Compare commits

...

No commits in common. 'c9' and 'c10-beta' have entirely different histories.
c9 ... c10-beta

4
.gitignore vendored

@ -1,2 +1,2 @@
SOURCES/cryptography-36.0.1-vendor.tar.bz2
SOURCES/cryptography-36.0.1.tar.gz
SOURCES/cryptography-43.0.0-vendor.tar.bz2
SOURCES/cryptography-43.0.0.tar.gz

@ -1,2 +1,2 @@
83753a12e56c7d0b56f247da937db941623ad97d SOURCES/cryptography-36.0.1-vendor.tar.bz2
4fa9ddd61d6c962ccc36f1db98af498d5f239d06 SOURCES/cryptography-36.0.1.tar.gz
1eaf347f21443a09de0ab8e6814d1967d1cb03a9 SOURCES/cryptography-43.0.0-vendor.tar.bz2
103056cfb4f5c4a4265a6b6a954d4ba9eabf9bf1 SOURCES/cryptography-43.0.0.tar.gz

@ -1,71 +0,0 @@
From d250d169e87168903a543248d0bfd6c37f2f6841 Mon Sep 17 00:00:00 2001
From: Christian Heimes <christian@python.org>
Date: Tue, 22 Feb 2022 00:37:32 +0200
Subject: [PATCH 1/5] Block TripleDES in FIPS mode (#6879)
* Block TripleDES in FIPS mode
NIST SP-800-131A rev 2 lists TripleDES Encryption as disallowed in FIPS 140-3
decryption as legacy use. Three-key TDEA is listed as deprecated
throughout 2023 and disallowed after 2023.
For simplicity we block all use of TripleDES in FIPS mode.
Fixes: #6875
Signed-off-by: Christian Heimes <christian@python.org>
* Fix flake
---
src/cryptography/hazmat/backends/openssl/backend.py | 13 ++++++-------
tests/hazmat/primitives/utils.py | 4 ++++
2 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 736452392..f38269e26 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -134,7 +134,9 @@ class Backend(BackendInterface):
b"aes-192-gcm",
b"aes-256-gcm",
}
- _fips_ciphers = (AES, TripleDES)
+ # TripleDES encryption is disallowed/deprecated throughout 2023 in
+ # FIPS 140-3. To keep it simple we denylist any use of TripleDES (TDEA).
+ _fips_ciphers = (AES,)
# Sometimes SHA1 is still permissible. That logic is contained
# within the various *_supported methods.
_fips_hashes = (
@@ -323,12 +325,9 @@ class Backend(BackendInterface):
def cipher_supported(self, cipher, mode):
if self._fips_enabled:
- # FIPS mode requires AES or TripleDES, but only CBC/ECB allowed
- # in TripleDES mode.
- if not isinstance(cipher, self._fips_ciphers) or (
- isinstance(cipher, TripleDES)
- and not isinstance(mode, (CBC, ECB))
- ):
+ # FIPS mode requires AES. TripleDES is disallowed/deprecated in
+ # FIPS 140-3.
+ if not isinstance(cipher, self._fips_ciphers):
return False
try:
diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py
index 93f117828..a367343ca 100644
--- a/tests/hazmat/primitives/utils.py
+++ b/tests/hazmat/primitives/utils.py
@@ -469,6 +469,10 @@ def _kbkdf_cmac_counter_mode_test(backend, prf, ctr_loc, params):
algorithm = supported_cipher_algorithms.get(prf)
assert algorithm is not None
+ # TripleDES is disallowed in FIPS mode.
+ if backend._fips_enabled and algorithm is algorithms.TripleDES:
+ pytest.skip("TripleDES is not supported in FIPS mode.")
+
ctrkdf = KBKDFCMAC(
algorithm,
Mode.CounterMode,
--
2.35.1

@ -1,319 +0,0 @@
From ff80e3a27408657fef599f44ae1a9a875e005685 Mon Sep 17 00:00:00 2001
From: Christian Heimes <christian@python.org>
Date: Wed, 2 Mar 2022 21:47:04 +0200
Subject: [PATCH 2/5] Disable DSA tests in FIPS mode (#6916)
* Disable DSA tests in FIPS mode
See: #6880
* ignore coverage for nested FIPS check
* Remove if branch
* Remove skip modulus branch
* Keep tests that don't use the backend
---
.../hazmat/backends/openssl/backend.py | 7 ++-
tests/hazmat/primitives/test_dsa.py | 46 +++++++++++--------
tests/hazmat/primitives/test_serialization.py | 24 ++++++++++
tests/x509/test_x509.py | 43 ++++++++++++++---
tests/x509/test_x509_ext.py | 4 ++
5 files changed, 98 insertions(+), 26 deletions(-)
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index f38269e26..a6d0e8872 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -804,7 +804,12 @@ class Backend(BackendInterface):
self.openssl_assert(res == 1)
return evp_pkey
- def dsa_hash_supported(self, algorithm):
+ def dsa_supported(self) -> bool:
+ return not self._fips_enabled
+
+ def dsa_hash_supported(self, algorithm: hashes.HashAlgorithm) -> bool:
+ if not self.dsa_supported():
+ return False
return self.hash_supported(algorithm)
def dsa_parameters_supported(self, p, q, g):
diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py
index 6028b600d..60681683d 100644
--- a/tests/hazmat/primitives/test_dsa.py
+++ b/tests/hazmat/primitives/test_dsa.py
@@ -59,7 +59,12 @@ def test_skip_if_dsa_not_supported(backend):
_skip_if_dsa_not_supported(backend, DummyHashAlgorithm(), 1, 1, 1)
-class TestDSA(object):
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+)
+class TestDSA:
def test_generate_dsa_parameters(self, backend):
parameters = dsa.generate_parameters(2048, backend)
assert isinstance(parameters, dsa.DSAParameters)
@@ -76,11 +81,6 @@ class TestDSA(object):
),
)
def test_generate_dsa_keys(self, vector, backend):
- if (
- backend._fips_enabled
- and vector["p"] < backend._fips_dsa_min_modulus
- ):
- pytest.skip("Small modulus blocked in FIPS mode")
parameters = dsa.DSAParameterNumbers(
p=vector["p"], q=vector["q"], g=vector["g"]
).parameters(backend)
@@ -389,7 +389,12 @@ class TestDSA(object):
).private_key(backend)
-class TestDSAVerification(object):
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+)
+class TestDSAVerification:
def test_dsa_verification(self, backend, subtests):
vectors = load_vectors_from_file(
os.path.join("asymmetric", "DSA", "FIPS_186-3", "SigVer.rsp"),
@@ -481,17 +486,12 @@ class TestDSAVerification(object):
Prehashed(hashes.SHA1()) # type: ignore[arg-type]
)
- def test_prehashed_unsupported_in_verifier_ctx(self, backend):
- public_key = DSA_KEY_1024.private_key(backend).public_key()
- with pytest.raises(TypeError), pytest.warns(
- CryptographyDeprecationWarning
- ):
- public_key.verifier(
- b"0" * 64, Prehashed(hashes.SHA1()) # type: ignore[arg-type]
- )
-
-class TestDSASignature(object):
+@pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+)
+class TestDSASignature:
def test_dsa_signing(self, backend, subtests):
vectors = load_vectors_from_file(
os.path.join("asymmetric", "DSA", "FIPS_186-3", "SigGen.txt"),
@@ -695,7 +695,11 @@ class TestDSANumberEquality(object):
assert priv != object()
-class TestDSASerialization(object):
+@pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+)
+class TestDSASerialization:
@pytest.mark.parametrize(
("fmt", "password"),
itertools.product(
@@ -916,7 +920,11 @@ class TestDSASerialization(object):
)
-class TestDSAPEMPublicKeySerialization(object):
+@pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+)
+class TestDSAPEMPublicKeySerialization:
@pytest.mark.parametrize(
("key_path", "loader_func", "encoding"),
[
diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py
index fb6b753de..5a2b9fba5 100644
--- a/tests/hazmat/primitives/test_serialization.py
+++ b/tests/hazmat/primitives/test_serialization.py
@@ -141,6 +141,10 @@ class TestDERSerialization(object):
assert isinstance(key, rsa.RSAPrivateKey)
_check_rsa_private_numbers(key.private_numbers())
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+ )
@pytest.mark.parametrize(
("key_path", "password"),
[
@@ -341,6 +345,10 @@ class TestDERSerialization(object):
with pytest.raises(ValueError):
load_der_public_key(b"invalid data", backend)
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+ )
@pytest.mark.parametrize(
"key_file",
[
@@ -422,6 +430,10 @@ class TestPEMSerialization(object):
assert isinstance(key, rsa.RSAPrivateKey)
_check_rsa_private_numbers(key.private_numbers())
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+ )
@pytest.mark.parametrize(
("key_path", "password"),
[
@@ -490,6 +502,10 @@ class TestPEMSerialization(object):
numbers = key.public_numbers()
assert numbers.e == 65537
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+ )
@pytest.mark.parametrize(
("key_file"),
[
@@ -894,6 +910,10 @@ class TestPEMSerialization(object):
16,
)
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+ )
def test_load_pem_dsa_private_key(self, backend):
key = load_vectors_from_file(
os.path.join("asymmetric", "PKCS8", "unenc-dsa-pkcs8.pem"),
@@ -2313,6 +2333,10 @@ class TestOpenSSHSerialization(object):
DummyKeySerializationEncryption(),
)
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+ )
@pytest.mark.parametrize(
("key_path", "supported"),
[
diff --git a/tests/x509/test_x509.py b/tests/x509/test_x509.py
index 23e97a768..7a7a52977 100644
--- a/tests/x509/test_x509.py
+++ b/tests/x509/test_x509.py
@@ -2561,7 +2561,21 @@ class TestCertificateBuilder(object):
only_if=lambda backend: backend.hash_supported(hashes.MD5()),
skip_message="Requires OpenSSL with MD5 support",
)
- def test_sign_dsa_with_md5(self, backend):
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+ )
+ @pytest.mark.parametrize(
+ "hash_algorithm",
+ [
+ hashes.MD5(),
+ hashes.SHA3_224(),
+ hashes.SHA3_256(),
+ hashes.SHA3_384(),
+ hashes.SHA3_512(),
+ ],
+ )
+ def test_sign_dsa_with_unsupported_hash(self, hash_algorithm, backend):
private_key = DSA_KEY_2048.private_key(backend)
builder = x509.CertificateBuilder()
builder = (
@@ -2602,6 +2616,10 @@ class TestCertificateBuilder(object):
with pytest.raises(ValueError):
builder.sign(private_key, hashes.MD5(), backend)
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+ )
@pytest.mark.parametrize(
("hashalg", "hashalg_oid"),
[
@@ -2615,9 +2633,6 @@ class TestCertificateBuilder(object):
def test_build_cert_with_dsa_private_key(
self, hashalg, hashalg_oid, backend
):
- if backend._fips_enabled and hashalg is hashes.SHA1:
- pytest.skip("SHA1 not supported in FIPS mode")
-
issuer_private_key = DSA_KEY_2048.private_key(backend)
subject_private_key = DSA_KEY_2048.private_key(backend)
@@ -3646,6 +3661,10 @@ class TestCertificateSigningRequestBuilder(object):
only_if=lambda backend: backend.hash_supported(hashes.MD5()),
skip_message="Requires OpenSSL with MD5 support",
)
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+ )
def test_sign_dsa_with_md5(self, backend):
private_key = DSA_KEY_2048.private_key(backend)
builder = x509.CertificateSigningRequestBuilder().subject_name(
@@ -3969,6 +3988,10 @@ class TestCertificateSigningRequestBuilder(object):
assert basic_constraints.value.ca is True
assert basic_constraints.value.path_length == 2
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+ )
def test_build_ca_request_with_dsa(self, backend):
private_key = DSA_KEY_2048.private_key(backend)
@@ -4319,7 +4342,11 @@ class TestCertificateSigningRequestBuilder(object):
builder.sign(private_key, hashes.SHA512(), backend)
-class TestDSACertificate(object):
+@pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+)
+class TestDSACertificate:
def test_load_dsa_cert(self, backend):
cert = _load_cert(
os.path.join("x509", "custom", "dsa_selfsigned_ca.pem"),
@@ -4444,7 +4471,11 @@ class TestDSACertificate(object):
)
-class TestDSACertificateRequest(object):
+@pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+)
+class TestDSACertificateRequest:
@pytest.mark.parametrize(
("path", "loader_func"),
[
diff --git a/tests/x509/test_x509_ext.py b/tests/x509/test_x509_ext.py
index 4173dece6..66ac43d95 100644
--- a/tests/x509/test_x509_ext.py
+++ b/tests/x509/test_x509_ext.py
@@ -1712,6 +1712,10 @@ class TestSubjectKeyIdentifierExtension(object):
ski = x509.SubjectKeyIdentifier.from_public_key(cert.public_key())
assert ext.value == ski
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.dsa_supported(),
+ skip_message="Does not support DSA.",
+ )
def test_from_dsa_public_key(self, backend):
cert = _load_cert(
os.path.join("x509", "custom", "dsa_selfsigned_ca.pem"),
--
2.35.1

@ -1,26 +0,0 @@
From 20bafea414bcc08bfcb5b669ecbf9a3438ff7b78 Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Thu, 3 Mar 2022 15:44:02 -0500
Subject: [PATCH 3/5] fixes #6927 -- handle negative return values from openssl
(#6928)
---
src/cryptography/hazmat/backends/openssl/rsa.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/cryptography/hazmat/backends/openssl/rsa.py b/src/cryptography/hazmat/backends/openssl/rsa.py
index 9bef49d24..dd5d4990b 100644
--- a/src/cryptography/hazmat/backends/openssl/rsa.py
+++ b/src/cryptography/hazmat/backends/openssl/rsa.py
@@ -208,7 +208,7 @@ def _rsa_sig_setup(backend, padding, algorithm, key, init_func):
if algorithm is not None:
evp_md = backend._evp_md_non_null_from_algorithm(algorithm)
res = backend._lib.EVP_PKEY_CTX_set_signature_md(pkey_ctx, evp_md)
- if res == 0:
+ if res <= 0:
backend._consume_errors()
raise UnsupportedAlgorithm(
"{} is not supported by this backend for RSA signing.".format(
--
2.35.1

@ -1,24 +0,0 @@
From 820d9527070ad2c7724dcecf1a35dbac7d68621d Mon Sep 17 00:00:00 2001
From: Christian Heimes <christian@python.org>
Date: Tue, 1 Mar 2022 16:22:51 +0100
Subject: [PATCH 4/5] Disable test_openssl_assert_error_on_stack in FIPS mode
---
tests/hazmat/bindings/test_openssl.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py
index 129928ac0..9839aec4d 100644
--- a/tests/hazmat/bindings/test_openssl.py
+++ b/tests/hazmat/bindings/test_openssl.py
@@ -84,6 +84,7 @@ class TestOpenSSL(object):
with pytest.raises(AttributeError):
b.lib.TLS_ST_OK
+ @pytest.mark.skip_fips(reason="FIPS maps to different error codes")
def test_openssl_assert_error_on_stack(self):
b = Binding()
b.lib.ERR_put_error(
--
2.35.1

@ -1,67 +0,0 @@
From 89af85f9d4fc2ef3e89ad1b2a58c751f00f54a4f Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Thu, 3 Mar 2022 16:24:21 -0500
Subject: [PATCH 5/5] Fixed serialization of keyusage ext with no bits (#6930)
fixes #6926
---
src/rust/src/x509/extensions.rs | 17 +++++++++++------
tests/x509/test_x509_ext.py | 14 ++++++++++++++
2 files changed, 25 insertions(+), 6 deletions(-)
diff --git a/src/rust/src/x509/extensions.rs b/src/rust/src/x509/extensions.rs
index 606566dd9..68b9839a0 100644
--- a/src/rust/src/x509/extensions.rs
+++ b/src/rust/src/x509/extensions.rs
@@ -135,12 +135,17 @@ pub(crate) fn encode_extension(
certificate::set_bit(&mut bs, 7, ext.getattr("encipher_only")?.is_true()?);
certificate::set_bit(&mut bs, 8, ext.getattr("decipher_only")?.is_true()?);
}
- let bits = if bs[1] == 0 { &bs[..1] } else { &bs[..] };
- let unused_bits = bits.last().unwrap().trailing_zeros() as u8;
- Ok(Some(asn1::write_single(&asn1::BitString::new(
- bits,
- unused_bits,
- ))))
+ let (bits, unused_bits) = if bs[1] == 0 {
+ if bs[0] == 0 {
+ (&[][..], 0)
+ } else {
+ (&bs[..1], bs[0].trailing_zeros() as u8)
+ }
+ } else {
+ (&bs[..], bs[1].trailing_zeros() as u8)
+ };
+ let v = asn1::BitString::new(bits, unused_bits).unwrap();
+ Ok(Some(asn1::write_single(&v)))
} else if oid == &*oid::AUTHORITY_INFORMATION_ACCESS_OID
|| oid == &*oid::SUBJECT_INFORMATION_ACCESS_OID
{
diff --git a/tests/x509/test_x509_ext.py b/tests/x509/test_x509_ext.py
index 66ac43d95..2bbba8ec6 100644
--- a/tests/x509/test_x509_ext.py
+++ b/tests/x509/test_x509_ext.py
@@ -1137,6 +1137,20 @@ class TestKeyUsage(object):
),
b"\x03\x02\x02\x94",
),
+ (
+ x509.KeyUsage(
+ digital_signature=False,
+ content_commitment=False,
+ key_encipherment=False,
+ data_encipherment=False,
+ key_agreement=False,
+ key_cert_sign=False,
+ crl_sign=False,
+ encipher_only=False,
+ decipher_only=False,
+ ),
+ b"\x03\x01\x00",
+ ),
],
)
def test_public_bytes(self, ext, serialized):
--
2.35.1

@ -1,42 +0,0 @@
From 94a50a9731f35405f0357fa5f3b177d46a726ab3 Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Tue, 31 Jan 2023 08:33:54 -0500
Subject: [PATCH] Don't allow update_into to mutate immutable objects
---
src/cryptography/hazmat/backends/openssl/ciphers.py | 2 +-
tests/hazmat/primitives/test_ciphers.py | 8 ++++++++
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/cryptography/hazmat/backends/openssl/ciphers.py b/src/cryptography/hazmat/backends/openssl/ciphers.py
index 286583f9325..075d68fb905 100644
--- a/src/cryptography/hazmat/backends/openssl/ciphers.py
+++ b/src/cryptography/hazmat/backends/openssl/ciphers.py
@@ -156,7 +156,7 @@ def update_into(self, data: bytes, buf: bytes) -> int:
data_processed = 0
total_out = 0
outlen = self._backend._ffi.new("int *")
- baseoutbuf = self._backend._ffi.from_buffer(buf)
+ baseoutbuf = self._backend._ffi.from_buffer(buf, require_writable=True)
baseinbuf = self._backend._ffi.from_buffer(data)
while data_processed != total_data_len:
diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py
index 02127dd9cab..bf3b047dec2 100644
--- a/tests/hazmat/primitives/test_ciphers.py
+++ b/tests/hazmat/primitives/test_ciphers.py
@@ -318,6 +318,14 @@ def test_update_into_buffer_too_small(self, backend):
with pytest.raises(ValueError):
encryptor.update_into(b"testing", buf)
+ def test_update_into_immutable(self, backend):
+ key = b"\x00" * 16
+ c = ciphers.Cipher(AES(key), modes.ECB(), backend)
+ encryptor = c.encryptor()
+ buf = b"\x00" * 32
+ with pytest.raises((TypeError, BufferError)):
+ encryptor.update_into(b"testing", buf)
+
@pytest.mark.supported(
only_if=lambda backend: backend.cipher_supported(
AES(b"\x00" * 16), modes.GCM(b"\x00" * 12)

@ -1,83 +0,0 @@
From ca92d13436944090faa79ffc25378c45ec564a4d Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Wed, 14 Dec 2022 01:50:06 -0500
Subject: [PATCH] Adapt for OpenSSL RSA bleichenbacher mitigation (#7895)
Attempt to work-around wycheproof tests
---
src/_cffi_src/openssl/rsa.py | 8 ++++++++
tests/hazmat/primitives/test_rsa.py | 5 +++--
tests/wycheproof/test_rsa.py | 20 +++++++++++++++-----
3 files changed, 26 insertions(+), 7 deletions(-)
diff --git a/src/_cffi_src/openssl/rsa.py b/src/_cffi_src/openssl/rsa.py
index 5d1e163b1..2682ea1e4 100644
--- a/src/_cffi_src/openssl/rsa.py
+++ b/src/_cffi_src/openssl/rsa.py
@@ -18,6 +18,8 @@ static const int RSA_F4;
static const int Cryptography_HAS_RSA_OAEP_MD;
static const int Cryptography_HAS_RSA_OAEP_LABEL;
+
+static const int Cryptography_HAS_IMPLICIT_RSA_REJECTION;
"""
FUNCTIONS = """
@@ -57,4 +59,10 @@ int (*EVP_PKEY_CTX_set_rsa_oaep_md)(EVP_PKEY_CTX *, EVP_MD *) = NULL;
int (*EVP_PKEY_CTX_set0_rsa_oaep_label)(EVP_PKEY_CTX *, unsigned char *,
int) = NULL;
#endif
+
+#if defined(EVP_PKEY_CTRL_RSA_IMPLICIT_REJECTION)
+static const int Cryptography_HAS_IMPLICIT_RSA_REJECTION = 1;
+#else
+static const int Cryptography_HAS_IMPLICIT_RSA_REJECTION = 0;
+#endif
"""
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 4fb205db4..0315489dc 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -1551,8 +1551,9 @@ class TestRSADecryption(object):
private_key.decrypt(b"0" * 256, DummyAsymmetricPadding())
@pytest.mark.supported(
- only_if=lambda backend: backend.rsa_padding_supported(
- padding.PKCS1v15()
+ only_if=lambda backend: (
+ backend.rsa_padding_supported(padding.PKCS1v15())
+ and not backend._lib.Cryptography_HAS_IMPLICIT_RSA_REJECTION
),
skip_message="Does not support PKCS1v1.5.",
)
diff --git a/tests/wycheproof/test_rsa.py b/tests/wycheproof/test_rsa.py
index 79fd682b7..e6bd8af8a 100644
--- a/tests/wycheproof/test_rsa.py
+++ b/tests/wycheproof/test_rsa.py
@@ -245,8 +245,18 @@ def test_rsa_pkcs1_encryption(backend, wycheproof):
)
assert pt == binascii.unhexlify(wycheproof.testcase["msg"])
else:
- with pytest.raises(ValueError):
- key.decrypt(
- binascii.unhexlify(wycheproof.testcase["ct"]),
- padding.PKCS1v15(),
- )
+ if backend._lib.Cryptography_HAS_IMPLICIT_RSA_REJECTION:
+ try:
+ assert key.decrypt(
+ binascii.unhexlify(wycheproof.testcase["ct"]),
+ padding.PKCS1v15(),
+ ) != binascii.unhexlify(wycheproof.testcase["ct"])
+ except ValueError:
+ # Some raise ValueError due to length mismatch.
+ pass
+ else:
+ with pytest.raises(ValueError):
+ key.decrypt(
+ binascii.unhexlify(wycheproof.testcase["ct"]),
+ padding.PKCS1v15(),
+ )
--
2.40.1

@ -0,0 +1,36 @@
From 7a1927b07343ee0e873017c3f5d58c56ea9e9ab1 Mon Sep 17 00:00:00 2001
From: Christian Heimes <christian@python.org>
Date: Mon, 22 Jul 2024 09:09:05 +0200
Subject: [PATCH] Don't include engine.h when OPENSSL_NO_ENGINE is defined
Fedora 41 and RHEL 10 are deprecating and phasing out OpenSSL ENGINE
support. Downstream has moved `openssl/engine.h` into a separate RPM
package and is recompiling packages with `-DOPENSSL_NO_ENGINE=1`. The
compiler flag disables PyCA cryptography's ENGINE support successfully.
We also like to build the downstream package without the `engine.h`
header file present.
This commit makes the include conditional. The `ENGINE` type is
defined in `openssl/types.h`.
See: https://src.fedoraproject.org/rpms/openssl/c/e67e9d9c40cd2cb9547e539c658e2b63f2736762?branch=rawhide
See: https://issues.redhat.com/browse/RHEL-33747
Signed-off-by: Christian Heimes <christian@python.org>
---
src/_cffi_src/openssl/engine.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/_cffi_src/openssl/engine.py b/src/_cffi_src/openssl/engine.py
index 9629a2c8f929..f47e20327003 100644
--- a/src/_cffi_src/openssl/engine.py
+++ b/src/_cffi_src/openssl/engine.py
@@ -5,7 +5,9 @@
from __future__ import annotations
INCLUDES = """
+#if !defined(OPENSSL_NO_ENGINE) || CRYPTOGRAPHY_IS_LIBRESSL
#include <openssl/engine.h>
+#endif
"""
TYPES = """

@ -1,30 +1,35 @@
## START: Set by rpmautospec
## (rpmautospec version 0.6.5)
## RPMAUTOSPEC: autorelease, autochangelog
%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
release_number = 2;
base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
print(release_number + base_release_number - 1);
}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
## END: Set by rpmautospec
%bcond_without tests
%{!?python3_pkgversion:%global python3_pkgversion 3}
%global srcname cryptography
%global pyo3_version 0.13.1
Name: python-%{srcname}
Version: 36.0.1
Release: 4%{?dist}
Version: 43.0.0
Release: %autorelease
Summary: PyCA's cryptography library
License: ASL 2.0 or BSD
# cryptography is dual licensed under the Apache-2.0 and BSD-3-Clause,
# as well as the Python Software Foundation license for the OS random
# engine derived by CPython.
License: (Apache-2.0 OR BSD-3-Clause) AND PSF-2.0
URL: https://cryptography.io/en/latest/
Source0: https://github.com/pyca/cryptography/archive/%{version}/%{srcname}-%{version}.tar.gz
# created by ./vendor_rust.py helper script
Source1: cryptography-%{version}-vendor.tar.bz2
Source2: conftest-skipper.py
Patch1: 0001-Block-TripleDES-in-FIPS-mode-6879.patch
Patch2: 0002-Disable-DSA-tests-in-FIPS-mode-6916.patch
Patch3: 0003-fixes-6927-handle-negative-return-values-from-openss.patch
Patch4: 0004-Disable-test_openssl_assert_error_on_stack-in-FIPS-m.patch
Patch5: 0005-Fixed-serialization-of-keyusage-ext-with-no-bits-693.patch
# https://github.com/pyca/cryptography/pull/8230
Patch6: 0006-CVE-2023-23931.patch
Patch7: 0007-Adapt-for-OpenSSL-RSA-bleichenbacher-mitigation-7895.patch
Patch: 11328.patch
ExclusiveArch: %{rust_arches}
@ -37,23 +42,23 @@ BuildRequires: rust-packaging
BuildRequires: rust-toolset
%endif
BuildRequires: python%{python3_pkgversion}-cffi >= 1.7
BuildRequires: python%{python3_pkgversion}-cffi >= 1.12
BuildRequires: python%{python3_pkgversion}-devel
BuildRequires: python%{python3_pkgversion}-setuptools
BuildRequires: python%{python3_pkgversion}-setuptools-rust >= 0.11.3
BuildRequires: python%{python3_pkgversion}-six >= 1.4.1
BuildRequires: python%{python3_pkgversion}-setuptools-rust >= 0.11.4
%if %{with tests}
%if 0%{?fedora}
BuildRequires: python%{python3_pkgversion}-certifi
BuildRequires: python%{python3_pkgversion}-hypothesis >= 1.11.4
BuildRequires: python%{python3_pkgversion}-iso8601
BuildRequires: python%{python3_pkgversion}-pretend
BuildRequires: python%{python3_pkgversion}-pytest-benchmark
BuildRequires: python%{python3_pkgversion}-pytest-xdist
%endif
BuildRequires: python%{python3_pkgversion}-pytest >= 6.0
BuildRequires: python%{python3_pkgversion}-pytest-subtests >= 0.3.2
BuildRequires: python%{python3_pkgversion}-pytz
%endif
BuildRequires: python%{python3_pkgversion}-pytest >= 6.2.0
%endif
%description
cryptography is a package designed to expose cryptographic primitives and
@ -64,8 +69,6 @@ Summary: PyCA's cryptography library
%{?python_provide:%python_provide python%{python3_pkgversion}-%{srcname}}
Requires: openssl-libs
Requires: python%{python3_pkgversion}-six >= 1.4.1
Requires: python%{python3_pkgversion}-cffi >= 1.7
%if 0%{?fedora} >= 35 || 0%{?rhel} >= 9
# Can be safely removed in Fedora 37
Obsoletes: python%{python3_pkgversion}-cryptography-vectors < 3.4.7
@ -77,35 +80,50 @@ recipes to Python developers.
%prep
%autosetup -p1 -n %{srcname}-%{version}
%if 0%{?fedora}
%cargo_prep
sed -i 's/locked = true//g' pyproject.toml
rm src/rust/Cargo.lock
%else
# RHEL: use vendored Rust crates
%cargo_prep -V 1
%endif
%if ! 0%{?fedora}
sed -i 's,--benchmark-disable,,' pyproject.toml
%endif
%generate_buildrequires
%generate_buildrequires
%pyproject_buildrequires
%if 0%{?fedora}
# Fedora: use cargo macros to make use of RPMified crates
%cargo_prep
# Fedora: use RPMified crates
cd src/rust
rm -f Cargo.lock
%cargo_generate_buildrequires
cd ../..
%else
# RHEL: use vendored Rust crates
%cargo_prep -V 1
%endif
%build
%py3_build
export RUSTFLAGS="%build_rustflags"
export OPENSSL_NO_VENDOR=1
export CFLAGS="${CFLAGS} -DOPENSSL_NO_ENGINE=1 "
%pyproject_wheel
%install
# Actually other *.c and *.h are appropriate
# see https://github.com/pyca/cryptography/issues/1463
find . -name .keep -print -delete
%py3_install
%pyproject_install
%pyproject_save_files %{srcname}
%check
%if %{with tests}
%if 0%{?rhel}
# skip hypothesis tests on RHEL
rm -rf tests/hypothesis
# skip benchmark, hypothesis, and pytz tests on RHEL
rm -rf tests/bench tests/hypothesis tests/x509
# append skipper to skip iso8601 and pretend tests
cat < %{SOURCE2} >> tests/conftest.py
%endif
@ -114,77 +132,145 @@ cat < %{SOURCE2} >> tests/conftest.py
# also see https://github.com/pyca/cryptography/pull/6931 and rhbz#2060343
export OPENSSL_ENABLE_SHA1_SIGNATURES=yes
# see rhbz#2042413 for memleak. It's unstable with openssl 3.0.1 and makes
# see https://github.com/pyca/cryptography/issues/4885 and
# see https://bugzilla.redhat.com/show_bug.cgi?id=1761194 for deselected tests
# see rhbz#2042413 for memleak. It's unstable under Python 3.11 and makes
# not much sense for downstream testing.
# see rhbz#2171661 for test_load_invalid_ec_key_from_pem: error:030000CD:digital envelope routines::keymgmt export failure
PYTHONPATH=${PWD}/vectors:%{buildroot}%{python3_sitearch} \
%{__python3} -m pytest \
-k "not (test_openssl_memleak or test_load_ecdsa_no_named_curve)"
--ignore vendor \
-k "not (test_buffer_protocol_alternate_modes or test_dh_parameters_supported or test_load_ecdsa_no_named_curve or test_decrypt_invalid_decrypt or test_openssl_memleak or test_load_invalid_ec_key_from_pem)"
%endif
%files -n python%{python3_pkgversion}-%{srcname}
%files -n python%{python3_pkgversion}-%{srcname} -f %{pyproject_files}
%doc README.rst docs
%license LICENSE LICENSE.APACHE LICENSE.BSD
%{python3_sitearch}/%{srcname}
%{python3_sitearch}/%{srcname}-%{version}-py*.egg-info
%changelog
* Mon May 15 2023 Christian Heimes <cheimes@redhat.com> - 36.0.1-4
- Fix FTBFS caused by rsa_pkcs1_implicit_rejection OpenSSL feature, resolves rhbz#2203840
* Wed Feb 22 2023 Christian Heimes <cheimes@redhat.com> - 36.0.1-3
- Fix CVE-2023-23931: Don't allow update_into to mutate immutable objects, resolves rhbz#2172399
- Fix FTBFS due to failing test_load_invalid_ec_key_from_pem and test_decrypt_invalid_decrypt
* Tue Apr 19 2022 Christian Heimes <cheimes@redhat.com> - 36.0.1-2
- Rebuild for gating, related: rhbz#2060787
* Fri Mar 04 2022 Christian Heimes <cheimes@redhat.com> - 36.0.1-6
- Rebase to 36.0.1, related: rhbz#2059630, rhbz#2060787
- OpenSSL 3.0 FIPS mode is now detected correctly, related: rhbz#2054785
- Fix error check from EVP_PKEY_CTX_set_signature_md, related: rhbz#2060343
- Block 3DES in FIPS mode, related: rhbz#2055209
- Disable DSA tests in FIPS mode
- Enable SHA1 signatures in test suite
- Fix serialization of keyusage ext with no bits
- Re-enable tests that are passing again
* Tue Feb 08 2022 Tomas Orsava <torsava@redhat.com> - 3.4.7-8
- Skip unstable memleak tests, backported from Fedora (BZ#2042413)
- Related: rhbz#1990421
* Tue Feb 08 2022 Tomas Orsava <torsava@redhat.com> - 3.4.7-7
- Add automatically generated Obsoletes tag with the python39- prefix
for smoother upgrade from RHEL8
- Related: rhbz#1990421
* Tue Jan 18 2022 Christian Heimes <cheimes@redhat.com> - 3.4.7-6
- Fix gating issues, resolves: rhbz#2039768
- Fix poly1305 test, resolves: rhbz#2043582
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 3.4.7-5
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Sun Aug 08 2021 Christian Heimes <cheimes@redhat.com> - 3.4.7-4
- Remove bindings to ERR_GET_FUNC, which has been removed in 3.0.0-beta2
- Resolves: rhbz#1953446
* Tue Jun 15 2021 Mohan Boddu <mboddu@redhat.com> - 3.4.7-3
- Rebuilt for RHEL 9 BETA for openssl 3.0
- Related: rhbz#1971065
* Mon Apr 26 2021 Christian Heimes <cheimes@redhat.com> - 3.4.7-2
- Add backports of OpenSSL 3.0.0 fixes (upstream PR #6000)
- Resolves: rhbz#1953446
## START: Generated by rpmautospec
* Thu Aug 22 2024 Francisco Trivino <ftrivino@redhat.com> - 43.0.0-2
- sti: add rust-toolset system dependency
* Tue Jul 02 2024 Jeremy Cline <jeremycline@linux.microsoft.com> - 42.0.8-1
- Update to 42.0.8, fixes rhbz#2251816
* Sat Jun 08 2024 Python Maint <python-maint@redhat.com> - 41.0.7-3
- Rebuilt for Python 3.13
* Fri Jun 07 2024 Python Maint <python-maint@redhat.com> - 41.0.7-2
- Bootstrap for Python 3.13
* Thu Feb 01 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 41.0.7-1
- Update to 41.0.7, fixes rhbz#2255351, CVE-2023-49083
* Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 41.0.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 41.0.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Dec 01 2023 Fabio Valentini <decathorpe@gmail.com> - 41.0.5-2
- Rebuild for openssl crate >= v0.10.60 (RUSTSEC-2023-0044, RUSTSEC-2023-0072)
* Thu Oct 26 2023 Christian Heimes <cheimes@redhat.com> - 41.0.5-1
- Update to 41.0.5, resolves RHBZ#2239707
* Mon Aug 14 2023 Christian Heimes <cheimes@redhat.com> - 41.0.3-2
- Build with ouroboros 0.17, fixes rhbz#2214228 / RUSTSEC-2023-0042
* Wed Aug 09 2023 Christian Heimes <cheimes@redhat.com> - 41.0.3-1
- Update to 41.0.3, resolves rhbz#2211237
- Use pyo3 0.19
* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 40.0.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Mon Jul 10 2023 Python Maint <python-maint@redhat.com> - 40.0.2-4
- Rebuilt for Python 3.12
* Wed Jun 14 2023 Python Maint <python-maint@redhat.com> - 40.0.2-3
- Bootstrap for Python 3.12
* Tue Jun 13 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 40.0.2-2
- Use vendored rust-pem in RHEL builds
* Tue Apr 18 2023 Christian Heimes <cheimes@redhat.com> - 40.0.2-1
- Update to 40.0.2, resolves rhbz#2181430
* Thu Mar 09 2023 Miro Hrončok <mhroncok@redhat.com> - 39.0.2-2
- Don't run tests requiring pytz on RHEL
- Don't try to run tests of vendored dependencies in %%check
* Sat Mar 04 2023 Christian Heimes <cheimes@redhat.com> - 39.0.2-1
- Update to 39.0.2, resolves rhbz#2124729
* Tue Feb 28 2023 Fabio Valentini <decathorpe@gmail.com> - 37.0.2-9
- Ensure correct compiler flags are used for Rust code.
* Wed Feb 22 2023 Christian Heimes <cheimes@redhat.com> - 37.0.2-8
- Fix CVE-2023-23931: Don't allow update_into to mutate immutable objects, resolves rhbz#2171820
- Fix FTBFS due to failing test_load_invalid_ec_key_from_pem and test_decrypt_invalid_decrypt, resolves rhbz#2171661
* Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 37.0.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Dec 09 2022 Christian Heimes <cheimes@redhat.com> - 37.0.2-6
- Enable SHA1 signatures in test suite (ELN-only)
* Wed Aug 17 2022 Miro Hrončok <mhroncok@redhat.com> - 37.0.2-5
- Drop unused requirement of python3-six
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 37.0.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jun 14 2022 Python Maint <python-maint@redhat.com> - 37.0.2-3
- Rebuilt for Python 3.11
* Tue Jun 14 2022 Python Maint <python-maint@redhat.com> - 37.0.2-2
- Bootstrap for Python 3.11
* Thu May 05 2022 Christian Heimes <cheimes@redhat.com> - 37.0.2-1
- Update to 37.0.2, resolves rhbz#2078968
* Thu Jan 27 2022 Christian Heimes <cheimes@redhat.com> - 36.0.0-3
- Skip unstable memleak tests, resolves: RHBZ#2042413
* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 36.0.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Mon Nov 22 2021 Christian Heimes <cheimes@redhat.com> - 36.0.0-1
- Update to 36.0.0, fixes RHBZ#2025347
* Thu Sep 30 2021 Christian Heimes <cheimes@redhat.com> - 35.0.0-2
- Require rust-asn1 >= 0.6.4
* Thu Sep 30 2021 Christian Heimes <cheimes@redhat.com> - 35.0-1
- Update to 35.0.0 (#2009117)
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 3.4.7-6
- Rebuilt with OpenSSL 3.0.0
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.4.7-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Thu Jun 10 2021 Stephen Gallagher <sgallagh@redhat.com> - 3.4.7-4
- Don't conditionalize Source: directives
* Wed Jun 02 2021 Python Maint <python-maint@redhat.com> - 3.4.7-3
- Rebuilt for Python 3.10
* Tue May 11 2021 Christian Heimes <cheimes@redhat.com> - 3.4.7-2
- Fix compatibility issue with Python 3.10. Enums now use same
representation as on Python 3.9. (#1952522)
- Backport OpenSSL 3.0.0 compatibility patches.
* Wed Apr 21 2021 Christian Heimes <cheimes@redhat.com> - 3.4.7-1
- Update to 3.4.7
- Remove dependency on python-cryptography-vectors package and use vectors
directly from Github source tar ball. Related: rhbz#1952343
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.4.6-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
directly from Github source tar ball. (#1952024)
* Wed Mar 03 2021 Christian Heimes <cheimes@redhat.com> - 3.4.6-1
- Update to 3.4.6 (#1927044)
@ -316,3 +402,5 @@ PYTHONPATH=${PWD}/vectors:%{buildroot}%{python3_sitearch} \
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
## END: Generated by rpmautospec

Loading…
Cancel
Save