diff --git a/src/sha1collisiondetection/debian/changelog b/src/sha1collisiondetection/debian/changelog index e432f8c..a22f1ab 100644 --- a/src/sha1collisiondetection/debian/changelog +++ b/src/sha1collisiondetection/debian/changelog @@ -1,3 +1,10 @@ +rust-sha1collisiondetection (0.2.3-1) UNRELEASED-FIXME-AUTOGENERATED-DEBCARGO; urgency=medium + + * Package sha1collisiondetection 0.2.3 from crates.io using debcargo 2.4.3 + * Closes: #977421 + + -- Daniel Kahn Gillmor Tue, 15 Dec 2020 10:57:05 -0500 + rust-sha1collisiondetection (0.2.2-2) unstable; urgency=medium * Package sha1collisiondetection 0.2.2 from crates.io using debcargo 2.4.3 diff --git a/src/sha1collisiondetection/debian/patches/drop-digest-trait.diff b/src/sha1collisiondetection/debian/patches/drop-digest-trait.diff index c4a2007..b9a520c 100644 --- a/src/sha1collisiondetection/debian/patches/drop-digest-trait.diff +++ b/src/sha1collisiondetection/debian/patches/drop-digest-trait.diff @@ -6,37 +6,52 @@ Once those updates are done, then we can add the digest-trait feature back. +Also, the structopt "feature" is really just a build-dependency for +the sha1cdsum binary, so we don't want it as an additional feature. + +debcargo doesn't seem to have a way to represent this cleanly +(#977491) so we'll just treat it as non-optional for now. + --- a/Cargo.toml +++ b/Cargo.toml -@@ -30,9 +30,6 @@ +@@ -29,10 +29,7 @@ + [[bin]] name = "sha1cdsum" path = "src/main.rs" - required-features = ["std"] +-required-features = ["std", "structopt"] -[dependencies.digest] -version = "0.9" -optional = true ++required-features = ["std"] [dependencies.generic-array] version = ">= 0.12, < 0.15" -@@ -40,9 +37,6 @@ +@@ -40,14 +37,9 @@ [dependencies.libc] version = "0.2" -[dependencies.sha-1] -version = "0.9" -optional = true +- + [dependencies.structopt] + version = "0.3" +-optional = true +-default-features = false ++ [dev-dependencies.getrandom] version = "0.1" -@@ -50,9 +44,8 @@ +@@ -55,9 +47,9 @@ version = "0.3" [features] --default = ["std", "digest-trait"] +-default = ["std", "digest-trait", "structopt"] -digest-trait = ["digest", "sha-1"] +-std = ["digest/std"] +default = ["std"] --std = ["digest/std"] +std = [] ++ [badges.gitlab] repository = "sequoia-pgp/sha1collisiondetection" - + diff --git a/src/sha1collisiondetection/debian/sha1cdsum.1 b/src/sha1collisiondetection/debian/sha1cdsum.1 index 425be62..3a8b862 100644 --- a/src/sha1collisiondetection/debian/sha1cdsum.1 +++ b/src/sha1collisiondetection/debian/sha1cdsum.1 @@ -1,34 +1,73 @@ -.TH SHA1CDSUM "1" "December 2020" "sha1collisiondetection" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.16. +.TH SHA1CDSUM "1" "December 2020" "sha1cdsum 0.2.3" "User Commands" .SH NAME -sha1cdsum \- SHA\-1 Collision Detection +sha1cdsum \- SHA-1 digests with collision detection .SH DESCRIPTION -sha1cdsum does a SHA\-1 cryptographic digest, but diverges from SHA\-1 -when it encounters the most common forms of attack against the -algorithm's collision resistance. +sha1cdsum 0.2.3 +Print or check SHA1 (160\-bit) checksums with collision detection. +.SS "USAGE:" +.IP +sha1cdsum [FLAGS] [files]... +.SS "FLAGS:" +.TP +\fB\-b\fR, \fB\-\-binary\fR +read in binary mode +.TP +\fB\-c\fR, \fB\-\-check\fR +read SHA1 sums from the FILEs and check them +.TP +\fB\-h\fR, \fB\-\-help\fR +Prints help information +.TP +\fB\-\-tag\fR +create a BSD\-style checksum +.TP +\fB\-t\fR, \fB\-\-text\fR +read in text mode +.TP +\fB\-V\fR, \fB\-\-version\fR +Prints version information +.TP +\fB\-z\fR, \fB\-\-zero\fR +end each output line with NUL, not newline, and disable file name escaping +.TP +\fB\-\-ignore\-missing\fR +don't fail or report status for missing files +.TP +\fB\-\-quiet\fR +don't print OK for each successfully verified file +.TP +\fB\-\-status\fR +don't output anything, status code shows success +.TP +\fB\-\-strict\fR +exit non\-zero for improperly formatted checksum lines +.TP +\fB\-w\fR, \fB\-\-warn\fR +warn about improperly formatted checksum lines +.SS "ARGS:" +.TP +... +Input file(s). With no FILE, or when FILE is \-, read standard input .PP -When such an attack is detected, it produces a different digest and -indicates that a collision block was observed. -.SS USAGE -.B sha1cdsum -reads and calculates over data it receives on standard input, and -ignores all command line options. But see the WARNING below about -interface stability. -.SS EXAMPLE -.nf -\f[C] -$ sha1cdsum < /dev/null -this is a stub implementation! -da39a3ee5e6b4b0d3255bfef95601890afd80709 -$ zcat /usr/share/doc/sha1cdsum/examples/shattered-1.pdf.gz | sha1cdsum -this is a stub implementation! -*coll* e1761773e6a35916d99f891b77663e6405313587 -$ -\f[R] -.fi -.SS WARNING -The API for this command is unstable and likely to change! See -https://gitlab.com/sequoia-pgp/sha1collisiondetection/-/issues/2 for details. -.SS SEE ALSO +The last five options are useful only when verifying checksums. +.PP +The sums are computed using Marc Stevens' modified SHA1 that detects +collision attacks. When checking, the input should be a former output +of this program. The default mode is to print a line with checksum, a +space, a character indicating input mode ('*' for binary, ' ' for text +or where binary is insignificant), and name for each FILE. +.PP +If a collision is detected, '*coll*' is printed in front of the file +name. +.PP +Note: There is no difference between binary mode and text mode on GNU +systems. +.PP +This program implements the same interface as coreutils' sha1sum, +modulo error messages printed to stderr, handling of non\-UTF8 +filenames, and bugs. +.SH "SEE ALSO" .BR https://shattered.io/ .PP .BR https://sha\-mbles.github.io/ diff --git a/src/sha1collisiondetection/debian/sha1cdsum.1.include b/src/sha1collisiondetection/debian/sha1cdsum.1.include new file mode 100644 index 0000000..c0e19c7 --- /dev/null +++ b/src/sha1collisiondetection/debian/sha1cdsum.1.include @@ -0,0 +1,6 @@ +[SEE ALSO] +.BR https://shattered.io/ +.PP +.BR https://sha\-mbles.github.io/ +.PP +.BR https://gitlab.com/sequoia-pgp/sha1collisiondetection