af9568fae8
SECURITY ISSUE: Fixed a bug where certain sequences of update() calls when symmetrically encrypting very large payloads (>2GB) could result in an integer overflow, leading to buffer overflows. CVE-2020-36242 Note: This also updates {,vectors-}3.3.nix (for Python 2 / nixops) because of the security issue.
24 lines
725 B
Nix
24 lines
725 B
Nix
{ buildPythonPackage, fetchPypi, lib, cryptography }:
|
|
|
|
buildPythonPackage rec {
|
|
pname = "cryptography_vectors";
|
|
# The test vectors must have the same version as the cryptography package:
|
|
version = cryptography.version;
|
|
|
|
src = fetchPypi {
|
|
inherit pname version;
|
|
sha256 = "1yhaps0f3h2yjb6lmz953z1l1d84y9swk4k3gj9nqyk4vbx5m7cc";
|
|
};
|
|
|
|
# No tests included
|
|
doCheck = false;
|
|
|
|
meta = with lib; {
|
|
description = "Test vectors for the cryptography package";
|
|
homepage = "https://cryptography.io/en/latest/development/test-vectors/";
|
|
# Source: https://github.com/pyca/cryptography/tree/master/vectors;
|
|
license = with licenses; [ asl20 bsd3 ];
|
|
maintainers = with maintainers; [ primeos ];
|
|
};
|
|
}
|