is our inclusion of our note that the package is a fork.

Description of the change

Remove thirdparty/pbkdf2

In preparation for the migration to github remove the private copy of pbkdf2.

It is probable that when this package was added, somewhere around 18 months ago, we did not have godeps or a established way of managing dependencies, so vendoring the package made sense at the time.

The only differences between our privat copy and the upstream is our inclusion of our note that the package is a fork.

ubuntu@winton-02:~$ diff -u ~/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2.go /home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2.go
--- /home/ubuntu/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2.go 2014-05-21 00:46:49.130817000 +0000
+++ /home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2.go 2014-05-21 00:46:54.275885894 +0000
@@ -1,5 +1,3 @@
-// Original package at code.google.com/p/go.crypto/pbkdf2
-
 // Copyright 2012 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
ubuntu@winton-02:~$ diff -u ~/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2_test.go /home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2_test.go

https://codereview.appspot.com/98460044/

To post a comment you must log in.
Revision history for this message
Dave Cheney (dave-cheney) wrote :

Reviewers: mp+220341_code.launchpad.net,

Message:
Please take a look.

Description:
Remove thirdparty/pbkdf2

In preparation for the migration to github remove the private copy of
pbkdf2.

It is probable that when this package was added, somewhere around 18
months ago, we did not have godeps or a established way of managing
dependencies, so vendoring the package made sense at the time.

The only differences between our privat copy and the upstream is our
inclusion of our note that the package is a fork.

ubuntu@winton-02:~$ diff -u
~/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2.go
/home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2.go
--- /home/ubuntu/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2.go
        2014-05-21 00:46:49.130817000 +0000
+++ /home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2.go
2014-05-21 00:46:54.275885894 +0000
@@ -1,5 +1,3 @@
-// Original package at code.google.com/p/go.crypto/pbkdf2
-
  // Copyright 2012 The Go Authors. All rights reserved.
  // Use of this source code is governed by a BSD-style
  // license that can be found in the LICENSE file.
ubuntu@winton-02:~$ diff -u
~/src/launchpad.net/juju-core/thirdparty/pbkdf2/pbkdf2_test.go
/home/ubuntu/src/code.google.com/p/go.crypto/pbkdf2/pbkdf2_test.go

https://code.launchpad.net/~dave-cheney/juju-core/179-remove-thirdparty-pbkdf2-dependency/+merge/220341

Requires:
https://code.launchpad.net/~dave-cheney/juju-core/178-update-errgo-and-loggo-dependencies/+merge/220340

(do not edit description out of merge proposal)

Please review this at https://codereview.appspot.com/98460044/

Affected files (+3, -237 lines):
   A [revision details]
   D thirdparty/pbkdf2/pbkdf2.go
   D thirdparty/pbkdf2/pbkdf2_test.go
   M utils/password.go

Revision history for this message
Andrew Wilkins (axwalk) wrote :

On 2014/05/21 01:33:16, dfc wrote:
> Please take a look.

LGTM

https://codereview.appspot.com/98460044/

Revision history for this message
Ian Booth (wallyworld) :
review: Approve
Revision history for this message
Go Bot (go-bot) wrote :
Download full text (11.4 KiB)

The attempt to merge lp:~dave-cheney/juju-core/179-remove-thirdparty-pbkdf2-dependency into lp:juju-core failed. Below is the output from the failed tests.

ok launchpad.net/juju-core 0.011s
ok launchpad.net/juju-core/agent 0.902s
ok launchpad.net/juju-core/agent/mongo 0.477s
ok launchpad.net/juju-core/agent/tools 0.166s
ok launchpad.net/juju-core/bzr 5.421s
ok launchpad.net/juju-core/cert 2.031s
ok launchpad.net/juju-core/charm 0.423s
? launchpad.net/juju-core/charm/hooks [no test files]
? launchpad.net/juju-core/charm/testing [no test files]
ok launchpad.net/juju-core/cloudinit 0.134s
ok launchpad.net/juju-core/cloudinit/sshinit 0.709s

----------------------------------------------------------------------
FAIL: package_test.go:20: Dependencies.TestPackageDependencies

package_test.go:26:
    // This test is to ensure we don't bring in dependencies without thinking.
    // Looking at the "environs/config", it is just for JujuHome. This should
    // really be moved into "juju/osenv".
    c.Assert(testbase.FindJujuCoreImports(c, "launchpad.net/juju-core/cmd"),
        gc.DeepEquals,
        []string{"juju/arch", "juju/osenv", "names", "thirdparty/pbkdf2", "utils", "version"})
... obtained []string = []string{"juju/arch", "juju/osenv", "names", "utils", "version"}
... expected []string = []string{"juju/arch", "juju/osenv", "names", "thirdparty/pbkdf2", "utils", "version"}

OOPS: 57 passed, 1 FAILED
--- FAIL: Test (0.02 seconds)
FAIL
FAIL launchpad.net/juju-core/cmd 0.153s
ok launchpad.net/juju-core/cmd/charm-admin 0.236s
? launchpad.net/juju-core/cmd/charmd [no test files]
? launchpad.net/juju-core/cmd/charmload [no test files]
ok launchpad.net/juju-core/cmd/envcmd 0.163s
ok launchpad.net/juju-core/cmd/juju 224.318s
ok launchpad.net/juju-core/cmd/jujud 67.173s
ok launchpad.net/juju-core/cmd/plugins/juju-metadata 10.599s
? launchpad.net/juju-core/cmd/plugins/juju-restore [no test files]
ok launchpad.net/juju-core/cmd/plugins/local 0.160s
? launchpad.net/juju-core/cmd/plugins/local/juju-local [no test files]
ok launchpad.net/juju-core/constraints 0.023s
ok launchpad.net/juju-core/container 0.167s
ok launchpad.net/juju-core/container/factory 0.155s
ok launchpad.net/juju-core/container/kvm 0.180s
ok launchpad.net/juju-core/container/kvm/mock 0.149s
? launchpad.net/juju-core/container/kvm/testing [no test files]
ok launchpad.net/juju-core/container/lxc 4.314s
? launchpad.net/juju-core/container/lxc/mock [no test files]
? launchpad.net/juju-core/container/lxc/testing [no test files]
? launchpad.net/juju-core/container/testing [no test files]
ok launchpad.net/juju-core/downloader 5.223s
ok launchpad.net/juju-core/environs 2.244s
ok launchpad.net/juju-core/environs/bootstrap 12.563s
ok launchpad.net/juju-core/environs/cloudinit 0.443s
ok launchpad.net/juju-core/environs/config 1.640s
ok launchpad.net/juju-core/environs/configstore 0.145s
ok launchpad.net/juju-core/environs/filestorage 0.028s
ok launchpad.net/juju-core/environs/httpstorage 0.629s
ok launchpad.net/juju-core/environs/imagemetadata 0.424s
? launchpad.net/juju-core/environs/imagemetadata/testing ...

Revision history for this message
Dave Cheney (dave-cheney) wrote :

Please take a look.

https://codereview.appspot.com/98460044/

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'cmd/package_test.go'
--- cmd/package_test.go 2014-05-01 23:32:37 +0000
+++ cmd/package_test.go 2014-05-21 02:36:03 +0000
@@ -23,5 +23,5 @@
23 // really be moved into "juju/osenv".23 // really be moved into "juju/osenv".
24 c.Assert(testbase.FindJujuCoreImports(c, "launchpad.net/juju-core/cmd"),24 c.Assert(testbase.FindJujuCoreImports(c, "launchpad.net/juju-core/cmd"),
25 gc.DeepEquals,25 gc.DeepEquals,
26 []string{"juju/arch", "juju/osenv", "names", "thirdparty/pbkdf2", "utils", "version"})26 []string{"juju/arch", "juju/osenv", "names", "utils", "version"})
27}27}
2828
=== removed directory 'thirdparty'
=== removed directory 'thirdparty/pbkdf2'
=== removed file 'thirdparty/pbkdf2/pbkdf2.go'
--- thirdparty/pbkdf2/pbkdf2.go 2012-10-05 14:27:52 +0000
+++ thirdparty/pbkdf2/pbkdf2.go 1970-01-01 00:00:00 +0000
@@ -1,79 +0,0 @@
1// Original package at code.google.com/p/go.crypto/pbkdf2
2
3// Copyright 2012 The Go Authors. All rights reserved.
4// Use of this source code is governed by a BSD-style
5// license that can be found in the LICENSE file.
6
7/*
8Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC
92898 / PKCS #5 v2.0.
10
11A key derivation function is useful when encrypting data based on a password
12or any other not-fully-random data. It uses a pseudorandom function to derive
13a secure encryption key based on the password.
14
15While v2.0 of the standard defines only one pseudorandom function to use,
16HMAC-SHA1, the drafted v2.1 specification allows use of all five FIPS Approved
17Hash Functions SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 for HMAC. To
18choose, you can pass the `New` functions from the different SHA packages to
19pbkdf2.Key.
20*/
21package pbkdf2
22
23import (
24 "crypto/hmac"
25 "hash"
26)
27
28// Key derives a key from the password, salt and iteration count, returning a
29// []byte of length keylen that can be used as cryptographic key. The key is
30// derived based on the method described as PBKDF2 with the HMAC variant using
31// the supplied hash function.
32//
33// For example, to use a HMAC-SHA-1 based PBKDF2 key derivation function, you
34// can get a derived key for e.g. AES-256 (which needs a 32-byte key) by
35// doing:
36//
37// dk := pbkdf2.Key([]byte("some password"), salt, 4096, 32, sha1.New)
38//
39// Remember to get a good random salt. At least 8 bytes is recommended by the
40// RFC.
41//
42// Using a higher iteration count will increase the cost of an exhaustive
43// search but will also make derivation proportionally slower.
44func Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte {
45 prf := hmac.New(h, password)
46 hashLen := prf.Size()
47 numBlocks := (keyLen + hashLen - 1) / hashLen
48
49 var buf [4]byte
50 dk := make([]byte, 0, numBlocks*hashLen)
51 U := make([]byte, hashLen)
52 for block := 1; block <= numBlocks; block++ {
53 // N.B.: || means concatenation, ^ means XOR
54 // for each block T_i = U_1 ^ U_2 ^ ... ^ U_iter
55 // U_1 = PRF(password, salt || uint(i))
56 prf.Reset()
57 prf.Write(salt)
58 buf[0] = byte(block >> 24)
59 buf[1] = byte(block >> 16)
60 buf[2] = byte(block >> 8)
61 buf[3] = byte(block)
62 prf.Write(buf[:4])
63 dk = prf.Sum(dk)
64 T := dk[len(dk)-hashLen:]
65 copy(U, T)
66
67 // U_n = PRF(password, U_(n-1))
68 for n := 2; n <= iter; n++ {
69 prf.Reset()
70 prf.Write(U)
71 U = U[:0]
72 U = prf.Sum(U)
73 for x := range U {
74 T[x] ^= U[x]
75 }
76 }
77 }
78 return dk[:keyLen]
79}
800
=== removed file 'thirdparty/pbkdf2/pbkdf2_test.go'
--- thirdparty/pbkdf2/pbkdf2_test.go 2012-10-05 14:27:52 +0000
+++ thirdparty/pbkdf2/pbkdf2_test.go 1970-01-01 00:00:00 +0000
@@ -1,157 +0,0 @@
1// Copyright 2012 The Go Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style
3// license that can be found in the LICENSE file.
4
5package pbkdf2
6
7import (
8 "bytes"
9 "crypto/sha1"
10 "crypto/sha256"
11 "hash"
12 "testing"
13)
14
15type testVector struct {
16 password string
17 salt string
18 iter int
19 output []byte
20}
21
22// Test vectors from RFC 6070, http://tools.ietf.org/html/rfc6070
23var sha1TestVectors = []testVector{
24 {
25 "password",
26 "salt",
27 1,
28 []byte{
29 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
30 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
31 0x2f, 0xe0, 0x37, 0xa6,
32 },
33 },
34 {
35 "password",
36 "salt",
37 2,
38 []byte{
39 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
40 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
41 0xd8, 0xde, 0x89, 0x57,
42 },
43 },
44 {
45 "password",
46 "salt",
47 4096,
48 []byte{
49 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
50 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
51 0x65, 0xa4, 0x29, 0xc1,
52 },
53 },
54 // // This one takes too long
55 // {
56 // "password",
57 // "salt",
58 // 16777216,
59 // []byte{
60 // 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4,
61 // 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c,
62 // 0x26, 0x34, 0xe9, 0x84,
63 // },
64 // },
65 {
66 "passwordPASSWORDpassword",
67 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
68 4096,
69 []byte{
70 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
71 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
72 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
73 0x38,
74 },
75 },
76 {
77 "pass\000word",
78 "sa\000lt",
79 4096,
80 []byte{
81 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
82 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3,
83 },
84 },
85}
86
87// Test vectors from
88// http://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors
89var sha256TestVectors = []testVector{
90 {
91 "password",
92 "salt",
93 1,
94 []byte{
95 0x12, 0x0f, 0xb6, 0xcf, 0xfc, 0xf8, 0xb3, 0x2c,
96 0x43, 0xe7, 0x22, 0x52, 0x56, 0xc4, 0xf8, 0x37,
97 0xa8, 0x65, 0x48, 0xc9,
98 },
99 },
100 {
101 "password",
102 "salt",
103 2,
104 []byte{
105 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3,
106 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0,
107 0x2a, 0x30, 0x3f, 0x8e,
108 },
109 },
110 {
111 "password",
112 "salt",
113 4096,
114 []byte{
115 0xc5, 0xe4, 0x78, 0xd5, 0x92, 0x88, 0xc8, 0x41,
116 0xaa, 0x53, 0x0d, 0xb6, 0x84, 0x5c, 0x4c, 0x8d,
117 0x96, 0x28, 0x93, 0xa0,
118 },
119 },
120 {
121 "passwordPASSWORDpassword",
122 "saltSALTsaltSALTsaltSALTsaltSALTsalt",
123 4096,
124 []byte{
125 0x34, 0x8c, 0x89, 0xdb, 0xcb, 0xd3, 0x2b, 0x2f,
126 0x32, 0xd8, 0x14, 0xb8, 0x11, 0x6e, 0x84, 0xcf,
127 0x2b, 0x17, 0x34, 0x7e, 0xbc, 0x18, 0x00, 0x18,
128 0x1c,
129 },
130 },
131 {
132 "pass\000word",
133 "sa\000lt",
134 4096,
135 []byte{
136 0x89, 0xb6, 0x9d, 0x05, 0x16, 0xf8, 0x29, 0x89,
137 0x3c, 0x69, 0x62, 0x26, 0x65, 0x0a, 0x86, 0x87,
138 },
139 },
140}
141
142func testHash(t *testing.T, h func() hash.Hash, hashName string, vectors []testVector) {
143 for i, v := range vectors {
144 o := Key([]byte(v.password), []byte(v.salt), v.iter, len(v.output), h)
145 if !bytes.Equal(o, v.output) {
146 t.Errorf("%s %d: expected %x, got %x", hashName, i, v.output, o)
147 }
148 }
149}
150
151func TestWithHMACSHA1(t *testing.T) {
152 testHash(t, sha1.New, "SHA1", sha1TestVectors)
153}
154
155func TestWithHMACSHA256(t *testing.T) {
156 testHash(t, sha256.New, "SHA256", sha256TestVectors)
157}
1580
=== modified file 'utils/fslock/package_test.go'
--- utils/fslock/package_test.go 2014-01-21 05:25:30 +0000
+++ utils/fslock/package_test.go 2014-05-21 02:36:03 +0000
@@ -20,5 +20,5 @@
20func (*Dependencies) TestPackageDependencies(c *gc.C) {20func (*Dependencies) TestPackageDependencies(c *gc.C) {
21 // This test is to ensure we don't bring in dependencies without thinking.21 // This test is to ensure we don't bring in dependencies without thinking.
22 c.Assert(testbase.FindJujuCoreImports(c, "launchpad.net/juju-core/utils/fslock"),22 c.Assert(testbase.FindJujuCoreImports(c, "launchpad.net/juju-core/utils/fslock"),
23 gc.DeepEquals, []string{"juju/osenv", "thirdparty/pbkdf2", "utils"})23 gc.DeepEquals, []string{"juju/osenv", "utils"})
24}24}
2525
=== modified file 'utils/password.go'
--- utils/password.go 2013-11-07 09:32:37 +0000
+++ utils/password.go 2014-05-21 02:36:03 +0000
@@ -10,7 +10,7 @@
10 "fmt"10 "fmt"
11 "io"11 "io"
1212
13 "launchpad.net/juju-core/thirdparty/pbkdf2"13 "code.google.com/p/go.crypto/pbkdf2"
14)14)
1515
16// CompatSalt is because Juju 1.16 and older used a hard-coded salt to compute16// CompatSalt is because Juju 1.16 and older used a hard-coded salt to compute

Subscribers

People subscribed via source and target branches

to status/vote changes: