From 92849d863c6b352701e44f00f7e4923d97b796bd Mon Sep 17 00:00:00 2001 From: Sibi Prabakaran Date: Thu, 18 May 2017 08:18:39 +0530 Subject: [PATCH 01/10] Port to cryptonite --- yesod-auth/Yesod/Auth/Email.hs | 6 +++--- yesod-auth/Yesod/PasswordStore.hs | 15 +++++++++------ 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/yesod-auth/Yesod/Auth/Email.hs b/yesod-auth/Yesod/Auth/Email.hs index aa76231a..0c6aa34d 100644 --- a/yesod-auth/Yesod/Auth/Email.hs +++ b/yesod-auth/Yesod/Auth/Email.hs @@ -117,9 +117,8 @@ import qualified Yesod.Auth.Message as Msg import Yesod.Core import Yesod.Form import qualified Yesod.PasswordStore as PS - import Control.Applicative ((<$>), (<*>)) -import qualified Crypto.Hash.MD5 as H +import qualified Crypto.Hash as H import qualified Crypto.Nonce as Nonce import Data.ByteString.Base16 as B16 import Data.Text (Text) @@ -134,6 +133,7 @@ import System.IO.Unsafe (unsafePerformIO) import qualified Text.Email.Validate import Data.Aeson.Types (Parser, Result(..), parseMaybe, withObject, (.:?)) import Data.Maybe (isJust, isNothing, fromJust) +import Data.ByteArray (convert) loginR, registerR, forgotPasswordR, setpassR :: AuthRoute loginR = PluginR "email" ["login"] @@ -811,7 +811,7 @@ saltPass = fmap (decodeUtf8With lenientDecode) saltPass' :: String -> String -> String saltPass' salt pass = - salt ++ T.unpack (TE.decodeUtf8 $ B16.encode $ H.hash $ TE.encodeUtf8 $ T.pack $ salt ++ pass) + salt ++ T.unpack (TE.decodeUtf8 $ B16.encode $ convert (H.hash (TE.encodeUtf8 $ T.pack $ salt ++ pass) :: H.Digest H.MD5)) isValidPass :: Text -- ^ cleartext password -> SaltedPass -- ^ salted password diff --git a/yesod-auth/Yesod/PasswordStore.hs b/yesod-auth/Yesod/PasswordStore.hs index 9408b7bc..9e32a48e 100755 --- a/yesod-auth/Yesod/PasswordStore.hs +++ b/yesod-auth/Yesod/PasswordStore.hs @@ -102,16 +102,14 @@ module Yesod.PasswordStore ( importSalt -- :: ByteString -> Salt ) where - +import qualified Crypto.MAC.HMAC as CH import qualified Crypto.Hash as CH -import qualified Crypto.Hash.SHA256 as H import qualified Data.ByteString.Char8 as B import qualified Data.ByteString as BS import qualified Data.ByteString.Lazy as BL import qualified Data.Binary as Binary import Control.Monad import Control.Monad.ST -import Data.Byteable (toBytes) import Data.STRef import Data.Bits import Data.ByteString.Char8 (ByteString) @@ -120,6 +118,7 @@ import System.IO import System.Random import Data.Maybe import qualified Control.Exception +import Data.ByteArray (convert) --------------------- -- Cryptographic base @@ -134,14 +133,18 @@ import qualified Control.Exception -- matches. pbkdf1 :: ByteString -> Salt -> Int -> ByteString pbkdf1 password (SaltBS salt) iter = hashRounds first_hash (iter + 1) - where first_hash = H.finalize $ H.init `H.update` password `H.update` salt + where + first_hash = + convert $ + ((CH.hashFinalize $ CH.hashInit `CH.hashUpdate` password `CH.hashUpdate` salt) :: CH.Digest CH.SHA256) + -- | Hash a 'ByteString' for a given number of rounds. The number of rounds is 0 -- or more. If the number of rounds specified is 0, the ByteString will be -- returned unmodified. hashRounds :: ByteString -> Int -> ByteString hashRounds (!bs) 0 = bs -hashRounds bs rounds = hashRounds (H.hash bs) (rounds - 1) +hashRounds bs rounds = hashRounds (convert (CH.hash bs :: CH.Digest CH.SHA256)) (rounds - 1) -- | Computes the hmacSHA256 of the given message, with the given 'Salt'. hmacSHA256 :: ByteString @@ -151,7 +154,7 @@ hmacSHA256 :: ByteString -> ByteString -- ^ The encoded message hmacSHA256 secret msg = - toBytes (CH.hmacGetDigest (CH.hmac secret msg) :: CH.Digest CH.SHA256) + convert (CH.hmacGetDigest (CH.hmac secret msg) :: CH.Digest CH.SHA256) -- | PBKDF2 key-derivation function. -- For details see @http://tools.ietf.org/html/rfc2898@. From f1fb571427feeca93547bfd2e921bf740b8a5227 Mon Sep 17 00:00:00 2001 From: Sibi Prabakaran Date: Thu, 18 May 2017 08:18:53 +0530 Subject: [PATCH 02/10] Make relevant changes to cabal file for yesod-auth --- yesod-auth/yesod-auth.cabal | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/yesod-auth/yesod-auth.cabal b/yesod-auth/yesod-auth.cabal index 71c928c9..18330036 100644 --- a/yesod-auth/yesod-auth.cabal +++ b/yesod-auth/yesod-auth.cabal @@ -27,7 +27,8 @@ library , wai >= 1.4 , template-haskell , base16-bytestring - , cryptohash + , cryptonite + , memory , random >= 1.0.0.2 , text >= 0.7 , mime-mail >= 0.3 From 8f5b0bc2389c9711c63fad5a2dac8cf8e80ca789 Mon Sep 17 00:00:00 2001 From: Sibi Prabakaran Date: Thu, 18 May 2017 08:43:29 +0530 Subject: [PATCH 03/10] Do version bump and add Changelog Partially addresses #1397 --- yesod-auth/ChangeLog.md | 4 ++++ yesod-auth/yesod-auth.cabal | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/yesod-auth/ChangeLog.md b/yesod-auth/ChangeLog.md index b8ff2a13..fdfbfeea 100644 --- a/yesod-auth/ChangeLog.md +++ b/yesod-auth/ChangeLog.md @@ -1,3 +1,7 @@ +## 1.4.17.2 + +* Move to cryptonite from cryptohash + ## 1.4.17.1 * Some translation fixes diff --git a/yesod-auth/yesod-auth.cabal b/yesod-auth/yesod-auth.cabal index 18330036..a50db32a 100644 --- a/yesod-auth/yesod-auth.cabal +++ b/yesod-auth/yesod-auth.cabal @@ -1,5 +1,5 @@ name: yesod-auth -version: 1.4.17.1 +version: 1.4.17.2 license: MIT license-file: LICENSE author: Michael Snoyman, Patrick Brisbin From cc1fa4219224096f4885ced37f30af34f0a358dd Mon Sep 17 00:00:00 2001 From: Sibi Prabakaran Date: Thu, 18 May 2017 09:46:04 +0530 Subject: [PATCH 04/10] Update travis to use ghc-8.0.2 instead of 8.0.1 --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 9a2002f1..fcafa250 100644 --- a/.travis.yml +++ b/.travis.yml @@ -54,8 +54,8 @@ matrix: compiler: ": #GHC 7.10.3" addons: {apt: {packages: [cabal-install-1.22,ghc-7.10.3,happy-1.19.5,alex-3.1.7], sources: [hvr-ghc]}} - env: BUILD=cabal GHCVER=8.0.1 CABALVER=head HAPPYVER=1.19.5 ALEXVER=3.1.7 - compiler: ": #GHC 8.0.1" - addons: {apt: {packages: [cabal-install-head,ghc-8.0.1,happy-1.19.5,alex-3.1.7], sources: [hvr-ghc]}} + compiler: ": #GHC 8.0.2" + addons: {apt: {packages: [cabal-install-1.24.2.0,ghc-8.0.2,happy-1.19.5,alex-3.1.7], sources: [hvr-ghc]}} # Build with the newest GHC and cabal-install. This is an accepted failure, # see below. From d56485c3d346169e6320187cb8bac41d496e1628 Mon Sep 17 00:00:00 2001 From: Sibi Prabakaran Date: Thu, 18 May 2017 09:46:44 +0530 Subject: [PATCH 05/10] Cryptonite --- stack.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/stack.yaml b/stack.yaml index 03dfba42..0a596b78 100644 --- a/stack.yaml +++ b/stack.yaml @@ -23,6 +23,7 @@ extra-deps: - persistent-2.5 - persistent-sqlite-2.5 - cookie-0.4.2 +- cryptonite-0.23 - conduit-extra-1.1.14 - streaming-commons-0.1.16 From 4ba2fc8494547c15aa1156dfa1a8228bc2d64d5d Mon Sep 17 00:00:00 2001 From: Sibi Prabakaran Date: Thu, 18 May 2017 09:50:47 +0530 Subject: [PATCH 06/10] Add foundation to stack.yaml --- stack.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/stack.yaml b/stack.yaml index 0a596b78..b3eb41d3 100644 --- a/stack.yaml +++ b/stack.yaml @@ -24,6 +24,7 @@ extra-deps: - persistent-sqlite-2.5 - cookie-0.4.2 - cryptonite-0.23 +- foundation-0.0.9 - conduit-extra-1.1.14 - streaming-commons-0.1.16 From 36a98bc4ab210a695c6ca050d7314a6d5cced1da Mon Sep 17 00:00:00 2001 From: Sibi Prabakaran Date: Thu, 18 May 2017 12:06:36 +0530 Subject: [PATCH 07/10] Add memory to stack yaml for lts-2 --- stack.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/stack.yaml b/stack.yaml index b3eb41d3..cef0c7b5 100644 --- a/stack.yaml +++ b/stack.yaml @@ -1,4 +1,4 @@ -resolver: lts-6.23 +resolver: lts-2.12 packages: - ./yesod-core - ./yesod-static @@ -25,6 +25,7 @@ extra-deps: - cookie-0.4.2 - cryptonite-0.23 - foundation-0.0.9 +- memory-0.14.5 - conduit-extra-1.1.14 - streaming-commons-0.1.16 From 635470f7500b31e24ec94e634f2ef5ba61569748 Mon Sep 17 00:00:00 2001 From: Sibi Prabakaran Date: Thu, 18 May 2017 13:32:35 +0530 Subject: [PATCH 08/10] Change cabal install version --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index fcafa250..72ccdc49 100644 --- a/.travis.yml +++ b/.travis.yml @@ -55,7 +55,7 @@ matrix: addons: {apt: {packages: [cabal-install-1.22,ghc-7.10.3,happy-1.19.5,alex-3.1.7], sources: [hvr-ghc]}} - env: BUILD=cabal GHCVER=8.0.1 CABALVER=head HAPPYVER=1.19.5 ALEXVER=3.1.7 compiler: ": #GHC 8.0.2" - addons: {apt: {packages: [cabal-install-1.24.2.0,ghc-8.0.2,happy-1.19.5,alex-3.1.7], sources: [hvr-ghc]}} + addons: {apt: {packages: [cabal-install-1.24,ghc-8.0.2,happy-1.19.5,alex-3.1.7], sources: [hvr-ghc]}} # Build with the newest GHC and cabal-install. This is an accepted failure, # see below. From 37452896d2a77108189d5489d94da4e4397a5d89 Mon Sep 17 00:00:00 2001 From: Sibi Prabakaran Date: Thu, 18 May 2017 19:17:55 +0530 Subject: [PATCH 09/10] Try fixing travis error --- .travis.yml | 2 +- stack.yaml | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 72ccdc49..ee1a40b9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -53,7 +53,7 @@ matrix: - env: BUILD=cabal GHCVER=7.10.3 CABALVER=1.22 HAPPYVER=1.19.5 ALEXVER=3.1.7 compiler: ": #GHC 7.10.3" addons: {apt: {packages: [cabal-install-1.22,ghc-7.10.3,happy-1.19.5,alex-3.1.7], sources: [hvr-ghc]}} - - env: BUILD=cabal GHCVER=8.0.1 CABALVER=head HAPPYVER=1.19.5 ALEXVER=3.1.7 + - env: BUILD=cabal GHCVER=8.0.2 CABALVER=1.24 HAPPYVER=1.19.5 ALEXVER=3.1.7 compiler: ": #GHC 8.0.2" addons: {apt: {packages: [cabal-install-1.24,ghc-8.0.2,happy-1.19.5,alex-3.1.7], sources: [hvr-ghc]}} diff --git a/stack.yaml b/stack.yaml index cef0c7b5..88e1062b 100644 --- a/stack.yaml +++ b/stack.yaml @@ -1,4 +1,4 @@ -resolver: lts-2.12 +resolver: lts-6.23 packages: - ./yesod-core - ./yesod-static @@ -26,6 +26,14 @@ extra-deps: - cryptonite-0.23 - foundation-0.0.9 - memory-0.14.5 +- hfsevents-0.1.6 +- x509-1.6.5 +- x509-store-1.6.2 +- x509-system-1.6.4 +- x509-validation-1.6.5 +- tls-1.3.8 +- Win32-notify-0.3.0.1 + - conduit-extra-1.1.14 - streaming-commons-0.1.16 From ec90f48d889e616cc16e93645d8daac5ce1261b2 Mon Sep 17 00:00:00 2001 From: Sibi Prabakaran Date: Sun, 21 May 2017 19:53:28 +0530 Subject: [PATCH 10/10] Fix lts-2 related errors --- stack.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/stack.yaml b/stack.yaml index 88e1062b..57a79fa9 100644 --- a/stack.yaml +++ b/stack.yaml @@ -33,7 +33,10 @@ extra-deps: - x509-validation-1.6.5 - tls-1.3.8 - Win32-notify-0.3.0.1 - +- asn1-parse-0.9.4 +- asn1-types-0.3.2 +- connection-0.2.8 +- socks-0.5.5 - conduit-extra-1.1.14 - streaming-commons-0.1.16