From c0ae9d643789400aa101d99d25ac72b86163e160c043832b5265d8dcbdaf7d21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Fri, 28 Mar 2025 16:36:39 +0100 Subject: [PATCH] Sync from SUSE:SLFO:Main python-cryptography revision fd4e6ec21a65cebeef3c0e41ba79114f --- _service | 1 - cryptography-43.0.3.tar.gz | 3 -- cryptography-44.0.0.tar.gz | 3 ++ no-pytest_benchmark.patch | 91 ++++++++++++++++--------------------- python-cryptography.changes | 42 +++++++++++++++++ python-cryptography.spec | 20 ++------ vendor.tar.zst | 4 +- 7 files changed, 90 insertions(+), 74 deletions(-) delete mode 100644 cryptography-43.0.3.tar.gz create mode 100644 cryptography-44.0.0.tar.gz diff --git a/_service b/_service index 0544aa1..f830ece 100644 --- a/_service +++ b/_service @@ -2,7 +2,6 @@ cryptography-* - src/rust/Cargo.toml zst diff --git a/cryptography-43.0.3.tar.gz b/cryptography-43.0.3.tar.gz deleted file mode 100644 index 422826a..0000000 --- a/cryptography-43.0.3.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:315b9001266a492a6ff443b61238f956b214dbec9910a081ba5b6646a055a805 -size 686989 diff --git a/cryptography-44.0.0.tar.gz b/cryptography-44.0.0.tar.gz new file mode 100644 index 0000000..bf19814 --- /dev/null +++ b/cryptography-44.0.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:cd4e834f340b4293430701e772ec543b0fbe6c2dea510a5286fe0acabe153a02 +size 710657 diff --git a/no-pytest_benchmark.patch b/no-pytest_benchmark.patch index a1dd680..e94a9d6 100644 --- a/no-pytest_benchmark.patch +++ b/no-pytest_benchmark.patch @@ -1,26 +1,16 @@ ---- - pyproject.toml | 31 ------------------------- - tests/bench/test_aead.py | 40 ++++++++++++++++----------------- - tests/bench/test_ec_load.py | 8 +++--- - tests/bench/test_hashes.py | 4 +-- - tests/bench/test_hmac.py | 4 +-- - tests/bench/test_x509.py | 16 ++++++------- - 7 files changed, 37 insertions(+), 68 deletions(-) - -Index: cryptography-43.0.3/pyproject.toml -=================================================================== ---- cryptography-43.0.3.orig/pyproject.toml -+++ cryptography-43.0.3/pyproject.toml -@@ -66,8 +66,6 @@ nox = ["nox"] +diff -ruN cryptography-44.0.0.orig/pyproject.toml cryptography-44.0.0/pyproject.toml +--- cryptography-44.0.0.orig/pyproject.toml 2025-01-26 18:48:58.157318687 +0800 ++++ cryptography-44.0.0/pyproject.toml 2025-01-26 18:56:46.010819868 +0800 +@@ -67,8 +67,6 @@ test = [ - "cryptography_vectors==43.0.3", - "pytest >=6.2.0", -- "pytest-benchmark", -- "pytest-cov", - "pytest-xdist", - "pretend", - "certifi", -@@ -117,7 +115,7 @@ exclude = [ + "cryptography_vectors==44.0.0", + "pytest >=7.4.0", +- "pytest-benchmark >=4.0", +- "pytest-cov >=2.10.1", + "pytest-xdist >=3.5.0", + "pretend >=0.7", + "certifi >=2024", +@@ -118,7 +116,7 @@ ] [tool.pytest.ini_options] @@ -29,7 +19,7 @@ Index: cryptography-43.0.3/pyproject.toml console_output_style = "progress-even-when-capture-no" markers = [ "skip_fips: this test is not executed in FIPS mode", -@@ -139,33 +137,6 @@ module = [ +@@ -140,33 +138,6 @@ ] ignore_missing_imports = true @@ -43,14 +33,14 @@ Index: cryptography-43.0.3/pyproject.toml - -[tool.coverage.paths] -source = [ -- "src/cryptography", -- "*.nox/*/lib*/python*/site-packages/cryptography", -- "*.nox\\*\\Lib\\site-packages\\cryptography", -- "*.nox/pypy/site-packages/cryptography", +- "src/cryptography", +- "*.nox/*/lib*/python*/site-packages/cryptography", +- "*.nox\\*\\Lib\\site-packages\\cryptography", +- "*.nox/pypy/site-packages/cryptography", -] --tests =[ -- "tests/", -- "*tests\\", +-tests = [ +- "tests/", +- "*tests\\", -] - -[tool.coverage.report] @@ -63,11 +53,10 @@ Index: cryptography-43.0.3/pyproject.toml [tool.ruff] line-length = 79 -Index: cryptography-43.0.3/tests/bench/test_aead.py -=================================================================== ---- cryptography-43.0.3.orig/tests/bench/test_aead.py -+++ cryptography-43.0.3/tests/bench/test_aead.py -@@ -26,84 +26,84 @@ def _aead_supported(cls): +diff -ruN cryptography-44.0.0.orig/tests/bench/test_aead.py cryptography-44.0.0/tests/bench/test_aead.py +--- cryptography-44.0.0.orig/tests/bench/test_aead.py 2025-01-26 18:48:58.218037106 +0800 ++++ cryptography-44.0.0/tests/bench/test_aead.py 2025-01-26 18:57:45.747649958 +0800 +@@ -26,84 +26,84 @@ not _aead_supported(ChaCha20Poly1305), reason="Requires OpenSSL with ChaCha20Poly1305 support", ) @@ -172,10 +161,9 @@ Index: cryptography-43.0.3/tests/bench/test_aead.py ct = aes.encrypt(b"\x00" * 12, b"hello world plaintext", None) - benchmark(aes.decrypt, b"\x00" * 12, ct, None) + aes.decrypt(b"\x00" * 12, ct, None) -Index: cryptography-43.0.3/tests/bench/test_ec_load.py -=================================================================== ---- cryptography-43.0.3.orig/tests/bench/test_ec_load.py -+++ cryptography-43.0.3/tests/bench/test_ec_load.py +diff -ruN cryptography-44.0.0.orig/tests/bench/test_ec_load.py cryptography-44.0.0/tests/bench/test_ec_load.py +--- cryptography-44.0.0.orig/tests/bench/test_ec_load.py 2025-01-26 18:48:58.218037106 +0800 ++++ cryptography-44.0.0/tests/bench/test_ec_load.py 2025-01-26 18:57:45.748641371 +0800 @@ -5,9 +5,9 @@ from ..hazmat.primitives.fixtures_ec import EC_KEY_SECP256R1 @@ -190,10 +178,9 @@ Index: cryptography-43.0.3/tests/bench/test_ec_load.py - benchmark(EC_KEY_SECP256R1.private_key) +def test_load_ec_private_numbers(): + EC_KEY_SECP256R1.private_key() -Index: cryptography-43.0.3/tests/bench/test_hashes.py -=================================================================== ---- cryptography-43.0.3.orig/tests/bench/test_hashes.py -+++ cryptography-43.0.3/tests/bench/test_hashes.py +diff -ruN cryptography-44.0.0.orig/tests/bench/test_hashes.py cryptography-44.0.0/tests/bench/test_hashes.py +--- cryptography-44.0.0.orig/tests/bench/test_hashes.py 2025-01-26 18:48:58.218037106 +0800 ++++ cryptography-44.0.0/tests/bench/test_hashes.py 2025-01-26 18:57:45.748943321 +0800 @@ -5,10 +5,10 @@ from cryptography.hazmat.primitives import hashes @@ -207,10 +194,9 @@ Index: cryptography-43.0.3/tests/bench/test_hashes.py - benchmark(bench) + bench() -Index: cryptography-43.0.3/tests/bench/test_hmac.py -=================================================================== ---- cryptography-43.0.3.orig/tests/bench/test_hmac.py -+++ cryptography-43.0.3/tests/bench/test_hmac.py +diff -ruN cryptography-44.0.0.orig/tests/bench/test_hmac.py cryptography-44.0.0/tests/bench/test_hmac.py +--- cryptography-44.0.0.orig/tests/bench/test_hmac.py 2025-01-26 18:48:58.218037106 +0800 ++++ cryptography-44.0.0/tests/bench/test_hmac.py 2025-01-26 18:57:45.749219559 +0800 @@ -5,10 +5,10 @@ from cryptography.hazmat.primitives import hashes, hmac @@ -224,11 +210,10 @@ Index: cryptography-43.0.3/tests/bench/test_hmac.py - benchmark(bench) + bench() -Index: cryptography-43.0.3/tests/bench/test_x509.py -=================================================================== ---- cryptography-43.0.3.orig/tests/bench/test_x509.py -+++ cryptography-43.0.3/tests/bench/test_x509.py -@@ -13,40 +13,40 @@ from cryptography import x509 +diff -ruN cryptography-44.0.0.orig/tests/bench/test_x509.py cryptography-44.0.0/tests/bench/test_x509.py +--- cryptography-44.0.0.orig/tests/bench/test_x509.py 2025-01-26 18:48:58.218037106 +0800 ++++ cryptography-44.0.0/tests/bench/test_x509.py 2025-01-26 18:57:45.749471922 +0800 +@@ -13,40 +13,40 @@ from ..utils import load_vectors_from_file @@ -278,7 +263,7 @@ Index: cryptography-43.0.3/tests/bench/test_x509.py limbo_root = pytestconfig.getoption("--x509-limbo-root", skip=True) with open(os.path.join(limbo_root, "limbo.json"), "rb") as f: [testcase] = [ -@@ -78,4 +78,4 @@ def test_verify_docs_python_org(benchmar +@@ -78,4 +78,4 @@ ) verifier.verify(leaf, intermediates) diff --git a/python-cryptography.changes b/python-cryptography.changes index 5f1d3dc..7e9f16a 100644 --- a/python-cryptography.changes +++ b/python-cryptography.changes @@ -1,3 +1,45 @@ +------------------------------------------------------------------- +Sun Jan 26 10:59:13 UTC 2025 - Soc Virnyl Estela + +- Update to version 44.0.0: + * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.9. + * Deprecated Python 3.7 support. Python 3.7 is no longer supported by + the Python core team. Support for Python 3.7 will be removed in a future + cryptography release. + * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0. + * macOS wheels are now built against the macOS 10.13 SDK. Users on older + versions of macOS should upgrade, or they will need to build cryptography + themselves. + * Enforce the RFC 5280 requirement that extended key usage extensions must not be empty. + * Added support for timestamp extraction to the :class:`~cryptography.fernet.MultiFernet` class. + * Relax the Authority Key Identifier requirements on root CA certificates + during X.509 verification to allow fields permitted by RFC 5280 but + forbidden by the CA/Browser BRs. + * Added support for + :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id` when using + OpenSSL 3.2.0+. + * Added support for the :class:`~cryptography.x509.Admissions` certificate extension. + * Added basic support for PKCS7 decryption (including S/MIME 3.2) via + :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`, + :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, + and :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`. +- Update specfile to accommodate new project structure at version 44.0.0 +- Update no-pytest_benchmark.patch + +------------------------------------------------------------------- +Fri Nov 8 10:08:46 UTC 2024 - Ben Greiner + +- Fix requires_eq replacement for distributions which do not have + python3-cffi installed (such as SLE15 python module pythons) + * gh#openSUSE/python-rpm-macros#185 +- Remove outdated section in description + +------------------------------------------------------------------- +Tue Nov 5 08:03:40 UTC 2024 - Dominique Leuenberger + +- Avoid using requires_eq, which after the last modifications + conflicts with python singlespec (order of expansion). + ------------------------------------------------------------------- Tue Oct 22 13:26:21 UTC 2024 - Dirk Müller diff --git a/python-cryptography.spec b/python-cryptography.spec index 0ff25e7..bcf0ec4 100644 --- a/python-cryptography.spec +++ b/python-cryptography.spec @@ -1,7 +1,7 @@ # # spec file for package python-cryptography # -# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -28,7 +28,7 @@ %{?sle15_python_module_pythons} Name: python-cryptography%{psuffix} # ALWAYS KEEP IN SYNC WITH python-cryptography-vectors! -Version: 43.0.3 +Version: 44.0.0 Release: 0 Summary: Python library which exposes cryptographic recipes and primitives License: Apache-2.0 OR BSD-3-Clause @@ -61,7 +61,7 @@ BuildRequires: pkgconfig(libffi) # python-base is not enough, we need the _ssl module Requires: python Requires: python-bcrypt -%requires_eq python-cffi +Requires: python-cffi = %(rpm -q --whatprovides python-cffi --qf "%%{version}") %if %{with test} BuildRequires: %{python_module bcrypt} BuildRequires: %{python_module certifi} @@ -79,11 +79,6 @@ BuildRequires: %{python_module pytz} %python_subpackages %description -cryptography is a package designed to expose cryptographic -recipes and primitives to Python developers. Our goal is -for it to be your "cryptographic standard library". It -supports Python 2.7, Python 3.4+, and PyPy-5.3+. - cryptography includes both high level recipes, and low level interfaces to common cryptographic algorithms such as symmetric ciphers, message digests and key derivation @@ -98,13 +93,6 @@ export CARGO_PROFILE_RELEASE_DEBUG=true export CARGO_PROFILE_RELEASE_SPLIT_DEBUGINFO=off # https://pyo3.rs/main/building-and-distribution#configuring-the-python-version %python_expand export PYO3_PYTHON="%{_bindir}/$python" -cd src/rust -tar xfv %{S:2} -rm -v Cargo.lock -%cargo_build -cd - - -# https://github.com/pyca/cryptography/issues/9023 %global _lto_cflags %{nil} export RUSTFLAGS=%{rustflags} export CFLAGS="%{optflags} -fno-strict-aliasing" @@ -127,6 +115,7 @@ find . -name .keep -print -delete # fails with OverflowError on 32bit platform %ifarch %ix86 %arm ppc rm -v tests/hazmat/primitives/test_aead.py +rm -v tests/hazmat/primitives/test_ciphers.py # imports test_aead so we need to remove also these rm -v tests/wycheproof/test_aes.py rm -v tests/wycheproof/test_chacha20poly1305.py @@ -139,6 +128,7 @@ rm -v tests/wycheproof/test_chacha20poly1305.py %license LICENSE LICENSE.APACHE LICENSE.BSD %doc CONTRIBUTING.rst CHANGELOG.rst README.rst %{python_sitearch}/cryptography +%{python_sitearch}/rust %{python_sitearch}/cryptography-%{version}.dist-info %endif diff --git a/vendor.tar.zst b/vendor.tar.zst index 62edfe7..673bc9c 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:dfcf0bf7d3157582b488524714f7b1a36f8d1d0cf4e549186c85f2eaec4ba492 -size 2005993 +oid sha256:bae449754445621c2ab723ff567651d93627864b83f132475dd62049addf6395 +size 2559391