Accepting request 823211 from devel:languages:python

- update to 3.0 - refreshed disable-uneven-sizes-tests.patch and skip_openssl_memleak_test.patch * Removed support for passing an Extension instance to from_issuer_subject_key_identifier(), as per our deprecation policy. * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer. * RSA generate_private_key() no longer accepts public_exponent values except 65537 and 3 (the latter for legacy purposes). * X.509 certificate parsing now enforces that the version field contains a valid value, rather than deferring this check until version is accessed. * Deprecated support for Python 2 * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa private keys: load_ssh_private_key() for loading and OpenSSH for writing. * Added support for OpenSSH certificates to load_ssh_public_key(). * Added encrypt_at_time() and decrypt_at_time() to Fernet. * Added support for the SubjectInformationAccess X.509 extension. * Added support for parsing SignedCertificateTimestamps in OCSP responses. * Added support for parsing attributes in certificate signing requests via get_attribute_for_oid(). * Added support for encoding attributes in certificate signing requests via add_attribute(). * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG instead of its own OS random engine because these versions of OpenSSL properly reseed on fork. * Added initial support for creating PKCS12 files with serialize_key_and_certificates(). OBS-URL: https://build.opensuse.org/request/show/823211 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-cryptography?expand=0&rev=50
2020-08-01 10:31:06 +00:00 · 2020-08-01 10:31:06 +00:00 · 04a85d9cd6
commit 04a85d9cd6
parent 83e4d4a20f 5622a86892
8 changed files with 60 additions and 32 deletions
--- a/cryptography-2.9.2.tar.gz
+++ b/cryptography-2.9.2.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a0c30272fb4ddda5f5ffc1089d7405b7a71b0b0f51993cb4e5dbb4590b2fc229
-size 517571
--- a/cryptography-2.9.2.tar.gz.asc
+++ b/cryptography-2.9.2.tar.gz.asc
@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQEyBAABCAAdFiEEBf2foWz3VzUNkaVgI1rl8Sn57ZgFAl6gzhQACgkQI1rl8Sn5
-7Zh0nAf4ggT/Ld981REP/HrVwJKGp6gn9ViqmToHOacI3XeP70Rz+7h4eg/548Bf
-F4oH0IAkwV4TRUXtJV/fsi5OmnCD8EktQqxpzUQ9yNfT3thj/X2594GUD5+Tm/O9
-162xy/mFqa8XgIjXB5NaAySrpegMEf6lPpOOf7hI0mHcsQ3b4EYp5/of0dj0MgQV
-HgrAKtdpLKWSeFLL19bqXHpBloYOj9kFuQs+2qVYtu0gIzsavGC8kKrvw6ir8i5o
-FqNumdvcXYWHjkF/46BICd5ZUNY5YrYGGsK39CBQRFgEkoD+ElVsh9anwoNeUvxu
-qilLKGLbD6NteTWcxjnqJJGnO2+7
-=VVJo
-----END PGP SIGNATURE-----
--- a/cryptography-3.0.tar.gz
+++ b/cryptography-3.0.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8e924dbc025206e97756e8903039662aa58aa9ba357d8e1d8fc29e3092322053
+size 534725
--- a/cryptography-3.0.tar.gz.asc
+++ b/cryptography-3.0.tar.gz.asc
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCAAdFiEEBf2foWz3VzUNkaVgI1rl8Sn57ZgFAl8WGscACgkQI1rl8Sn5
+7ZiG/Af/dlShgMX5PLP6G+S9iXdSX9Zu6rlJUeQ8QkoaL268KoBe6Y+LHRwDoblk
+8iIwN3KYxNqVqEVrve/nr3ju5YoFWXjrA755W13j5ehLN1Tn+s9Apxe2Ye8OhSNa
+MrIdzWAMaEl2DpArr2zBxockEuLqb06Uj29YfYQKcmSKwFvzmJtozw1VscwyQS70
+GJ4MzWnbvIIbwpDlwNDiHkR8OE3JR5aDDuYdX0ADWHxK2ExCKS6kP4gI9pamVt6L
+RgmJKHfjrbv/hhgrg64PjXH8WRXMKDXs6j5zGRo6Gvg4gnyISvQF7+1piaIsp9bP
+BFyuqnIGeMqhwcC/dtGsq/fxJOHurw==
+=mZPL
+-----END PGP SIGNATURE-----
--- a/disable-uneven-sizes-tests.patch
+++ b/disable-uneven-sizes-tests.patch
@ -1,14 +1,14 @@
-Index: cryptography-1.0/tests/hazmat/primitives/test_rsa.py
+Index: cryptography-3.0/tests/hazmat/primitives/test_rsa.py
 ===================================================================
--- cryptography-1.0.orig/tests/hazmat/primitives/test_rsa.py
-+++ cryptography-1.0/tests/hazmat/primitives/test_rsa.py
-@@ -91,7 +91,8 @@ class TestRSA(object):
+--- cryptography-3.0.orig/tests/hazmat/primitives/test_rsa.py
+++ cryptography-3.0/tests/hazmat/primitives/test_rsa.py
+@@ -174,7 +174,8 @@ class TestRSA(object):
         ("public_exponent", "key_size"),
         itertools.product(
-             (3, 5, 65537),
-            (1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048)
-+            #(1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048)
-+            (1024, 1026, 1028, 1030, 1536, 2048)
-         )
+             (3, 65537),
+-            (1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048),
+            #(1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048),
+            (1024, 1026, 1028, 1030, 1536, 2048),
+         ),
     )
     def test_generate_rsa_keys(self, backend, public_exponent, key_size):
--- a/python-cryptography.changes
+++ b/python-cryptography.changes
@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Tue Jul 28 17:16:47 UTC 2020 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 3.0
+- refreshed disable-uneven-sizes-tests.patch and  skip_openssl_memleak_test.patch
+ * Removed support for passing an Extension instance
+    to from_issuer_subject_key_identifier(), as per our deprecation policy.
+ * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed
+ * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer.
+ * RSA generate_private_key() no longer accepts public_exponent values except
+    65537 and 3 (the latter for legacy purposes).
+ * X.509 certificate parsing now enforces that the version field contains
+    a valid value, rather than deferring this check until version is accessed.
+ * Deprecated support for Python 2
+ * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa
+    private keys: load_ssh_private_key() for loading and OpenSSH for writing.
+ * Added support for OpenSSH certificates to load_ssh_public_key().
+ * Added encrypt_at_time() and decrypt_at_time() to Fernet.
+ * Added support for the SubjectInformationAccess X.509 extension.
+ * Added support for parsing SignedCertificateTimestamps in OCSP responses.
+ * Added support for parsing attributes in certificate signing requests via get_attribute_for_oid().
+ * Added support for encoding attributes in certificate signing requests via add_attribute().
+ * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG
+    instead of its own OS random engine because these versions of OpenSSL properly reseed on fork.
+ * Added initial support for creating PKCS12 files with serialize_key_and_certificates().
+
 -------------------------------------------------------------------
 Fri May 15 08:44:10 UTC 2020 - Michael Ströder <michael@stroeder.com>

--- a/python-cryptography.spec
+++ b/python-cryptography.spec
@ -1,7 +1,7 @@
 #
 # spec file for package python-cryptography
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -19,7 +19,7 @@
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 %bcond_without python2
 Name:           python-cryptography
-Version:        2.9.2
+Version:        3.0
 Release:        0
 Summary:        Python library which exposes cryptographic recipes and primitives
 License:        Apache-2.0 OR BSD-3-Clause
--- a/skip_openssl_memleak_test.patch
+++ b/skip_openssl_memleak_test.patch
@ -1,16 +1,18 @@
-diff --git a/tests/hazmat/backends/test_openssl_memleak.py b/tests/hazmat/backends/test_openssl_memleak.py
-index 6e92e34..3280c47 100644
--- a/tests/hazmat/backends/test_openssl_memleak.py
-+++ b/tests/hazmat/backends/test_openssl_memleak.py
-@@ -118,9 +118,8 @@ def assert_no_memory_leaks(s, argv=[]):
+Index: cryptography-3.0/tests/hazmat/backends/test_openssl_memleak.py
+===================================================================
+--- cryptography-3.0.orig/tests/hazmat/backends/test_openssl_memleak.py
+++ cryptography-3.0/tests/hazmat/backends/test_openssl_memleak.py
+@@ -153,10 +153,9 @@ def assert_no_memory_leaks(s, argv=[]):
 
 
 def skip_if_memtesting_not_supported():
 -    return pytest.mark.skipif(
 -        not Binding().lib.Cryptography_HAS_MEM_FUNCTIONS,
-        reason="Requires OpenSSL memory functions (>=1.1.0)"
+-        reason="Requires OpenSSL memory functions (>=1.1.0)",
+-    )
 +    return pytest.mark.skip(
 +        reason="Our FIPS openssl startup code invokes CRYPTO_malloc() which prevents later debugging via CRYPTO_set_mem_functions()"
-     )
+     )
 
 
+ @pytest.mark.skip_fips(reason="FIPS self-test sets allow_customize = 0")