commit python-PyKMIP for openSUSE:Factory

Source-Sync Thu, 26 Jan 2023 06:49:28 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package python-PyKMIP for openSUSE:Factory 
checked in at 2023-01-26 15:05:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-PyKMIP (Old)
 and      /work/SRC/openSUSE:Factory/.python-PyKMIP.new.32243 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "python-PyKMIP"

Thu Jan 26 15:05:53 2023 rev:8 rq:1061203 version:0.10.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-PyKMIP/python-PyKMIP.changes      
2022-05-04 15:11:37.884207497 +0200
+++ /work/SRC/openSUSE:Factory/.python-PyKMIP.new.32243/python-PyKMIP.changes   
2023-01-26 15:06:18.082244488 +0100
@@ -1,0 +2,6 @@
+Thu Jan 26 12:36:34 UTC 2023 - Daniel Garcia <daniel.gar...@suse.com>
+
+- Add crypto-39.patch to make it work with python-cryptography >= 39.0.0
+  gh#OpenKMIP/PyKMIP#689
+
+-------------------------------------------------------------------

New:
----
  crypto-39.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-PyKMIP.spec ++++++
--- /var/tmp/diff_new_pack.aXnDUv/_old  2023-01-26 15:06:18.654247655 +0100
+++ /var/tmp/diff_new_pack.aXnDUv/_new  2023-01-26 15:06:18.658247678 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package python-PyKMIP
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,7 +16,6 @@
 #
 
 
-%{?!python_module:%define python_module() python-%{**} python3-%{**}}
 %bcond_without python2
 Name:           python-PyKMIP
 Version:        0.10.0
@@ -31,6 +30,8 @@
 Patch0:         fix-tests-SQLAlchemy-140.patch
 # https://github.com/OpenKMIP/PyKMIP/issues/668
 Patch1:         python-PyKMIP-no-mock.patch
+# PATCH-FIX-OPENSUSE crypto-39.patch gh#OpenKMIP/PyKMIP#689
+Patch2:         crypto-39.patch
 BuildRequires:  %{python_module SQLAlchemy}
 BuildRequires:  %{python_module cryptography}
 BuildRequires:  %{python_module devel}
@@ -87,7 +88,8 @@
 %files %{python_files}
 %license LICENSE.txt
 %doc README.rst
-%{python_sitelib}/*
+%{python_sitelib}/kmip
+%{python_sitelib}/PyKMIP-%{version}*-info
 %python_alternative %{_bindir}/pykmip-server
 
 %changelog

++++++ crypto-39.patch ++++++
>From 3a50c8484e355e03bea1399f1e72b1c1ef716680 Mon Sep 17 00:00:00 2001
From: Daniel Garcia Moreno <daniel.gar...@suse.com>
Date: Thu, 26 Jan 2023 13:07:54 +0100
Subject: [PATCH] Add cryptography >= 39.0.0 support

The cryptography release 39.0.0 added a new parameter to the serializer
that's required.

https://cryptography.io/en/latest/changelog/#v39-0-0

This patch fixes the tests test_encrypt_decrypt_asymmetric
---
 kmip/services/server/crypto/engine.py | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/kmip/services/server/crypto/engine.py 
b/kmip/services/server/crypto/engine.py
index 838e1b92..e9e8593e 100644
--- a/kmip/services/server/crypto/engine.py
+++ b/kmip/services/server/crypto/engine.py
@@ -16,6 +16,7 @@
 import logging
 import os
 
+import cryptography
 from cryptography import exceptions as errors
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import serialization, hashes, hmac, cmac
@@ -930,17 +931,22 @@ def _decrypt_asymmetric(
                 )
 
             backend = default_backend()
+            params = {}
+            if cryptography.__version__ >= "39.0.0":
+                params["unsafe_skip_rsa_key_validation"] = False
 
             try:
                 private_key = backend.load_der_private_key(
                     decryption_key,
-                    None
+                    None,
+                    **params,
                 )
             except Exception:
                 try:
                     private_key = backend.load_pem_private_key(
                         decryption_key,
-                        None
+                        None,
+                        **params,
                     )
                 except Exception:
                     raise exceptions.CryptographicFailure(
@@ -1279,18 +1285,24 @@ def _create_RSA_private_key(self,
                 RSA private key created from key bytes.
         """
 
+        params = {}
+        if cryptography.__version__ >= "39.0.0":
+            params["unsafe_skip_rsa_key_validation"] = False
+
         try:
             private_key = serialization.load_pem_private_key(
                 bytes,
                 password=None,
-                backend=default_backend()
+                backend=default_backend(),
+                **params,
             )
             return private_key
         except Exception:
             private_key = serialization.load_der_private_key(
                 bytes,
                 password=None,
-                backend=default_backend()
+                backend=default_backend(),
+                **params,
             )
             return private_key

commit python-PyKMIP for openSUSE:Factory

Reply via email to