python/python-PyKMIP
SHA256
14
0
Fork 0
forked from pool/python-PyKMIP
Code Pull Requests Activity

Accepting request 1061203 from devel:languages:python

Browse Source 
- Add crypto-39.patch to make it work with python-cryptography >= 39.0.0
  gh#OpenKMIP/PyKMIP#689

OBS-URL: https://build.opensuse.org/request/show/1061203
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-PyKMIP?expand=0&rev=8
This commit is contained in:
Dominique Leuenberger
2023-01-26 14:05:53 +00:00
committed by Git OBS Bridge
parent b974f30234 660c3892cb
commit 503e614aa7
3 changed files with 90 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
crypto-39.patch Normal file
View File

@@ -0,0 +1,79 @@
From 3a50c8484e355e03bea1399f1e72b1c1ef716680 Mon Sep 17 00:00:00 2001
From: Daniel Garcia Moreno <daniel.garcia@suse.com>
Date: Thu, 26 Jan 2023 13:07:54 +0100
Subject: [PATCH] Add cryptography >= 39.0.0 support
The cryptography release 39.0.0 added a new parameter to the serializer
that's required.
https://cryptography.io/en/latest/changelog/#v39-0-0
This patch fixes the tests test_encrypt_decrypt_asymmetric
---
kmip/services/server/crypto/engine.py | 20 ++++++++++++++++----
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/kmip/services/server/crypto/engine.py b/kmip/services/server/crypto/engine.py
index 838e1b92..e9e8593e 100644
--- a/kmip/services/server/crypto/engine.py
+++ b/kmip/services/server/crypto/engine.py
@@ -16,6 +16,7 @@
import logging
import os
+import cryptography
from cryptography import exceptions as errors
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization, hashes, hmac, cmac
@@ -930,17 +931,22 @@ def _decrypt_asymmetric(
)
backend = default_backend()
+ params = {}
+ if cryptography.__version__ >= "39.0.0":
+ params["unsafe_skip_rsa_key_validation"] = False
try:
private_key = backend.load_der_private_key(
decryption_key,
- None
+ None,
+ **params,
)
except Exception:
try:
private_key = backend.load_pem_private_key(
decryption_key,
- None
+ None,
+ **params,
)
except Exception:
raise exceptions.CryptographicFailure(
@@ -1279,18 +1285,24 @@ def _create_RSA_private_key(self,
RSA private key created from key bytes.
"""
+ params = {}
+ if cryptography.__version__ >= "39.0.0":
+ params["unsafe_skip_rsa_key_validation"] = False
+
try:
private_key = serialization.load_pem_private_key(
bytes,
password=None,
- backend=default_backend()
+ backend=default_backend(),
+ **params,
)
return private_key
except Exception:
private_key = serialization.load_der_private_key(
bytes,
password=None,
- backend=default_backend()
+ backend=default_backend(),
+ **params,
)
return private_key

6
python-PyKMIP.changes
View File

@@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Jan 26 12:36:34 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>
- Add crypto-39.patch to make it work with python-cryptography >= 39.0.0
gh#OpenKMIP/PyKMIP#689
------------------------------------------------------------------- -------------------------------------------------------------------
Wed May 4 09:55:17 UTC 2022 - pgajdos@suse.com Wed May 4 09:55:17 UTC 2022 - pgajdos@suse.com

8
python-PyKMIP.spec
View File

@@ -1,7 +1,7 @@
# #
# spec file for package python-PyKMIP # spec file for package python-PyKMIP
# #
# Copyright (c) 2022 SUSE LLC # Copyright (c) 2023 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@@ -16,7 +16,6 @@
# #
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%bcond_without python2 %bcond_without python2
Name: python-PyKMIP Name: python-PyKMIP
Version: 0.10.0 Version: 0.10.0
@@ -31,6 +30,8 @@ Source: https://files.pythonhosted.org/packages/source/P/PyKMIP/PyKMIP-%
Patch0: fix-tests-SQLAlchemy-140.patch Patch0: fix-tests-SQLAlchemy-140.patch
# https://github.com/OpenKMIP/PyKMIP/issues/668 # https://github.com/OpenKMIP/PyKMIP/issues/668
Patch1: python-PyKMIP-no-mock.patch Patch1: python-PyKMIP-no-mock.patch
# PATCH-FIX-OPENSUSE crypto-39.patch gh#OpenKMIP/PyKMIP#689
Patch2: crypto-39.patch
BuildRequires: %{python_module SQLAlchemy} BuildRequires: %{python_module SQLAlchemy}
BuildRequires: %{python_module cryptography} BuildRequires: %{python_module cryptography}
BuildRequires: %{python_module devel} BuildRequires: %{python_module devel}
@@ -87,7 +88,8 @@ Standards`_ (OASIS). PyKMIP supports a subset of features in versions
%files %{python_files} %files %{python_files}
%license LICENSE.txt %license LICENSE.txt
%doc README.rst %doc README.rst
%{python_sitelib}/* %{python_sitelib}/kmip
%{python_sitelib}/PyKMIP-%{version}*-info
%python_alternative %{_bindir}/pykmip-server %python_alternative %{_bindir}/pykmip-server
%changelog %changelog