[MIR] libsodium

I reviewed libsodium version 1.0.10-1 as checked into yakkety. This
shouldn't be considered a full security audit but rather a quick check of
maintainability. Furthermore this is not an audit of the fitness for
purpose of the cryptography in libsodium.

- No CVE history in our database
- libsodium provides a programmer- and packager-friendly library around
  the NaCl family of cryptography APIs.
- Depends: debhelper, pkg-config, dh-autoreconf
- Does not itself do networking
- Extensive cryptopgrahy
- Does not daemonize
- No pre/post inst/rm
- No init scripts
- No dbus services
- No setuid files
- No binaries in the PATH
- No sudo fragments
- No udev rules
- A test suite is run during the build
- No cron jobs
- Clean build logs

- No subprocesses spawned
- Memory management is careful, perhaps to the point of picky; it has its
  own routines that set up guard pages and provide byte-tainting of
  objects.
- Does not itself do file IO beyond /dev/random or /dev/urandom
- No logging
- No environment variable use
- No privileged functions
- No networking
- No privileged portions of code
- No temp files
- No WebKit
- No PolKit
- Extensive cppcheck warnings; manual inspection of randomly selected
  issues suggests failings in cppcheck.

libsodium's code is necessarily complicated; writing timing-resistant AES
is very difficult, writing timing-resistant GCM mode is very difficult,
and I wouldn't be surprised if there are going to be more flaws discovered
in both these code paths. The ECC, ChaCha20, and Poly1305 code certainly
requires expert advice to modify.

However, that said, the NaCl APIs are easier for application authors to
use properly than other cryptography libraries, and libsodium has the
combined support of the opensource cryptographic communities.

Security team ACK for promoting libsodium to main.

Thanks

- Needs a team bug subscriber.

Otherwise, looks great!

unity-api-team subscribed now

Override component to main
libsodium 1.0.11-1 in yakkety: universe/misc -> main
libsodium-dbg 1.0.11-1 in yakkety amd64: universe/debug/extra/100% -> main
libsodium-dbg 1.0.11-1 in yakkety arm64: universe/debug/extra/100% -> main
libsodium-dbg 1.0.11-1 in yakkety armhf: universe/debug/extra/100% -> main
libsodium-dbg 1.0.11-1 in yakkety i386: universe/debug/extra/100% -> main
libsodium-dbg 1.0.11-1 in yakkety powerpc: universe/debug/extra/100% -> main
libsodium-dbg 1.0.11-1 in yakkety ppc64el: universe/debug/extra/100% -> main
libsodium-dbg 1.0.11-1 in yakkety s390x: universe/debug/extra/100% -> main
libsodium-dev 1.0.11-1 in yakkety amd64: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.11-1 in yakkety arm64: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.11-1 in yakkety armhf: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.11-1 in yakkety i386: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.11-1 in yakkety powerpc: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.11-1 in yakkety ppc64el: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.11-1 in yakkety s390x: universe/libdevel/optional/100% -> main
libsodium18 1.0.11-1 in yakkety amd64: universe/libs/optional/100% -> main
libsodium18 1.0.11-1 in yakkety arm64: universe/libs/optional/100% -> main
libsodium18 1.0.11-1 in yakkety armhf: universe/libs/optional/100% -> main
libsodium18 1.0.11-1 in yakkety i386: universe/libs/optional/100% -> main
libsodium18 1.0.11-1 in yakkety powerpc: universe/libs/optional/100% -> main
libsodium18 1.0.11-1 in yakkety ppc64el: universe/libs/optional/100% -> main
libsodium18 1.0.11-1 in yakkety s390x: universe/libs/optional/100% -> main
22 publications overridden.

php7.2-cli has grown a dependency on libsodium. We have subscribed ~ubuntu-server to it for the purpose of re-implementing this MIR for 18.04.

Override component to main
libsodium 1.0.14-1 in bionic: universe/misc -> main
libsodium-dbg 1.0.14-1 in bionic amd64: universe/debug/extra/100% -> main
libsodium-dbg 1.0.14-1 in bionic arm64: universe/debug/extra/100% -> main
libsodium-dbg 1.0.14-1 in bionic armhf: universe/debug/extra/100% -> main
libsodium-dbg 1.0.14-1 in bionic i386: universe/debug/extra/100% -> main
libsodium-dbg 1.0.14-1 in bionic ppc64el: universe/debug/extra/100% -> main
libsodium-dbg 1.0.14-1 in bionic s390x: universe/debug/extra/100% -> main
libsodium-dev 1.0.14-1 in bionic amd64: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.14-1 in bionic arm64: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.14-1 in bionic armhf: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.14-1 in bionic i386: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.14-1 in bionic ppc64el: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.14-1 in bionic s390x: universe/libdevel/optional/100% -> main
libsodium18 1.0.14-1 in bionic amd64: universe/libs/optional/100% -> main
libsodium18 1.0.14-1 in bionic arm64: universe/libs/optional/100% -> main
libsodium18 1.0.14-1 in bionic armhf: universe/libs/optional/100% -> main
libsodium18 1.0.14-1 in bionic i386: universe/libs/optional/100% -> main
libsodium18 1.0.14-1 in bionic ppc64el: universe/libs/optional/100% -> main
libsodium18 1.0.14-1 in bionic s390x: universe/libs/optional/100% -> main
19 publications overridden.

This is an ack request to include libsodium18 in main for trusty needed as a dependency of ubuntu-advantage-tools through it's use of python3-pymacaroons.

The dependency chain is as follows:
 ubuntu-advantage-tools -> python3-pymacaroons (0.9.2) -> python3-libnacl -> libsodium18

libsodium18 already exists in xenial.

The other related open MIRs for these packages:
   python3-pymacaroons: LP: #1746772
   python3-libnacl: LP: #1817327

I added tasks for Xenial and Trusty, the main task I set back to fix released as that is truly complete and didn't change. This is "just" for the time-warping back for X/T which we will have to evaluate.

I'll start on the MIR evaluation of those later on today

This is a special case, as we have the newer versions already in main in Bionic.
Therefore the evaluation checks if the older version has CVEs, packaging issues and such - but is no full re-evaluation.

[Duplication]
No duplication, it is one of the more common python backends for cryptography.

[Embedded sources and static linking]
- no embedded sources
- no static linking
- no golang

[Security]
This is one of the biggest parts of the re-check as we need to ensure that the older version has no known or unmaintainable deficiencies
But it seems fine - no existing CVEs associated.

It still is security sensitive, as it's purpose is to handle tokens that entitle users of a given feature.
Therefore I'd want an ack by the ubuntu-security team - which given it is a re-review should go fast as well.

[Common blockers]
- builds fine in Xenial last time, I asked for a rebuild to prove that also trusty will be fine
- Testsuite is running and blocking build on Xenial as well as on newer versions
- the server team is already subscribed to the package
- no user visible output that needs translation
- only python3 dependencies are used (but then for Xenial/Trusty this wouldn't even be important)
- dh_python is in use

[Packaging red flags]
- no Ubuntu delta?
- a symbols file is tracking ABI on build
- debian/watch present
- updates were ok so far (it isn't moving too fast thou)
- no massive Lintian warnings
- very clean d/rules (almost only dh @)

[Upstream red flags]
- no build errors on the Xenial version that will be added to main
- no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH
- one older bug, but nothing serious or affecting the MIR
- no dependency on webkit, qtwebkit, seed or libgoa-*

[Summary]
As expected - since the newer versions are already in main - this wasn't too critical.
After comparing the differences of the version in main in bionic to what shall be promited in Xenial/Trusty there were no blockers identified.

TODOs:
@Chad - since this wasn't built a long time in Xenial and never before in Trusty. Could you please provide a PPA that builds the set of three packages in both Releases?

@Security - this package does cryptography, so IMHO security ack is needed. The reason for that is that the version in main is libsodium23 at 1.0.16-2 or higher but for Xenial/Trusty it will be libsodium18 at 1.0.8-5 (as in Xenial). I'll do the assign on the bug tasks.

I proved the (re)build quality for Xenial (to be sure) and since it will be new for Trusty as well.

Xenial: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3667
Trusty: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3668

Both releases build logs seem sane, no FTBFS and no deviation from what was checked (Xenial LP builds) in the MIR review.

That said I think we can start prepping that for the Trusty new queue as SRU already.

The package is now in trusty-proposed (universe) and ready for promotion once the ubuntu-advantage-tools upload pulling it in appears in -proposed.

Updating the state of the bug per https://wiki.ubuntu.com/MIRTeam#Process_states

Actually in this case of three packages only bug 1746772 is complete already, this one here waits for the Security Team ack before being fully complete - but all other blockers are passed.
But the Security Team is already aware, so no need to change anything yet.

@Security Team - once review is (hopefully) good feel free to set to "in progress" per
https://wiki.ubuntu.com/MIRTeam#Process_states

I reviewed libsodium version 1.0.8-5 as checked into xenial, looking for
any deviations from Seth's original review since this is a different
version.

- No CVE history in our database
- libsodium provides a programmer- and packager-friendly library around
  the NaCl family of cryptography APIs.
- Depends: debhelper, pkg-config, dh-autoreconf
- Does not itself do networking
- Extensive cryptopgrahy
- Does not daemonize
- No pre/post inst/rm
- No init scripts
- No dbus services
- No setuid files
- No binaries in the PATH
- No sudo fragments
- No udev rules
- A test suite is run during the build
- No cron jobs
- Clean build logs

- No subprocesses spawned
- Memory management is very careful.
- Does not itself do file IO beyond /dev/random or /dev/urandom
- No logging
- No environment variable use
- No privileged functions
- No networking
- No privileged portions of code
- No temp files
- No WebKit
- No PolKit
- Extensive cppcheck warnings; manual inspection of randomly selected
  issues suggests failings in cppcheck (doesn't understand uint128_t and
  assumes it is 32-bits wide so falsely flags bit shifts of 32-bits or
  larger of this as errors)

Security team ACK for promoting libsodium to main for Xenial / Trusty.

Override component to main
libsodium 1.0.8-5~ubuntu14.04.1 in trusty: universe/libs -> main
libsodium-dbg 1.0.8-5~ubuntu14.04.1 in trusty amd64: universe/debug/extra/100% -> main
libsodium-dbg 1.0.8-5~ubuntu14.04.1 in trusty arm64: universe/debug/extra/100% -> main
libsodium-dbg 1.0.8-5~ubuntu14.04.1 in trusty armhf: universe/debug/extra/100% -> main
libsodium-dbg 1.0.8-5~ubuntu14.04.1 in trusty i386: universe/debug/extra/100% -> main
libsodium-dbg 1.0.8-5~ubuntu14.04.1 in trusty powerpc: universe/debug/extra/100% -> main
libsodium-dbg 1.0.8-5~ubuntu14.04.1 in trusty ppc64el: universe/debug/extra/100% -> main
libsodium-dev 1.0.8-5~ubuntu14.04.1 in trusty amd64: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.8-5~ubuntu14.04.1 in trusty arm64: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.8-5~ubuntu14.04.1 in trusty armhf: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.8-5~ubuntu14.04.1 in trusty i386: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.8-5~ubuntu14.04.1 in trusty powerpc: universe/libdevel/optional/100% -> main
libsodium-dev 1.0.8-5~ubuntu14.04.1 in trusty ppc64el: universe/libdevel/optional/100% -> main
libsodium18 1.0.8-5~ubuntu14.04.1 in trusty amd64: universe/libs/optional/100% -> main
libsodium18 1.0.8-5~ubuntu14.04.1 in trusty arm64: universe/libs/optional/100% -> main
libsodium18 1.0.8-5~ubuntu14.04.1 in trusty armhf: universe/libs/optional/100% -> main
libsodium18 1.0.8-5~ubuntu14.04.1 in trusty i386: universe/libs/optional/100% -> main
libsodium18 1.0.8-5~ubuntu14.04.1 in trusty powerpc: universe/libs/optional/100% -> main
libsodium18 1.0.8-5~ubuntu14.04.1 in trusty ppc64el: universe/libs/optional/100% -> main
19 publications overridden.

Copy candidates:
 libsodium 1.0.8-5 in xenial
 libsodium-dbg 1.0.8-5 in xenial amd64
 libsodium-dbg 1.0.8-5 in xenial arm64
 libsodium-dbg 1.0.8-5 in xenial armhf
 libsodium-dbg 1.0.8-5 in xenial i386
 libsodium-dbg 1.0.8-5 in xenial powerpc
 libsodium-dbg 1.0.8-5 in xenial ppc64el
 libsodium-dbg 1.0.8-5 in xenial s390x
 libsodium-dev 1.0.8-5 in xenial amd64
 libsodium-dev 1.0.8-5 in xenial arm64
 libsodium-dev 1.0.8-5 in xenial armhf
 libsodium-dev 1.0.8-5 in xenial i386
 libsodium-dev 1.0.8-5 in xenial powerpc
 libsodium-dev 1.0.8-5 in xenial ppc64el
 libsodium-dev 1.0.8-5 in xenial s390x
 libsodium-dev-dbgsym 1.0.8-5 in xenial amd64
 libsodium-dev-dbgsym 1.0.8-5 in xenial arm64
 libsodium-dev-dbgsym 1.0.8-5 in xenial armhf
 libsodium-dev-dbgsym 1.0.8-5 in xenial i386
 libsodium-dev-dbgsym 1.0.8-5 in xenial powerpc
 libsodium-dev-dbgsym 1.0.8-5 in xenial ppc64el
 libsodium-dev-dbgsym 1.0.8-5 in xenial s390x
 libsodium18 1.0.8-5 in xenial amd64
 libsodium18 1.0.8-5 in xenial arm64
 libsodium18 1.0.8-5 in xenial armhf
 libsodium18 1.0.8-5 in xenial i386
 libsodium18 1.0.8-5 in xenial powerpc
 libsodium18 1.0.8-5 in xenial ppc64el
 libsodium18 1.0.8-5 in xenial s390x
 libsodium18-dbgsym 1.0.8-5 in xenial amd64
 libsodium18-dbgsym 1.0.8-5 in xenial arm64
 libsodium18-dbgsym 1.0.8-5 in xenial armhf
 libsodium18-dbgsym 1.0.8-5 in xenial i386
 libsodium18-dbgsym 1.0.8-5 in xenial powerpc
 libsodium18-dbgsym 1.0.8-5 in xenial ppc64el
 libsodium18-dbgsym 1.0.8-5 in xenial s390x
Candidate copy target: https://api.launchpad.net/devel/ubuntu/+archive/primary
Copy [y|N]? y
36 copies requested.
$ q -Q unapproved -s xenial-updates override -c main libsodium
Overriding libsodium_1.0.8-5 (universe/misc)
20445625 | X- | libsodium | 1.0.8-5 | 1 minute
  | * libsodium/1.0.8-5 Component: main Section: misc
$ q -Q unapproved -s xenial-updates accept libsodium
Accepting libsodium/1.0.8-5