Hash Sum mismatch

I believe that this hashsum mismatch is due to a bug in the used sha256 algorithm that generates the release file. Attached is a testcase to verify this theory.

The archive issue has now been resolved, so closing the update-manager task. This still needs to be fixed in soyuz rockefuel, leaving that task open.

A (tested) patch that addresses this issue is available for review at drescher:~adconrad/publishing.diff

Perhaps worth noting in the comment block that "hashlib" in python2.5 and higher has a working sha256 implementation, so if using python-apt annoys you, we can switch to hashlib once drescher moves from dapper to something more modern.

RF 4707

This sounds like a bug that was fixed in pycrypto in June of 2005:

https://sourceforge.net/tracker/?func=detail&atid=120937&aid=1154530&group_id=20937

The fixed version was released in, if I recall correctly, pycrypto 2.0.1, which is also the last release of pycrypto.

So was the problem encountered with pycrypto < v2.0.1? If so, then a solution is to upgrade to pycrypto 2.0.1. If the problem was encountered in pycrypto 2.0.1 then we need to know so that pycrypto can be updated (by Andrew M. Kuchling) or so that everyone can stop using pycrypto and switch to something else...

Okay, I've learned that there is another bug in the sha-256 implementation in pycrypto:

http://sourceforge.net/tracker/index.php?func=detail&aid=1740198&group_id=20937&atid=120937

This bug report, along with patch that fixes it (below) and instructions for how to test the bug and the fix have been sitting in pycrypto bug tracker since June of this year.

This is further evidence, in my humble opinion, that pycrypto is unmaintained and that its use should be deprecated.

Hopefully such a deprecation will result in either a new maintainer stepping up to take over from AMK, or a new library (possibly the Python standard library itself) taking over pycrypto's functions.

Regards,

Zooko

--- SHA256.c 2005-06-14 00:14:57.000000000 +0000
+++ SHA256.c 2007-06-20 08:00:53.000000000 +0000
@@ -140,7 +140,7 @@
* then compress. Then we can fall back to
padding zeros and length
* encoding like normal.
*/
- if (md->curlen >= 56) {
+ if (md->curlen > 56) {
for (; md->curlen < 64;)
md->buf[md->curlen++] = 0;
sha_compress(md);

I am going to maintain PyCrypto. There are a lot of changes I want to make---like deprecating RandomPool, since too many people misuse it, and I want to set up a mailing list and a new website---so it'll take me a while to make a release, but I'm up to the task.

For what it is worth, last October (2007-10) I started writing my own Python wrappers around the excellent Crypto++ library -- http://cryptopp.com . The resulting Python module -- http://allmydata.org/trac/pycryptopp -- does only what I need it to do for the Tahoe Least-Authority Filesystem project -- http://allmydata.org -- but I am very happy with the strong quality control of the Crypto++ library (i.e. it has many tests and few bugs have been found in released versions of Crypto++, and it was the first open source software to get FIPS 140-2 level 1), and its good performance and its very wide variety of supported crypto algorithms.