python/python-PyKMIP
SHA256
14
0
Fork 0
forked from pool/python-PyKMIP
Code Pull Requests Activity

- Lowercase metadata directory name.

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-PyKMIP?expand=0&rev=22
This commit is contained in:
Steve Kowalik
2025-03-25 04:51:37 +00:00
committed by Git OBS Bridge
commit f5f5709b96
11 changed files with 1233 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
.osc

3
PyKMIP-0.10.0.tar.gz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:bb6ff310bba8b1130ffe675347f668f7234d022ba3d51edea5ea7e2ea9523897
size 542498

79
crypto-39.patch Normal file
View File

@@ -0,0 +1,79 @@
From 3a50c8484e355e03bea1399f1e72b1c1ef716680 Mon Sep 17 00:00:00 2001
From: Daniel Garcia Moreno <daniel.garcia@suse.com>
Date: Thu, 26 Jan 2023 13:07:54 +0100
Subject: [PATCH] Add cryptography >= 39.0.0 support
The cryptography release 39.0.0 added a new parameter to the serializer
that's required.
https://cryptography.io/en/latest/changelog/#v39-0-0
This patch fixes the tests test_encrypt_decrypt_asymmetric
---
kmip/services/server/crypto/engine.py | 20 ++++++++++++++++----
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/kmip/services/server/crypto/engine.py b/kmip/services/server/crypto/engine.py
index 838e1b92..e9e8593e 100644
--- a/kmip/services/server/crypto/engine.py
+++ b/kmip/services/server/crypto/engine.py
@@ -16,6 +16,7 @@
import logging
import os
+import cryptography
from cryptography import exceptions as errors
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization, hashes, hmac, cmac
@@ -930,17 +931,22 @@ def _decrypt_asymmetric(
)
backend = default_backend()
+ params = {}
+ if cryptography.__version__ >= "39.0.0":
+ params["unsafe_skip_rsa_key_validation"] = False
try:
private_key = backend.load_der_private_key(
decryption_key,
- None
+ None,
+ **params,
)
except Exception:
try:
private_key = backend.load_pem_private_key(
decryption_key,
- None
+ None,
+ **params,
)
except Exception:
raise exceptions.CryptographicFailure(
@@ -1279,18 +1285,24 @@ def _create_RSA_private_key(self,
RSA private key created from key bytes.
"""
+ params = {}
+ if cryptography.__version__ >= "39.0.0":
+ params["unsafe_skip_rsa_key_validation"] = False
+
try:
private_key = serialization.load_pem_private_key(
bytes,
password=None,
- backend=default_backend()
+ backend=default_backend(),
+ **params,
)
return private_key
except Exception:
private_key = serialization.load_der_private_key(
bytes,
password=None,
- backend=default_backend()
+ backend=default_backend(),
+ **params,
)
return private_key

47
crypto-42.patch Normal file
View File

@@ -0,0 +1,47 @@
Index: PyKMIP-0.10.0/kmip/services/server/crypto/engine.py
===================================================================
--- PyKMIP-0.10.0.orig/kmip/services/server/crypto/engine.py
+++ PyKMIP-0.10.0/kmip/services/server/crypto/engine.py
@@ -588,10 +588,10 @@ class CryptographyEngine(api.Cryptograph
backend = default_backend()
try:
- public_key = backend.load_der_public_key(encryption_key)
+ public_key = serialization.load_der_public_key(encryption_key)
except Exception:
try:
- public_key = backend.load_pem_public_key(encryption_key)
+ public_key = serialization.load_pem_public_key(encryption_key)
except Exception:
raise exceptions.CryptographicFailure(
"The public key bytes could not be loaded."
@@ -935,14 +935,14 @@ class CryptographyEngine(api.Cryptograph
params["unsafe_skip_rsa_key_validation"] = False
try:
- private_key = backend.load_der_private_key(
+ private_key = serialization.load_der_private_key(
decryption_key,
None,
**params,
)
except Exception:
try:
- private_key = backend.load_pem_private_key(
+ private_key = serialization.load_pem_private_key(
decryption_key,
None,
**params,
@@ -1500,10 +1500,10 @@ class CryptographyEngine(api.Cryptograph
)
try:
- public_key = backend.load_der_public_key(signing_key)
+ public_key = serialization.load_der_public_key(signing_key)
except Exception:
try:
- public_key = backend.load_pem_public_key(signing_key)
+ public_key = serialization.load_pem_public_key(signing_key)
except Exception:
raise exceptions.CryptographicFailure(
"The signing key bytes could not be loaded."

496
fix-tests-SQLAlchemy-140.patch Normal file
View File

@@ -0,0 +1,496 @@
From 01307c08937890db38b9ae6135c5b8d5f720e595 Mon Sep 17 00:00:00 2001
From: Tim Burke <tim.burke@gmail.com>
Date: Tue, 21 Sep 2021 18:16:09 -0700
Subject: [PATCH] Fix tests to pass with SQLAlchemy>=1.4.0
I'm not *entirely* sure what's going on here, but it seems that when we
do something like
obj = OpaqueObject(...)
Session = sessionmaker(...)
session = Session()
...
session.add(obj)
session.commit()
the primary key (and maybe some foreign relations?) aren't automatically
populated on `obj` following the commit, and will attempt to lazy-load
on next reference. Since expire_on_commit defaults to True, the session
attached to `obj` (which is no longer the `session` in locals!) is closed
out when we later do
session = Session()
get_obj = session.query(OpaqueObject).filter(
ManagedObject.unique_identifier == obj.unique_identifier).one()
leading to a DetachedInstanceError.
There seem to be a few different ways we can fix this:
* Set expire_on_commit=False so the old session is still useful for the
lazy-loading.
* Re-use the same session instead of creating a new one.
* Explicitly refresh added objects post-commit.
Generally prefer the first one; there's some prior art to follow in
services/server/test_engine.py. Curiously, that same file runs into
trouble despite already setting expire_on_commit=False -- so do the
explicit refresh, on the assumption that there was a reason we went to
the trouble of creating a fresh session.
Closes #649
---
kmip/tests/unit/pie/objects/test_opaque_object.py | 14 +++++++-------
kmip/tests/unit/pie/objects/test_private_key.py | 14 +++++++-------
kmip/tests/unit/pie/objects/test_public_key.py | 14 +++++++-------
kmip/tests/unit/pie/objects/test_secret_data.py | 14 +++++++-------
kmip/tests/unit/pie/objects/test_split_key.py | 3 ++-
kmip/tests/unit/pie/objects/test_symmetric_key.py | 14 +++++++-------
.../unit/pie/objects/test_x509_certificate.py | 14 +++++++-------
kmip/tests/unit/services/server/test_engine.py | 3 +++
8 files changed, 47 insertions(+), 43 deletions(-)
diff --git a/kmip/tests/unit/pie/objects/test_opaque_object.py b/kmip/tests/unit/pie/objects/test_opaque_object.py
index c742a17e..f41f1b0e 100644
--- a/kmip/tests/unit/pie/objects/test_opaque_object.py
+++ b/kmip/tests/unit/pie/objects/test_opaque_object.py
@@ -224,7 +224,7 @@ def test_get(self):
test_name = 'bowser'
obj = OpaqueObject(
self.bytes_a, enums.OpaqueDataType.NONE, name=test_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -259,7 +259,7 @@ def test_add_multiple_names(self):
expected_mo_names.append(sqltypes.ManagedObjectName(name, i))
self.assertEquals(expected_mo_names, obj._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -295,7 +295,7 @@ def test_remove_name(self):
self.assertEquals(expected_names, obj.names)
self.assertEquals(expected_mo_names, obj._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -334,7 +334,7 @@ def test_remove_and_add_name(self):
self.assertEquals(expected_names, obj.names)
self.assertEquals(expected_mo_names, obj._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -362,7 +362,7 @@ def test_update_with_add_name(self):
first_name = 'bowser'
obj = OpaqueObject(
self.bytes_a, enums.OpaqueDataType.NONE, name=first_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -402,7 +402,7 @@ def test_update_with_remove_name(self):
obj.names.append(names[1])
obj.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -444,7 +444,7 @@ def test_update_with_remove_and_add_name(self):
obj.names.append(names[1])
obj.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
diff --git a/kmip/tests/unit/pie/objects/test_private_key.py b/kmip/tests/unit/pie/objects/test_private_key.py
index c58daf83..0ad425f4 100644
--- a/kmip/tests/unit/pie/objects/test_private_key.py
+++ b/kmip/tests/unit/pie/objects/test_private_key.py
@@ -563,7 +563,7 @@ def test_get(self):
key = PrivateKey(
enums.CryptographicAlgorithm.RSA, 2048, self.bytes_2048,
enums.KeyFormatType.PKCS_1, masks=masks, name=test_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -603,7 +603,7 @@ def test_add_multiple_names(self):
expected_mo_names.append(sqltypes.ManagedObjectName(name, i))
self.assertEquals(expected_mo_names, key._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -640,7 +640,7 @@ def test_remove_name(self):
self.assertEquals(expected_names, key.names)
self.assertEquals(expected_mo_names, key._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -680,7 +680,7 @@ def test_remove_and_add_name(self):
self.assertEquals(expected_names, key.names)
self.assertEquals(expected_mo_names, key._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -709,7 +709,7 @@ def test_update_with_add_name(self):
key = PrivateKey(
enums.CryptographicAlgorithm.RSA, 2048, self.bytes_2048,
enums.KeyFormatType.PKCS_1, name=first_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -750,7 +750,7 @@ def test_update_with_remove_name(self):
key.names.append(names[1])
key.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -793,7 +793,7 @@ def test_update_with_remove_and_add_name(self):
key.names.append(names[1])
key.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
diff --git a/kmip/tests/unit/pie/objects/test_public_key.py b/kmip/tests/unit/pie/objects/test_public_key.py
index f0571913..cf71833b 100644
--- a/kmip/tests/unit/pie/objects/test_public_key.py
+++ b/kmip/tests/unit/pie/objects/test_public_key.py
@@ -461,7 +461,7 @@ def test_get(self):
key = PublicKey(
enums.CryptographicAlgorithm.RSA, 2048, self.bytes_2048,
enums.KeyFormatType.PKCS_1, masks=masks, name=test_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -501,7 +501,7 @@ def test_add_multiple_names(self):
expected_mo_names.append(sqltypes.ManagedObjectName(name, i))
self.assertEquals(expected_mo_names, key._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -538,7 +538,7 @@ def test_remove_name(self):
self.assertEquals(expected_names, key.names)
self.assertEquals(expected_mo_names, key._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -578,7 +578,7 @@ def test_remove_and_add_name(self):
self.assertEquals(expected_names, key.names)
self.assertEquals(expected_mo_names, key._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -607,7 +607,7 @@ def test_update_with_add_name(self):
key = PublicKey(
enums.CryptographicAlgorithm.RSA, 2048, self.bytes_2048,
enums.KeyFormatType.PKCS_1, name=first_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -648,7 +648,7 @@ def test_update_with_remove_name(self):
key.names.append(names[1])
key.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -691,7 +691,7 @@ def test_update_with_remove_and_add_name(self):
key.names.append(names[1])
key.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
diff --git a/kmip/tests/unit/pie/objects/test_secret_data.py b/kmip/tests/unit/pie/objects/test_secret_data.py
index 5a12132d..1cfe075d 100644
--- a/kmip/tests/unit/pie/objects/test_secret_data.py
+++ b/kmip/tests/unit/pie/objects/test_secret_data.py
@@ -243,7 +243,7 @@ def test_get(self):
test_name = 'bowser'
obj = SecretData(self.bytes_a, enums.SecretDataType.PASSWORD,
name=test_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -278,7 +278,7 @@ def test_add_multiple_names(self):
expected_mo_names.append(sqltypes.ManagedObjectName(name, i))
self.assertEquals(expected_mo_names, obj._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -314,7 +314,7 @@ def test_remove_name(self):
self.assertEquals(expected_names, obj.names)
self.assertEquals(expected_mo_names, obj._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -353,7 +353,7 @@ def test_remove_and_add_name(self):
self.assertEquals(expected_names, obj.names)
self.assertEquals(expected_mo_names, obj._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -381,7 +381,7 @@ def test_update_with_add_name(self):
first_name = 'bowser'
obj = SecretData(self.bytes_a, enums.SecretDataType.PASSWORD,
name=first_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -421,7 +421,7 @@ def test_update_with_remove_name(self):
obj.names.append(names[1])
obj.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
@@ -463,7 +463,7 @@ def test_update_with_remove_and_add_name(self):
obj.names.append(names[1])
obj.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(obj)
session.commit()
diff --git a/kmip/tests/unit/pie/objects/test_split_key.py b/kmip/tests/unit/pie/objects/test_split_key.py
index a81c304d..755d7bc8 100644
--- a/kmip/tests/unit/pie/objects/test_split_key.py
+++ b/kmip/tests/unit/pie/objects/test_split_key.py
@@ -595,7 +595,8 @@ def test_get(self):
prime_field_size=104729
)
- session = sqlalchemy.orm.sessionmaker(bind=self.engine)()
+ session = sqlalchemy.orm.sessionmaker(
+ bind=self.engine, expire_on_commit=False)()
session.add(split_key)
session.commit()
diff --git a/kmip/tests/unit/pie/objects/test_symmetric_key.py b/kmip/tests/unit/pie/objects/test_symmetric_key.py
index ccc4cdfa..cf7f5dff 100644
--- a/kmip/tests/unit/pie/objects/test_symmetric_key.py
+++ b/kmip/tests/unit/pie/objects/test_symmetric_key.py
@@ -408,7 +408,7 @@ def test_get(self):
enums.CryptographicAlgorithm.AES, 128, self.bytes_128a,
masks=masks,
name=test_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -448,7 +448,7 @@ def test_add_multiple_names(self):
expected_mo_names.append(sqltypes.ManagedObjectName(name, i))
self.assertEquals(expected_mo_names, key._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -485,7 +485,7 @@ def test_remove_name(self):
self.assertEquals(expected_names, key.names)
self.assertEquals(expected_mo_names, key._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -525,7 +525,7 @@ def test_remove_and_add_name(self):
self.assertEquals(expected_names, key.names)
self.assertEquals(expected_mo_names, key._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -554,7 +554,7 @@ def test_update_with_add_name(self):
key = SymmetricKey(
enums.CryptographicAlgorithm.AES, 128, self.bytes_128a,
name=first_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -595,7 +595,7 @@ def test_update_with_remove_name(self):
key.names.append(names[1])
key.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
@@ -638,7 +638,7 @@ def test_update_with_remove_and_add_name(self):
key.names.append(names[1])
key.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(key)
session.commit()
diff --git a/kmip/tests/unit/pie/objects/test_x509_certificate.py b/kmip/tests/unit/pie/objects/test_x509_certificate.py
index 43d66ca4..f4d76ada 100644
--- a/kmip/tests/unit/pie/objects/test_x509_certificate.py
+++ b/kmip/tests/unit/pie/objects/test_x509_certificate.py
@@ -320,7 +320,7 @@ def test_get(self):
masks = [enums.CryptographicUsageMask.ENCRYPT,
enums.CryptographicUsageMask.WRAP_KEY]
cert = X509Certificate(self.bytes_a, masks=masks, name=test_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(cert)
session.commit()
@@ -354,7 +354,7 @@ def test_add_multiple_names(self):
expected_mo_names.append(sqltypes.ManagedObjectName(name, i))
self.assertEquals(expected_mo_names, cert._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(cert)
session.commit()
@@ -389,7 +389,7 @@ def test_remove_name(self):
self.assertEquals(expected_names, cert.names)
self.assertEquals(expected_mo_names, cert._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(cert)
session.commit()
@@ -427,7 +427,7 @@ def test_remove_and_add_name(self):
self.assertEquals(expected_names, cert.names)
self.assertEquals(expected_mo_names, cert._names)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(cert)
session.commit()
@@ -454,7 +454,7 @@ def test_update_with_add_name(self):
"""
first_name = 'bowser'
cert = X509Certificate(self.bytes_a, name=first_name)
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(cert)
session.commit()
@@ -493,7 +493,7 @@ def test_update_with_remove_name(self):
cert.names.append(names[1])
cert.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(cert)
session.commit()
@@ -534,7 +534,7 @@ def test_update_with_remove_and_add_name(self):
cert.names.append(names[1])
cert.names.append(names[2])
- Session = sessionmaker(bind=self.engine)
+ Session = sessionmaker(bind=self.engine, expire_on_commit=False)
session = Session()
session.add(cert)
session.commit()
diff --git a/kmip/tests/unit/services/server/test_engine.py b/kmip/tests/unit/services/server/test_engine.py
index 617fcc1b..ad596dfe 100644
--- a/kmip/tests/unit/services/server/test_engine.py
+++ b/kmip/tests/unit/services/server/test_engine.py
@@ -1386,6 +1386,7 @@ def test_get_attribute_from_managed_object(self):
e._data_session.add(certificate)
e._data_session.add(opaque_object)
e._data_session.commit()
+ e._data_session.refresh(symmetric_key)
e._data_session = e._data_store_session_factory()
result = e._get_attribute_from_managed_object(
@@ -1660,6 +1661,7 @@ def test_get_attribute_index_from_managed_object(self):
e._data_session.add(symmetric_key)
e._data_session.add(certificate)
e._data_session.commit()
+ e._data_session.refresh(symmetric_key)
e._data_session = e._data_store_session_factory()
e._set_attribute_on_managed_object(
@@ -2302,6 +2304,7 @@ def test_set_attribute_on_managed_object_by_index(self):
e._data_session.add(symmetric_key)
e._data_session.commit()
+ e._data_session.refresh(symmetric_key)
e._data_session = e._data_store_session_factory()
e._set_attribute_on_managed_object(

44
fix_test_mac_with_cryptographic_failure.patch Normal file
View File

@@ -0,0 +1,44 @@
From c70dbe4ed1d53a1a5dbd3aecaaba7fe654a4fbf1 Mon Sep 17 00:00:00 2001
From: arp102 <92389169+arp102@users.noreply.github.com>
Date: Tue, 8 Aug 2023 15:35:21 -0400
Subject: [PATCH] Fix test_mac_with_cryptographic_failure unit test.
This test is meant to intentionally trigger an exception in the cryptography library
by creating a CMAC with a non-block cipher algorithm, IDEA.
That doesn't work any more because IDEA is now treated as a block cipher algorithm.
To fix this, we now use the ARC4 algorithm instead,
which does trigger the expected exception.
---
kmip/services/server/crypto/engine.py | 3 +--
kmip/tests/unit/services/server/crypto/test_engine.py | 4 ++--
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/kmip/services/server/crypto/engine.py b/kmip/services/server/crypto/engine.py
index e6527e4b..15527701 100644
--- a/kmip/services/server/crypto/engine.py
+++ b/kmip/services/server/crypto/engine.py
@@ -269,8 +269,7 @@ def mac(self, algorithm, key, data):
)
cipher_algorithm = self._symmetric_key_algorithms.get(algorithm)
try:
- # ARC4 and IDEA algorithms will raise exception as CMAC
- # requires block ciphers
+ # ARC4 and other non-block cipher algorithms will raise TypeError exceptions
c = cmac.CMAC(cipher_algorithm(key), backend=default_backend())
c.update(data)
mac_data = c.finalize()
diff --git a/kmip/tests/unit/services/server/crypto/test_engine.py b/kmip/tests/unit/services/server/crypto/test_engine.py
index 4adb222b..edb52832 100644
--- a/kmip/tests/unit/services/server/crypto/test_engine.py
+++ b/kmip/tests/unit/services/server/crypto/test_engine.py
@@ -247,8 +247,8 @@ def __init__(self):
engine = crypto.CryptographyEngine()
- # IDEA is not block cipher so cmac should raise exception
- args = [enums.CryptographicAlgorithm.IDEA, key, data]
+ # RC4 is not block cipher so cmac should raise exception
+ args = [enums.CryptographicAlgorithm.RC4, key, data]
self.assertRaises(
exceptions.CryptographicFailure,
engine.mac,

101
no-ssl-wrap-socket.patch Normal file
View File

@@ -0,0 +1,101 @@
From 433ab3ef43241155ee64196574daae2f41feac4e Mon Sep 17 00:00:00 2001
From: Steven Silvester <steven.silvester@ieee.org>
Date: Wed, 4 Oct 2023 09:59:43 -0500
Subject: [PATCH 01/11] Add python 3.12 support
---
.github/workflows/tox.yml | 3 ++-
kmip/services/kmip_client.py | 19 +++++++-------
kmip/services/server/server.py | 25 ++++++++++---------
.../tests/unit/services/server/test_server.py | 4 +--
4 files changed, 27 insertions(+), 24 deletions(-)
Index: PyKMIP-0.10.0/kmip/services/kmip_client.py
===================================================================
--- PyKMIP-0.10.0.orig/kmip/services/kmip_client.py
+++ PyKMIP-0.10.0/kmip/services/kmip_client.py
@@ -285,13 +285,15 @@ class KMIPProxy(object):
six.reraise(*last_error)
def _create_socket(self, sock):
- self.socket = ssl.wrap_socket(
+ context = ssl.SSLContext(protocol=self.ssl_version)
+ context.load_verify_locations(capath=self.ca_certs)
+ context.check_hostname = False
+ context.verify_mode = self.cert_reqs
+ if self.certfile:
+ context.load_cert_chain(self.certfile, self.keyfile)
+ self.socket = context.wrap_socket(
sock,
- keyfile=self.keyfile,
- certfile=self.certfile,
- cert_reqs=self.cert_reqs,
- ssl_version=self.ssl_version,
- ca_certs=self.ca_certs,
+ server_side=False,
do_handshake_on_connect=self.do_handshake_on_connect,
suppress_ragged_eofs=self.suppress_ragged_eofs)
self.socket.settimeout(self.timeout)
Index: PyKMIP-0.10.0/kmip/services/server/server.py
===================================================================
--- PyKMIP-0.10.0.orig/kmip/services/server/server.py
+++ PyKMIP-0.10.0/kmip/services/server/server.py
@@ -287,17 +287,22 @@ class KmipServer(object):
for cipher in auth_suite_ciphers:
self._logger.debug(cipher)
- self._socket = ssl.wrap_socket(
+ capath = self.config.settings.get('ca_path')
+ context = ssl.SSLContext(protocol=self.auth_suite.protocol)
+ if capath is not None:
+ context.load_verify_locations(capath=capath)
+ context.verify_mode = ssl.CERT_REQUIRED
+ context.set_ciphers(self.auth_suite.ciphers)
+ certfile = self.config.settings.get('certificate_path')
+ if certfile:
+ keyfile = self.config.settings.get('key_path')
+ context.load_cert_chain(certfile, keyfile=keyfile)
+
+ self._socket = context.wrap_socket(
self._socket,
- keyfile=self.config.settings.get('key_path'),
- certfile=self.config.settings.get('certificate_path'),
server_side=True,
- cert_reqs=ssl.CERT_REQUIRED,
- ssl_version=self.auth_suite.protocol,
- ca_certs=self.config.settings.get('ca_path'),
do_handshake_on_connect=False,
- suppress_ragged_eofs=True,
- ciphers=self.auth_suite.ciphers
+ suppress_ragged_eofs=True
)
try:
Index: PyKMIP-0.10.0/kmip/tests/unit/services/server/test_server.py
===================================================================
--- PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/test_server.py
+++ PyKMIP-0.10.0/kmip/tests/unit/services/server/test_server.py
@@ -210,9 +210,9 @@ class TestKmipServer(testtools.TestCase)
# Test that in ideal cases no errors are generated and the right
# log messages are.
with mock.patch('socket.socket') as socket_mock:
- with mock.patch('ssl.wrap_socket') as ssl_mock:
+ with mock.patch('ssl.SSLContext') as ssl_mock:
socket_mock.return_value = a_mock
- ssl_mock.return_value = b_mock
+ ssl_mock.return_value.wrap_socket.return_value = b_mock
manager_mock.assert_not_called()
monitor_mock.assert_not_called()
@@ -271,9 +271,9 @@ class TestKmipServer(testtools.TestCase)
# Test that a NetworkingError is generated if the socket bind fails.
with mock.patch('socket.socket') as socket_mock:
- with mock.patch('ssl.wrap_socket') as ssl_mock:
+ with mock.patch('ssl.SSLContext') as ssl_mock:
socket_mock.return_value = a_mock
- ssl_mock.return_value = b_mock
+ ssl_mock.return_value.wrap_socket.return_value = b_mock
test_exception = Exception()
b_mock.bind.side_effect = test_exception

158
python-PyKMIP-no-mock.patch Normal file
View File

@@ -0,0 +1,158 @@
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/core/objects/test_credentials.py PyKMIP-0.10.0/kmip/tests/unit/core/objects/test_credentials.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/core/objects/test_credentials.py 2022-05-04 11:45:14.586835230 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/core/objects/test_credentials.py 2022-05-04 11:45:14.642835575 +0200
@@ -14,7 +14,7 @@
# under the License.
import enum
-import mock
+from unittest import mock
import testtools
from kmip import enums
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/core/test_config_helper.py PyKMIP-0.10.0/kmip/tests/unit/core/test_config_helper.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/core/test_config_helper.py 2022-05-04 11:45:14.586835230 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/core/test_config_helper.py 2022-05-04 11:45:14.622835452 +0200
@@ -19,8 +19,8 @@ except ImportError:
import ConfigParser as configparser
from testtools import TestCase
-from mock import MagicMock
-from mock import Mock
+from unittest.mock import MagicMock
+from unittest.mock import Mock
from kmip.core.config_helper import ConfigHelper
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/pie/test_client.py PyKMIP-0.10.0/kmip/tests/unit/pie/test_client.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/pie/test_client.py 2022-05-04 11:45:14.582835205 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/pie/test_client.py 2022-05-04 11:45:14.614835402 +0200
@@ -13,7 +13,7 @@
# License for the specific language governing permissions and limitations
# under the License.
-import mock
+from unittest import mock
import six
import ssl
import testtools
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/auth/test_slugs.py PyKMIP-0.10.0/kmip/tests/unit/services/server/auth/test_slugs.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/auth/test_slugs.py 2022-05-04 11:45:14.582835205 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/services/server/auth/test_slugs.py 2022-05-04 11:45:14.618835427 +0200
@@ -13,7 +13,7 @@
# License for the specific language governing permissions and limitations
# under the License.
-import mock
+from unittest import mock
import requests
import testtools
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/auth/test_utils.py PyKMIP-0.10.0/kmip/tests/unit/services/server/auth/test_utils.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/auth/test_utils.py 2022-05-04 11:45:14.582835205 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/services/server/auth/test_utils.py 2022-05-04 11:45:14.618835427 +0200
@@ -19,7 +19,7 @@ from cryptography.hazmat.primitives impo
from cryptography.hazmat.primitives.asymmetric import rsa
import datetime
-import mock
+from unittest import mock
import ssl
import testtools
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/crypto/test_engine.py PyKMIP-0.10.0/kmip/tests/unit/services/server/crypto/test_engine.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/crypto/test_engine.py 2022-05-04 11:45:14.582835205 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/services/server/crypto/test_engine.py 2022-05-04 11:45:14.618835427 +0200
@@ -13,7 +13,7 @@
# License for the specific language governing permissions and limitations
# under the License.
-import mock
+from unittest import mock
import pytest
import testtools
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/test_config.py PyKMIP-0.10.0/kmip/tests/unit/services/server/test_config.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/test_config.py 2022-05-04 11:45:14.582835205 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/services/server/test_config.py 2022-05-04 11:45:14.618835427 +0200
@@ -14,7 +14,7 @@
# under the License.
import logging
-import mock
+from unittest import mock
import six
from six.moves import configparser
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/test_engine.py PyKMIP-0.10.0/kmip/tests/unit/services/server/test_engine.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/test_engine.py 2022-05-04 11:45:14.582835205 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/services/server/test_engine.py 2022-05-04 11:45:14.622835452 +0200
@@ -14,7 +14,7 @@
# under the License.
import six
-import mock
+from unittest import mock
import shutil
import sqlalchemy
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/test_monitor.py PyKMIP-0.10.0/kmip/tests/unit/services/server/test_monitor.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/test_monitor.py 2022-05-04 11:45:14.582835205 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/services/server/test_monitor.py 2022-05-04 11:45:14.618835427 +0200
@@ -14,7 +14,7 @@
# under the License.
import logging
-import mock
+from unittest import mock
import multiprocessing
import os
import shutil
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/test_server.py PyKMIP-0.10.0/kmip/tests/unit/services/server/test_server.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/test_server.py 2022-05-04 11:45:14.582835205 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/services/server/test_server.py 2022-05-04 11:45:14.618835427 +0200
@@ -18,7 +18,7 @@ import logging
try:
import unittest.mock as mock
except Exception:
- import mock
+ from unittest import mock
import signal
import socket
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/test_session.py PyKMIP-0.10.0/kmip/tests/unit/services/server/test_session.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/services/server/test_session.py 2022-05-04 11:45:14.582835205 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/services/server/test_session.py 2022-05-04 11:45:14.618835427 +0200
@@ -20,7 +20,7 @@ from cryptography.hazmat.primitives.asym
import datetime
-import mock
+from unittest import mock
import socket
import testtools
import time
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/services/test_kmip_client.py PyKMIP-0.10.0/kmip/tests/unit/services/test_kmip_client.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/services/test_kmip_client.py 2022-05-04 11:45:14.582835205 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/services/test_kmip_client.py 2022-05-04 11:45:14.614835402 +0200
@@ -66,7 +66,7 @@ from kmip.services.results import Operat
from kmip.services.results import QueryResult
from kmip.services.results import RekeyKeyPairResult
-import mock
+from unittest import mock
import os
import socket
import ssl
diff -upr PyKMIP-0.10.0.orig/kmip/tests/unit/services/test_kmip_protocol.py PyKMIP-0.10.0/kmip/tests/unit/services/test_kmip_protocol.py
--- PyKMIP-0.10.0.orig/kmip/tests/unit/services/test_kmip_protocol.py 2022-05-04 11:45:14.582835205 +0200
+++ PyKMIP-0.10.0/kmip/tests/unit/services/test_kmip_protocol.py 2022-05-04 11:45:14.614835402 +0200
@@ -13,7 +13,7 @@
# License for the specific language governing permissions and limitations
# under the License.
-from mock import call, MagicMock
+from unittest.mock import call, MagicMock
from testtools import TestCase
import binascii

184
python-PyKMIP.changes Normal file
View File

@@ -0,0 +1,184 @@
-------------------------------------------------------------------
Tue Mar 25 04:51:22 UTC 2025 - Steve Kowalik <steven.kowalik@suse.com>
- Lowercase metadata directory name.
-------------------------------------------------------------------
Thu Mar 28 03:58:37 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com>
- Clean up Python 2 leftovers.
- Add patch crypto-42.patch:
* Use cryptography.hazmat.primitives.serialization to load private keys.
- Add patch no-ssl-wrap-socket.patch:
* Do not use removed in Python 3.12 function, ssl.wrap_socket.
- Switch to pyproject macros.
-------------------------------------------------------------------
Fri Sep 8 06:13:02 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>
- Add upstream patch fix_test_mac_with_cryptographic_failure.patch
gh#OpenKMIP/PyKMIP#702, this fixes the issue with the
test_mac_with_cryptographic_failure.
-------------------------------------------------------------------
Thu Feb 23 10:44:02 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>
- Disable broken test, test_mac_with_cryptographic_failure,
gh#OpenKMIP/PyKMIP#690
-------------------------------------------------------------------
Thu Jan 26 12:36:34 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>
- Add crypto-39.patch to make it work with python-cryptography >= 39.0.0
gh#OpenKMIP/PyKMIP#689
-------------------------------------------------------------------
Wed May 4 09:55:17 UTC 2022 - pgajdos@suse.com
- do not require python-mock for build
- added patches
fix https://github.com/OpenKMIP/PyKMIP/issues/668
+ python-PyKMIP-no-mock.patch
-------------------------------------------------------------------
Fri Sep 24 22:07:08 UTC 2021 - Matej Cepl <mcepl@suse.com>
- Remove SQL-issues.patch with the patch
fix-tests-SQLAlchemy-140.patch which actually resolves the
problems (gh#OpenKMIP/PyKMIP#656).
-------------------------------------------------------------------
Sat Jun 5 12:12:59 UTC 2021 - Matej Cepl <mcepl@suse.com>
- Add SQL-issues.patch skipping tests failing due to
incompatibilities with the current version of SQLAlchemy
(gh#OpenKMIP/PyKMIP#649).
-------------------------------------------------------------------
Mon Apr 20 10:38:03 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>
- Fix build without python2
-------------------------------------------------------------------
Mon Mar 16 10:39:58 UTC 2020 - Dirk Mueller <dmueller@suse.com>
- update to 0.10.0
* Add server debug logging for message encodings
* Add server Locate filtering for all currently supported attributes
* Add server Locate filtering using offset and maximum item constraints
* Add server cryptography engine support for AES GCM mode
* Add server support for the SplitKey object
* Add client/server support for the ApplicationSpecificInformation attribute
* Add client/server support for the ObjectGroup and Sensitive attributes
* Add client/server support for the DeleteAttribute operation
* Add client/server support for the SetAttribute operation
* Add client/server support for the ModifyAttribute operation
* Add a variety of unit and integration tests to cover all new functionality
* Add new ProxyKmipClient demo scripts to show how to use the new operations
* Add pending deprecation warnings for Python 2.7 and 3.4 due to their EOL
* Update server Locate filtering to return results sorted by creation date
* Update encoding support for SplitKey objects
* Update the Travis CI configuration to better support default Python versions
* Update library and testing dependencies to maintain Python 3.4 support
* Update the library documentation to reflect new features and security details
* Fix a bug with how key pair names are handled by the client for KMIP 2.0
-------------------------------------------------------------------
Thu Jul 25 11:33:13 UTC 2019 - Marketa Calabkova <mcalabkova@suse.com>
- update to 0.9.1
* Add various support for KMIP 2.0
* Add support for Python 3.7
* Add utilities to handle bit mask style enumerations
* Update library logging defaults to log at INFO but still support DEBUG
* Update the PyKMIP clients to support changing their KMIP version
* Update the server TLS handshake handling to avoid thread hanging
* Remove escape sequences to comply with Python 3.6 style deprecations
* See upstream changelog for more
-------------------------------------------------------------------
Sun Jan 6 11:57:50 UTC 2019 - Dirk Mueller <dmueller@suse.com>
- update to 0.8.0:
* Add Sphinx-based client and server library documentation
* Add server support for third-party authentication systems
* Add client support for the Check operation
* Add client support for the Rekey operation
* Add client support for attestation credentials
* Add a functional test suite for server authentication and access control
* Add payloads for the Archive, Cancel, and GetUsageAllocation operations
* Add payloads for the ObtainLease, Poll, and Recover operations
* Update the server to support group-based operation policies
* Update the server to support live loading of operation policy files
* Update the server to support custom backend database file paths
* Update the server to raise PermissionDenied on access control violations
* Update the client to support custom configuration file paths
* Update the ProxyKmipClient to support custom names for the Register operation
* Update the ProxyKmipClient to set cryptographic usage masks for Derived keys
* Update the README to reference the new documentation
* Update the Travis CI configuration to include building the documentation
* Update the Travis CI configuration to run integration and functional tests
* Remove support for Python 3.3
* Fix a denial-of-service bug by setting the server socket timeout
* Fix a ProxyKmipClient bug with generic cryptographic parameter handling
* Fix a ProxyKmipClient bug with cryptographic usage mask processing
-------------------------------------------------------------------
Thu Feb 15 13:05:03 UTC 2018 - tbechtold@suse.com
- update to 0.7.0:
* Add support for Python 3.6
* Add support for the InitialDate attribute
* Add server support for the GetAttributeList operation
* Add server support for the Locate operation
* Add client and server support for the MAC operation
* Add client and server support for the Revoke operation
* Add client and server support for the Encrypt operation
* Add client and server support for the Decrypt operation
* Add client and server support for the DeriveKey operation
* Add client and server support for the Sign operation
* Add client and server support for the SignatureVerify operation
* Add client and server support for retrieving wrapped keys
* Add client and server support for storing wrapped keys
* Add KMIP 1.4 enumerations
* Add server config option enabling certificate extension checks
* Add server config option defining set of usable TLS ciphers
* Add server config option setting the server log level
* Update the server to enforce checking object state and usage masks
* Update server Locate support to allow object name filtering
* Remove support for Python 2.6
* Fix bug with multithreading support with the SQLite backend
* Fix bug with how open() is mocked in the server test suite
* Fix bug with mismapped polymorphic identity for certificate objects
* Fix bug with socket interrupt handling under Python 3.5
* Fix bug with detached instance errors in the server test suite
- Use pytest for testing. That's what upstream does
- Use fdupes
-------------------------------------------------------------------
Fri Aug 25 07:27:27 UTC 2017 - tbechtold@suse.com
- update to 0.6.0:
* Add support for Python 3.5
* Add support for the State and OperationPolicyName attributes
* Add server support for the Activate and GetAttributes operations
* Add server support for certificate-based client authentication
* Add server support for object access control via operation policies
* Add server support for loading of user-defined operation policies
* Add client support for the GetAttributes operation
* Update clients to support operation policy names with objects
* Update ProxyKmipClient to support names when creating new objects
* Remove coveralls integration
* Fix bug with early server termination on missing request credential
* Fix bug with closing the client while unconnected to a server
* Fix bug with default values overriding server config file settings
* Fix bug with early server termination on bad client certificates
* Fix bug with deprecated usage of the bandit config file
* Fix bug with ProxyKmipClient registering unset object attributes
- convert to singlespec
-------------------------------------------------------------------
Tue May 24 12:28:59 UTC 2016 - slunkad@suse.com, johannes.grassler@suse.com
- Initial Packaging (version 0.5.0)

97
python-PyKMIP.spec Normal file
View File

@@ -0,0 +1,97 @@
#
# spec file for package python-PyKMIP
#
# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: python-PyKMIP
Version: 0.10.0
Release: 0
Summary: KMIP v11 library
License: Apache-2.0
URL: https://github.com/OpenKMIP/PyKMIP
Source: https://files.pythonhosted.org/packages/source/P/PyKMIP/PyKMIP-%{version}.tar.gz
# PATCH-FIX-UPSTREAM fix-tests-SQLAlchemy-140.patch gh#OpenKMIP/PyKMIP#656 mcepl@suse.com
# fix tests to work with SQLAlchemy >= 1.4.0
Patch0: fix-tests-SQLAlchemy-140.patch
# https://github.com/OpenKMIP/PyKMIP/issues/668
Patch1: python-PyKMIP-no-mock.patch
# PATCH-FIX-UPSTREAM crypto-39.patch gh#OpenKMIP/PyKMIP#689
Patch2: crypto-39.patch
# PATCH-FIX-UPSTREAM fix_test_mac_with_cryptographic_failure.patch gh#OpenKMIP/PyKMIP#702
Patch3: fix_test_mac_with_cryptographic_failure.patch
# PATCH-FIX-OPENSUSE Use cryptography.hazmat.primitives.serialization for loading private keys.
Patch4: crypto-42.patch
# PATCH-FIX-UPSTREAM Based on gh#OpenKMIP/PyKMIP#707, including some changes suggested
Patch5: no-ssl-wrap-socket.patch
BuildRequires: %{python_module SQLAlchemy}
BuildRequires: %{python_module cryptography}
BuildRequires: %{python_module devel}
BuildRequires: %{python_module pip}
BuildRequires: %{python_module pytest}
BuildRequires: %{python_module requests}
BuildRequires: %{python_module setuptools}
BuildRequires: %{python_module six}
BuildRequires: %{python_module testtools}
BuildRequires: %{python_module wheel}
BuildRequires: fdupes
BuildRequires: python-rpm-macros
Requires: python-SQLAlchemy
Requires: python-cryptography
Requires: python-requests
Requires: python-six
Requires(post): update-alternatives
Requires(postun): update-alternatives
BuildArch: noarch
%python_subpackages
%description
PyKMIP is a Python implementation of the Key Management Interoperability
Protocol (KMIP). KMIP is a client/server communication protocol for the
storage and maintenance of key, certificate, and secret objects. The standard
is governed by the `Organization for the Advancement of Structured Information
Standards`_ (OASIS). PyKMIP supports a subset of features in versions
1.0 - 1.2 of the KMIP specification.
%prep
%autosetup -p1 -n PyKMIP-%{version}
# Not needed, we use Python 3.4+ only
sed -i '/"enum-compat",/d' setup.py
%build
%pyproject_wheel
%install
%pyproject_install
%python_clone -a %{buildroot}%{_bindir}/pykmip-server
%python_expand %fdupes %{buildroot}%{$python_sitelib}
%check
%pytest kmip/tests/unit
%post
%python_install_alternative pykmip-server
%postun
%python_uninstall_alternative pykmip-server
%files %{python_files}
%license LICENSE.txt
%doc README.rst
%{python_sitelib}/kmip
%{python_sitelib}/pykmip-%{version}.dist-info
%python_alternative %{_bindir}/pykmip-server
%changelog