Python 3.10 and OpenSSL 3.0.0 fixes (#1952522)

Fix compatibility issue with Python 3.10. Enums now use same
representation as on Python 3.9.

Backport OpenSSL 3.0.0 compatibility patches.

Resolves: RHBZ#1952522
This commit is contained in:
Christian Heimes 2021-05-11 10:19:55 +02:00
parent 5fdccbab1d
commit b166e77e86
5 changed files with 1072 additions and 1 deletions

View File

@ -0,0 +1,130 @@
From cb1908043d5daa7c5c38945c048c4a2477a46221 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sun, 28 Feb 2021 16:06:11 -0600
Subject: [PATCH 1/4] fix pkcs12 parse ordering. fixes #5872 (#5879)
* fix pkcs12 parse ordering. fixes #5872
* remove an unneeded print
* simplify the test a bit more
* index
* black
* Update tests/hazmat/primitives/test_pkcs12.py
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
---
.../hazmat/backends/openssl/backend.py | 5 +-
tests/hazmat/primitives/test_pkcs12.py | 58 ++++++++++++++++++-
2 files changed, 59 insertions(+), 4 deletions(-)
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 271873d9..a96d08d8 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -6,6 +6,7 @@
import collections
import contextlib
import itertools
+import typing
import warnings
from contextlib import contextmanager
@@ -2562,9 +2563,7 @@ class Backend(object):
sk_x509 = self._lib.sk_X509_new_null()
sk_x509 = self._ffi.gc(sk_x509, self._lib.sk_X509_free)
- # reverse the list when building the stack so that they're encoded
- # in the order they were originally provided. it is a mystery
- for ca in reversed(cas):
+ for ca in cas:
res = self._lib.sk_X509_push(sk_x509, ca._x509)
backend.openssl_assert(res >= 1)
diff --git a/tests/hazmat/primitives/test_pkcs12.py b/tests/hazmat/primitives/test_pkcs12.py
index b5de09f9..b1759a1b 100644
--- a/tests/hazmat/primitives/test_pkcs12.py
+++ b/tests/hazmat/primitives/test_pkcs12.py
@@ -4,13 +4,15 @@
import os
+from datetime import datetime
import pytest
from cryptography import x509
from cryptography.hazmat.backends.interfaces import DERSerializationBackend
from cryptography.hazmat.backends.openssl.backend import _RC2
-from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives import hashes, serialization
+from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.serialization import load_pem_private_key
from cryptography.hazmat.primitives.serialization.pkcs12 import (
load_key_and_certificates,
@@ -273,3 +275,57 @@ class TestPKCS12Creation(object):
DummyKeySerializationEncryption(),
)
assert str(exc.value) == "Unsupported key encryption type"
+
+
+def test_pkcs12_ordering():
+ """
+ In OpenSSL < 3.0.0 PKCS12 parsing reverses the order. However, we
+ accidentally thought it was **encoding** that did it, leading to bug
+ https://github.com/pyca/cryptography/issues/5872
+ This test ensures our ordering is correct going forward.
+ """
+
+ def make_cert(name):
+ key = ec.generate_private_key(ec.SECP256R1())
+ subject = x509.Name(
+ [
+ x509.NameAttribute(x509.NameOID.COMMON_NAME, name),
+ ]
+ )
+ now = datetime.utcnow()
+ cert = (
+ x509.CertificateBuilder()
+ .subject_name(subject)
+ .issuer_name(subject)
+ .public_key(key.public_key())
+ .serial_number(x509.random_serial_number())
+ .not_valid_before(now)
+ .not_valid_after(now)
+ .sign(key, hashes.SHA256())
+ )
+ return (key, cert)
+
+ # Make some certificates with distinct names.
+ a_name = "A" * 20
+ b_name = "B" * 20
+ c_name = "C" * 20
+ a_key, a_cert = make_cert(a_name)
+ _, b_cert = make_cert(b_name)
+ _, c_cert = make_cert(c_name)
+
+ # Bundle them in a PKCS#12 file in order A, B, C.
+ p12 = serialize_key_and_certificates(
+ b"p12", a_key, a_cert, [b_cert, c_cert], serialization.NoEncryption()
+ )
+
+ # Parse them out. The API should report them in the same order.
+ (key, cert, certs) = load_key_and_certificates(p12, None)
+ assert cert == a_cert
+ assert certs == [b_cert, c_cert]
+
+ # The ordering in the PKCS#12 file itself should also match.
+ a_idx = p12.index(a_name.encode("utf-8"))
+ b_idx = p12.index(b_name.encode("utf-8"))
+ c_idx = p12.index(c_name.encode("utf-8"))
+
+ assert a_idx < b_idx < c_idx
--
2.31.1

View File

@ -0,0 +1,415 @@
From a0bece343e38d73d038d4f3a62c2a9638608ac9c Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Thu, 22 Apr 2021 19:16:38 -0500
Subject: [PATCH 2/4] [WIP] 3.0.0 support (#5250)
* 3.0.0 support
* almost...there...
* make mypy happy
---
.github/workflows/ci.yml | 7 ++--
src/_cffi_src/build_openssl.py | 1 +
src/_cffi_src/openssl/cryptography.py | 3 ++
src/_cffi_src/openssl/err.py | 6 +++
src/_cffi_src/openssl/fips.py | 2 +-
src/_cffi_src/openssl/provider.py | 40 ++++++++++++++++++
.../hazmat/backends/openssl/backend.py | 42 ++++++++++++++++---
.../hazmat/backends/openssl/ciphers.py | 15 ++++++-
.../hazmat/bindings/openssl/_conditional.py | 11 +++++
.../hazmat/bindings/openssl/binding.py | 20 +++++++++
tests/hazmat/backends/test_openssl_memleak.py | 6 ++-
tests/hazmat/bindings/test_openssl.py | 4 +-
tests/hazmat/primitives/test_dh.py | 24 ++++++++++-
13 files changed, 167 insertions(+), 14 deletions(-)
create mode 100644 src/_cffi_src/openssl/provider.py
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index cd967a3a..747f84c1 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -18,9 +18,10 @@ jobs:
- {VERSION: "3.9", TOXENV: "flake,rust,docs", COVERAGE: "false"}
- {VERSION: "pypy3", TOXENV: "pypy3"}
- {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "1.1.0l"}}
- - {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1i"}}
- - {VERSION: "3.9", TOXENV: "py39-ssh", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1i"}}
- - {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1i", CONFIG_FLAGS: "no-engine no-rc2 no-srtp no-ct"}}
+ - {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1j"}}
+ - {VERSION: "3.9", TOXENV: "py39-ssh", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1j"}}
+ - {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1j", CONFIG_FLAGS: "no-engine no-rc2 no-srtp no-ct"}}
+ - {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "3.0.0-alpha15"}}
- {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "libressl", VERSION: "2.9.2"}}
- {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "libressl", VERSION: "3.0.2"}}
- {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "libressl", VERSION: "3.1.5"}}
diff --git a/src/_cffi_src/build_openssl.py b/src/_cffi_src/build_openssl.py
index 08499d66..557296ed 100644
--- a/src/_cffi_src/build_openssl.py
+++ b/src/_cffi_src/build_openssl.py
@@ -104,6 +104,7 @@ ffi = build_ffi_for_binding(
"osrandom_engine",
"pem",
"pkcs12",
+ "provider",
"rand",
"rsa",
"ssl",
diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py
index e2b5a132..06d1e778 100644
--- a/src/_cffi_src/openssl/cryptography.py
+++ b/src/_cffi_src/openssl/cryptography.py
@@ -34,6 +34,8 @@ INCLUDES = """
#define CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER \
(OPENSSL_VERSION_NUMBER >= 0x1010006f && !CRYPTOGRAPHY_IS_LIBRESSL)
+#define CRYPTOGRAPHY_OPENSSL_300_OR_GREATER \
+ (OPENSSL_VERSION_NUMBER >= 0x30000000 && !CRYPTOGRAPHY_IS_LIBRESSL)
#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110J \
(OPENSSL_VERSION_NUMBER < 0x101000af || CRYPTOGRAPHY_IS_LIBRESSL)
@@ -53,6 +55,7 @@ INCLUDES = """
TYPES = """
static const int CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER;
+static const int CRYPTOGRAPHY_OPENSSL_300_OR_GREATER;
static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111;
static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B;
diff --git a/src/_cffi_src/openssl/err.py b/src/_cffi_src/openssl/err.py
index 0634b656..8cfeaf5b 100644
--- a/src/_cffi_src/openssl/err.py
+++ b/src/_cffi_src/openssl/err.py
@@ -18,6 +18,7 @@ static const int EVP_R_UNKNOWN_PBE_ALGORITHM;
static const int ERR_LIB_EVP;
static const int ERR_LIB_PEM;
+static const int ERR_LIB_PROV;
static const int ERR_LIB_ASN1;
static const int ERR_LIB_PKCS12;
@@ -45,4 +46,9 @@ int ERR_GET_REASON(unsigned long);
"""
CUSTOMIZATIONS = """
+/* This define is tied to provider support and is conditionally
+ removed if Cryptography_HAS_PROVIDERS is false */
+#ifndef ERR_LIB_PROV
+#define ERR_LIB_PROV 0
+#endif
"""
diff --git a/src/_cffi_src/openssl/fips.py b/src/_cffi_src/openssl/fips.py
index b9d0d64d..23c10af9 100644
--- a/src/_cffi_src/openssl/fips.py
+++ b/src/_cffi_src/openssl/fips.py
@@ -17,7 +17,7 @@ int FIPS_mode(void);
"""
CUSTOMIZATIONS = """
-#if CRYPTOGRAPHY_IS_LIBRESSL
+#if CRYPTOGRAPHY_IS_LIBRESSL || CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
static const long Cryptography_HAS_FIPS = 0;
int (*FIPS_mode_set)(int) = NULL;
int (*FIPS_mode)(void) = NULL;
diff --git a/src/_cffi_src/openssl/provider.py b/src/_cffi_src/openssl/provider.py
new file mode 100644
index 00000000..d7d659ea
--- /dev/null
+++ b/src/_cffi_src/openssl/provider.py
@@ -0,0 +1,40 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+
+INCLUDES = """
+#if CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
+#include <openssl/provider.h>
+#include <openssl/proverr.h>
+#endif
+"""
+
+TYPES = """
+static const long Cryptography_HAS_PROVIDERS;
+
+typedef ... OSSL_PROVIDER;
+typedef ... OSSL_LIB_CTX;
+
+static const long PROV_R_BAD_DECRYPT;
+static const long PROV_R_WRONG_FINAL_BLOCK_LENGTH;
+"""
+
+FUNCTIONS = """
+OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *, const char *);
+int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
+"""
+
+CUSTOMIZATIONS = """
+#if CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
+static const long Cryptography_HAS_PROVIDERS = 1;
+#else
+static const long Cryptography_HAS_PROVIDERS = 0;
+typedef void OSSL_PROVIDER;
+typedef void OSSL_LIB_CTX;
+static const long PROV_R_BAD_DECRYPT = 0;
+static const long PROV_R_WRONG_FINAL_BLOCK_LENGTH = 0;
+OSSL_PROVIDER *(*OSSL_PROVIDER_load)(OSSL_LIB_CTX *, const char *) = NULL;
+int (*OSSL_PROVIDER_unload)(OSSL_PROVIDER *) = NULL;
+#endif
+"""
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index a96d08d8..86e8f0a8 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -1281,6 +1281,11 @@ class Backend(object):
def _evp_pkey_from_der_traditional_key(self, bio_data, password):
key = self._lib.d2i_PrivateKey_bio(bio_data.bio, self._ffi.NULL)
if key != self._ffi.NULL:
+ # In OpenSSL 3.0.0-alpha15 there exist scenarios where the key will
+ # successfully load but errors are still put on the stack. Tracked
+ # as https://github.com/openssl/openssl/issues/14996
+ self._consume_errors()
+
key = self._ffi.gc(key, self._lib.EVP_PKEY_free)
if password is not None:
raise TypeError(
@@ -1448,6 +1453,11 @@ class Backend(object):
else:
self._handle_key_loading_error()
+ # In OpenSSL 3.0.0-alpha15 there exist scenarios where the key will
+ # successfully load but errors are still put on the stack. Tracked
+ # as https://github.com/openssl/openssl/issues/14996
+ self._consume_errors()
+
evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
if password is not None and userdata.called == 0:
@@ -1470,11 +1480,22 @@ class Backend(object):
"incorrect format or it may be encrypted with an unsupported "
"algorithm."
)
- elif errors[0]._lib_reason_match(
- self._lib.ERR_LIB_EVP, self._lib.EVP_R_BAD_DECRYPT
- ) or errors[0]._lib_reason_match(
- self._lib.ERR_LIB_PKCS12,
- self._lib.PKCS12_R_PKCS12_CIPHERFINAL_ERROR,
+
+ elif (
+ errors[0]._lib_reason_match(
+ self._lib.ERR_LIB_EVP, self._lib.EVP_R_BAD_DECRYPT
+ )
+ or errors[0]._lib_reason_match(
+ self._lib.ERR_LIB_PKCS12,
+ self._lib.PKCS12_R_PKCS12_CIPHERFINAL_ERROR,
+ )
+ or (
+ self._lib.Cryptography_HAS_PROVIDERS
+ and errors[0]._lib_reason_match(
+ self._lib.ERR_LIB_PROV,
+ self._lib.PROV_R_BAD_DECRYPT,
+ )
+ )
):
raise ValueError("Bad decrypt. Incorrect password?")
@@ -2520,7 +2541,16 @@ class Backend(object):
if sk_x509_ptr[0] != self._ffi.NULL:
sk_x509 = self._ffi.gc(sk_x509_ptr[0], self._lib.sk_X509_free)
num = self._lib.sk_X509_num(sk_x509_ptr[0])
- for i in range(num):
+
+ # In OpenSSL < 3.0.0 PKCS12 parsing reverses the order of the
+ # certificates.
+ indices: typing.Iterable[int]
+ if self._lib.CRYPTOGRAPHY_OPENSSL_300_OR_GREATER:
+ indices = range(num)
+ else:
+ indices = reversed(range(num))
+
+ for i in indices:
x509 = self._lib.sk_X509_value(sk_x509, i)
self.openssl_assert(x509 != self._ffi.NULL)
x509 = self._ffi.gc(x509, self._lib.X509_free)
diff --git a/src/cryptography/hazmat/backends/openssl/ciphers.py b/src/cryptography/hazmat/backends/openssl/ciphers.py
index 0f96795f..a2dd6894 100644
--- a/src/cryptography/hazmat/backends/openssl/ciphers.py
+++ b/src/cryptography/hazmat/backends/openssl/ciphers.py
@@ -145,7 +145,13 @@ class _CipherContext(object):
res = self._backend._lib.EVP_CipherUpdate(
self._ctx, outbuf, outlen, inbuf, inlen
)
- self._backend.openssl_assert(res != 0)
+ if res == 0 and isinstance(self._mode, modes.XTS):
+ raise ValueError(
+ "In XTS mode you must supply at least a full block in the "
+ "first update call. For AES this is 16 bytes."
+ )
+ else:
+ self._backend.openssl_assert(res != 0)
data_processed += inlen
total_out += outlen[0]
@@ -174,6 +180,13 @@ class _CipherContext(object):
errors[0]._lib_reason_match(
self._backend._lib.ERR_LIB_EVP,
self._backend._lib.EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH,
+ )
+ or (
+ self._backend._lib.Cryptography_HAS_PROVIDERS
+ and errors[0]._lib_reason_match(
+ self._backend._lib.ERR_LIB_PROV,
+ self._backend._lib.PROV_R_WRONG_FINAL_BLOCK_LENGTH,
+ )
),
errors=errors,
)
diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py
index 86548357..1f42c7be 100644
--- a/src/cryptography/hazmat/bindings/openssl/_conditional.py
+++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py
@@ -270,6 +270,16 @@ def cryptography_has_get_proto_version():
]
+def cryptography_has_providers():
+ return [
+ "OSSL_PROVIDER_load",
+ "OSSL_PROVIDER_unload",
+ "ERR_LIB_PROV",
+ "PROV_R_WRONG_FINAL_BLOCK_LENGTH",
+ "PROV_R_BAD_DECRYPT",
+ ]
+
+
# This is a mapping of
# {condition: function-returning-names-dependent-on-that-condition} so we can
# loop over them and delete unsupported names at runtime. It will be removed
@@ -318,4 +328,5 @@ CONDITIONAL_NAMES = {
"Cryptography_HAS_VERIFIED_CHAIN": cryptography_has_verified_chain,
"Cryptography_HAS_SRTP": cryptography_has_srtp,
"Cryptography_HAS_GET_PROTO_VERSION": cryptography_has_get_proto_version,
+ "Cryptography_HAS_PROVIDERS": cryptography_has_providers,
}
diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py
index a2bc36a8..6dcec26a 100644
--- a/src/cryptography/hazmat/bindings/openssl/binding.py
+++ b/src/cryptography/hazmat/bindings/openssl/binding.py
@@ -113,6 +113,8 @@ class Binding(object):
ffi = ffi
_lib_loaded = False
_init_lock = threading.Lock()
+ _legacy_provider: typing.Any = None
+ _default_provider: typing.Any = None
def __init__(self):
self._ensure_ffi_initialized()
@@ -140,6 +142,24 @@ class Binding(object):
# adds all ciphers/digests for EVP
cls.lib.OpenSSL_add_all_algorithms()
cls._register_osrandom_engine()
+ # As of OpenSSL 3.0.0 we must register a legacy cipher provider
+ # to get RC2 (needed for junk asymmetric private key
+ # serialization), RC4, Blowfish, IDEA, SEED, etc. These things
+ # are ugly legacy, but we aren't going to get rid of them
+ # any time soon.
+ if cls.lib.CRYPTOGRAPHY_OPENSSL_300_OR_GREATER:
+ cls._legacy_provider = cls.lib.OSSL_PROVIDER_load(
+ cls.ffi.NULL, b"legacy"
+ )
+ _openssl_assert(
+ cls.lib, cls._legacy_provider != cls.ffi.NULL
+ )
+ cls._default_provider = cls.lib.OSSL_PROVIDER_load(
+ cls.ffi.NULL, b"default"
+ )
+ _openssl_assert(
+ cls.lib, cls._default_provider != cls.ffi.NULL
+ )
@classmethod
def init_static_locks(cls):
diff --git a/tests/hazmat/backends/test_openssl_memleak.py b/tests/hazmat/backends/test_openssl_memleak.py
index 0c96516f..0316b5d9 100644
--- a/tests/hazmat/backends/test_openssl_memleak.py
+++ b/tests/hazmat/backends/test_openssl_memleak.py
@@ -82,7 +82,7 @@ def main(argv):
assert result == 1
# Trigger a bunch of initialization stuff.
- import cryptography.hazmat.backends.openssl
+ from cryptography.hazmat.backends.openssl.backend import backend
start_heap = set(heap)
@@ -91,6 +91,10 @@ def main(argv):
gc.collect()
gc.collect()
+ if lib.CRYPTOGRAPHY_OPENSSL_300_OR_GREATER:
+ lib.OSSL_PROVIDER_unload(backend._binding._legacy_provider)
+ lib.OSSL_PROVIDER_unload(backend._binding._default_provider)
+
if lib.Cryptography_HAS_OPENSSL_CLEANUP:
lib.OPENSSL_cleanup()
diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py
index fb9a1e36..4d1e3b55 100644
--- a/tests/hazmat/bindings/test_openssl.py
+++ b/tests/hazmat/bindings/test_openssl.py
@@ -91,7 +91,9 @@ class TestOpenSSL(object):
_openssl_assert(b.lib, False)
error = exc_info.value.err_code[0]
- assert error.code == 101183626
+ # As of 3.0.0 OpenSSL sets func codes to 0, so the combined
+ # code is a different value
+ assert error.code in (101183626, 50331786)
assert error.lib == b.lib.ERR_LIB_EVP
assert error.func == b.lib.EVP_F_EVP_ENCRYPTFINAL_EX
assert error.reason == b.lib.EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH
diff --git a/tests/hazmat/primitives/test_dh.py b/tests/hazmat/primitives/test_dh.py
index 131807fc..bb29919f 100644
--- a/tests/hazmat/primitives/test_dh.py
+++ b/tests/hazmat/primitives/test_dh.py
@@ -180,7 +180,23 @@ class TestDH(object):
params = dh.DHParameterNumbers(p, int(vector["g"]))
param = params.parameters(backend)
key = param.generate_private_key()
- assert key.private_numbers().public_numbers.parameter_numbers == params
+ # In OpenSSL 3.0.0 OpenSSL maps to known groups. This results in
+ # a scenario where loading a known group with p and g returns a
+ # re-serialized form that has q as well (the Sophie Germain prime of
+ # that group). This makes a naive comparison of the parameter numbers
+ # objects fail, so we have to be a bit smarter
+ serialized_params = (
+ key.private_numbers().public_numbers.parameter_numbers
+ )
+ if serialized_params.q is None:
+ # This is the path OpenSSL < 3.0 takes
+ assert serialized_params == params
+ else:
+ assert serialized_params.p == params.p
+ assert serialized_params.g == params.g
+ # p = 2q + 1 since it is a Sophie Germain prime, so we can compute
+ # what we expect OpenSSL to have done here.
+ assert serialized_params.q == (params.p - 1) // 2
@pytest.mark.skip_fips(reason="non-FIPS parameters")
@pytest.mark.parametrize(
@@ -382,6 +398,12 @@ class TestDH(object):
assert symkey1 != symkey2
@pytest.mark.skip_fips(reason="key_size too small for FIPS")
+ @pytest.mark.supported(
+ only_if=lambda backend: (
+ not backend._lib.CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
+ ),
+ skip_message="256-bit DH keys are not supported in OpenSSL 3.0.0+",
+ )
def test_load_256bit_key_from_pkcs8(self, backend):
data = load_vectors_from_file(
os.path.join("asymmetric", "DH", "dh_key_256.pem"),
--
2.31.1

View File

@ -0,0 +1,151 @@
From 29cf9b8d63ef3437ba11aa29502af8773faa17a7 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Wed, 14 Apr 2021 13:15:57 -0500
Subject: [PATCH 3/4] switch to using EVP_PKEY_derive instead of DH_compute_key
in DH (#5972)
* switch to using EVP_PKEY_derive instead of DH_compute_key in DH
Where checks are occurring is changing in OpenSSL 3.0 and this makes it
easier to be consistent (and is the API we should be using anyway). The
tests change because EVP_PKEY_derive now verifies that we have shared
parameters, which the test previously only verified by asserting that
the derived keys didn't match
* review feedback
* type ignores required for typeerror tests. some day i will remember this
---
src/_cffi_src/openssl/dh.py | 1 -
.../hazmat/backends/openssl/dh.py | 57 ++++++++++++-------
tests/hazmat/primitives/test_dh.py | 19 ++++---
3 files changed, 45 insertions(+), 32 deletions(-)
diff --git a/src/_cffi_src/openssl/dh.py b/src/_cffi_src/openssl/dh.py
index 979dafa9..50989e45 100644
--- a/src/_cffi_src/openssl/dh.py
+++ b/src/_cffi_src/openssl/dh.py
@@ -18,7 +18,6 @@ DH *DH_new(void);
void DH_free(DH *);
int DH_size(const DH *);
int DH_generate_key(DH *);
-int DH_compute_key(unsigned char *, const BIGNUM *, DH *);
DH *DHparams_dup(DH *);
/* added in 1.1.0 when the DH struct was opaqued */
diff --git a/src/cryptography/hazmat/backends/openssl/dh.py b/src/cryptography/hazmat/backends/openssl/dh.py
index 65ddaeec..b928f024 100644
--- a/src/cryptography/hazmat/backends/openssl/dh.py
+++ b/src/cryptography/hazmat/backends/openssl/dh.py
@@ -127,35 +127,48 @@ class _DHPrivateKey(dh.DHPrivateKey):
)
def exchange(self, peer_public_key: dh.DHPublicKey) -> bytes:
- buf = self._backend._ffi.new("unsigned char[]", self._key_size_bytes)
- pub_key = self._backend._ffi.new("BIGNUM **")
- self._backend._lib.DH_get0_key(
- peer_public_key._dh_cdata, # type: ignore[attr-defined]
- pub_key,
- self._backend._ffi.NULL,
+ if not isinstance(peer_public_key, _DHPublicKey):
+ raise TypeError("peer_public_key must be a DHPublicKey")
+
+ ctx = self._backend._lib.EVP_PKEY_CTX_new(
+ self._evp_pkey, self._backend._ffi.NULL
)
- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
- res = self._backend._lib.DH_compute_key(
- buf, pub_key[0], self._dh_cdata
+ self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
+ ctx = self._backend._ffi.gc(ctx, self._backend._lib.EVP_PKEY_CTX_free)
+ res = self._backend._lib.EVP_PKEY_derive_init(ctx)
+ self._backend.openssl_assert(res == 1)
+ res = self._backend._lib.EVP_PKEY_derive_set_peer(
+ ctx, peer_public_key._evp_pkey
+ )
+ # Invalid kex errors here in OpenSSL 3.0 because checks were moved
+ # to EVP_PKEY_derive_set_peer
+ self._exchange_assert(res == 1)
+ keylen = self._backend._ffi.new("size_t *")
+ res = self._backend._lib.EVP_PKEY_derive(
+ ctx, self._backend._ffi.NULL, keylen
)
+ # Invalid kex errors here in OpenSSL < 3
+ self._exchange_assert(res == 1)
+ self._backend.openssl_assert(keylen[0] > 0)
+ buf = self._backend._ffi.new("unsigned char[]", keylen[0])
+ res = self._backend._lib.EVP_PKEY_derive(ctx, buf, keylen)
+ self._backend.openssl_assert(res == 1)
- if res == -1:
+ key = self._backend._ffi.buffer(buf, keylen[0])[:]
+ pad = self._key_size_bytes - len(key)
+
+ if pad > 0:
+ key = (b"\x00" * pad) + key
+
+ return key
+
+ def _exchange_assert(self, ok):
+ if not ok:
errors_with_text = self._backend._consume_errors_with_text()
raise ValueError(
- "Error computing shared key. Public key is likely invalid "
- "for this exchange.",
+ "Error computing shared key.",
errors_with_text,
)
- else:
- self._backend.openssl_assert(res >= 1)
-
- key = self._backend._ffi.buffer(buf)[:res]
- pad = self._key_size_bytes - len(key)
-
- if pad > 0:
- key = (b"\x00" * pad) + key
-
- return key
def public_key(self) -> dh.DHPublicKey:
dh_cdata = _dh_params_dup(self._dh_cdata, self._backend)
diff --git a/tests/hazmat/primitives/test_dh.py b/tests/hazmat/primitives/test_dh.py
index bb29919f..2914f7e7 100644
--- a/tests/hazmat/primitives/test_dh.py
+++ b/tests/hazmat/primitives/test_dh.py
@@ -296,6 +296,12 @@ class TestDH(object):
assert isinstance(key.private_numbers(), dh.DHPrivateNumbers)
assert isinstance(key.parameters(), dh.DHParameters)
+ def test_exchange_wrong_type(self, backend):
+ parameters = FFDH3072_P.parameters(backend)
+ key1 = parameters.generate_private_key()
+ with pytest.raises(TypeError):
+ key1.exchange(b"invalidtype") # type: ignore[arg-type]
+
def test_exchange(self, backend):
parameters = FFDH3072_P.parameters(backend)
assert isinstance(parameters, dh.DHParameters)
@@ -386,16 +392,11 @@ class TestDH(object):
key2 = private2.private_key(backend)
pub_key2 = key2.public_key()
- if pub_key2.public_numbers().y >= parameters1.p:
- with pytest.raises(ValueError):
- key1.exchange(pub_key2)
- else:
- symkey1 = key1.exchange(pub_key2)
- assert symkey1
-
- symkey2 = key2.exchange(pub_key1)
+ with pytest.raises(ValueError):
+ key1.exchange(pub_key2)
- assert symkey1 != symkey2
+ with pytest.raises(ValueError):
+ key2.exchange(pub_key1)
@pytest.mark.skip_fips(reason="key_size too small for FIPS")
@pytest.mark.supported(
--
2.31.1

View File

@ -0,0 +1,366 @@
From 0a164d2c985b4655929591b191824ed361890b8d Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes@redhat.com>
Date: Mon, 10 May 2021 13:27:54 +0200
Subject: [PATCH 4/4] Use well-defined enum representation
Python 3.10 changed enum's object and string representation. PyCA
cryptography now uses a custom subclass of enum.Enum() will well-defined
__repr__ and __str__ from Python 3.9.
Related: https://bugs.python.org/issue40066
Fixes: https://github.com/pyca/cryptography/issues/5995
Signed-off-by: Christian Heimes <cheimes@redhat.com>
---
.github/workflows/ci.yml | 13 +++++++------
src/cryptography/exceptions.py | 4 ++--
.../hazmat/primitives/_serialization.py | 11 ++++++-----
src/cryptography/hazmat/primitives/kdf/kbkdf.py | 5 ++---
.../hazmat/primitives/serialization/pkcs7.py | 4 ++--
src/cryptography/utils.py | 11 +++++++++++
src/cryptography/x509/base.py | 4 ++--
src/cryptography/x509/certificate_transparency.py | 7 ++++---
src/cryptography/x509/extensions.py | 5 ++---
src/cryptography/x509/name.py | 3 +--
src/cryptography/x509/ocsp.py | 8 ++++----
tests/test_cryptography_utils.py | 11 +++++++++++
12 files changed, 54 insertions(+), 32 deletions(-)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 747f84c1..ca298f96 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -18,15 +18,16 @@ jobs:
- {VERSION: "3.9", TOXENV: "flake,rust,docs", COVERAGE: "false"}
- {VERSION: "pypy3", TOXENV: "pypy3"}
- {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "1.1.0l"}}
- - {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1j"}}
- - {VERSION: "3.9", TOXENV: "py39-ssh", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1j"}}
- - {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1j", CONFIG_FLAGS: "no-engine no-rc2 no-srtp no-ct"}}
- - {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "3.0.0-alpha15"}}
+ - {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1k"}}
+ - {VERSION: "3.9", TOXENV: "py39-ssh", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1k"}}
+ - {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "1.1.1k", CONFIG_FLAGS: "no-engine no-rc2 no-srtp no-ct"}}
+ - {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "openssl", VERSION: "3.0.0-alpha16"}}
- {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "libressl", VERSION: "2.9.2"}}
- {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "libressl", VERSION: "3.0.2"}}
- {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "libressl", VERSION: "3.1.5"}}
- {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "libressl", VERSION: "3.2.3"}}
- {VERSION: "3.9", TOXENV: "py39", OPENSSL: {TYPE: "libressl", VERSION: "3.3.1"}}
+ - {VERSION: "3.10-dev", TOXENV: "py310"}
RUST:
- stable
name: "${{ matrix.PYTHON.TOXENV }} ${{ matrix.PYTHON.OPENSSL.TYPE }} ${{ matrix.PYTHON.OPENSSL.VERSION }} ${{ matrix.PYTHON.OPENSSL.CONFIG_FLAGS }}"
@@ -108,8 +109,8 @@ jobs:
- {IMAGE: "sid", TOXENV: "py39"}
- {IMAGE: "ubuntu-bionic", TOXENV: "py36"}
- {IMAGE: "ubuntu-focal", TOXENV: "py38"}
- - {IMAGE: "ubuntu-rolling", TOXENV: "py38"}
- - {IMAGE: "ubuntu-rolling", TOXENV: "py38-randomorder"}
+ - {IMAGE: "ubuntu-rolling", TOXENV: "py39"}
+ - {IMAGE: "ubuntu-rolling", TOXENV: "py39-randomorder"}
- {IMAGE: "fedora", TOXENV: "py39"}
- {IMAGE: "alpine", TOXENV: "py38"}
name: "${{ matrix.IMAGE.TOXENV }} on ${{ matrix.IMAGE.IMAGE }}"
diff --git a/src/cryptography/exceptions.py b/src/cryptography/exceptions.py
index f5860590..3bd98d82 100644
--- a/src/cryptography/exceptions.py
+++ b/src/cryptography/exceptions.py
@@ -3,10 +3,10 @@
# for complete details.
-from enum import Enum
+from cryptography import utils
-class _Reasons(Enum):
+class _Reasons(utils.Enum):
BACKEND_MISSING_INTERFACE = 0
UNSUPPORTED_HASH = 1
UNSUPPORTED_CIPHER = 2
diff --git a/src/cryptography/hazmat/primitives/_serialization.py b/src/cryptography/hazmat/primitives/_serialization.py
index 96a5ed9b..160a6b89 100644
--- a/src/cryptography/hazmat/primitives/_serialization.py
+++ b/src/cryptography/hazmat/primitives/_serialization.py
@@ -3,13 +3,14 @@
# for complete details.
import abc
-from enum import Enum
+
+from cryptography import utils
# This exists to break an import cycle. These classes are normally accessible
# from the serialization module.
-class Encoding(Enum):
+class Encoding(utils.Enum):
PEM = "PEM"
DER = "DER"
OpenSSH = "OpenSSH"
@@ -18,14 +19,14 @@ class Encoding(Enum):
SMIME = "S/MIME"
-class PrivateFormat(Enum):
+class PrivateFormat(utils.Enum):
PKCS8 = "PKCS8"
TraditionalOpenSSL = "TraditionalOpenSSL"
Raw = "Raw"
OpenSSH = "OpenSSH"
-class PublicFormat(Enum):
+class PublicFormat(utils.Enum):
SubjectPublicKeyInfo = "X.509 subjectPublicKeyInfo with PKCS#1"
PKCS1 = "Raw PKCS#1"
OpenSSH = "OpenSSH"
@@ -34,7 +35,7 @@ class PublicFormat(Enum):
UncompressedPoint = "X9.62 Uncompressed Point"
-class ParameterFormat(Enum):
+class ParameterFormat(utils.Enum):
PKCS3 = "PKCS3"
diff --git a/src/cryptography/hazmat/primitives/kdf/kbkdf.py b/src/cryptography/hazmat/primitives/kdf/kbkdf.py
index ac36474f..75fe7d51 100644
--- a/src/cryptography/hazmat/primitives/kdf/kbkdf.py
+++ b/src/cryptography/hazmat/primitives/kdf/kbkdf.py
@@ -4,7 +4,6 @@
import typing
-from enum import Enum
from cryptography import utils
from cryptography.exceptions import (
@@ -19,11 +18,11 @@ from cryptography.hazmat.primitives import constant_time, hashes, hmac
from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
-class Mode(Enum):
+class Mode(utils.Enum):
CounterMode = "ctr"
-class CounterLocation(Enum):
+class CounterLocation(utils.Enum):
BeforeFixed = "before_fixed"
AfterFixed = "after_fixed"
diff --git a/src/cryptography/hazmat/primitives/serialization/pkcs7.py b/src/cryptography/hazmat/primitives/serialization/pkcs7.py
index bcd9e330..57aac7e3 100644
--- a/src/cryptography/hazmat/primitives/serialization/pkcs7.py
+++ b/src/cryptography/hazmat/primitives/serialization/pkcs7.py
@@ -3,8 +3,8 @@
# for complete details.
import typing
-from enum import Enum
+from cryptography import utils
from cryptography import x509
from cryptography.hazmat.backends import _get_backend
from cryptography.hazmat.primitives import hashes, serialization
@@ -35,7 +35,7 @@ _ALLOWED_PRIVATE_KEY_TYPES = typing.Union[
]
-class PKCS7Options(Enum):
+class PKCS7Options(utils.Enum):
Text = "Add text/plain MIME type"
Binary = "Don't translate input data into canonical MIME format"
DetachedSignature = "Don't embed data in the PKCS7 structure"
diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py
index ef0fc443..9e571cfd 100644
--- a/src/cryptography/utils.py
+++ b/src/cryptography/utils.py
@@ -4,6 +4,7 @@
import abc
+import enum
import inspect
import sys
import typing
@@ -162,3 +163,13 @@ int_from_bytes = deprecated(
"int_from_bytes is deprecated, use int.from_bytes instead",
DeprecatedIn34,
)
+
+
+# Python 3.10 changed representation of enums. We use well-defined object
+# representation and string representation from Python 3.9.
+class Enum(enum.Enum):
+ def __repr__(self):
+ return f"<{self.__class__.__name__}.{self._name_}: {self._value_!r}>"
+
+ def __str__(self):
+ return f"{self.__class__.__name__}.{self._name_}"
diff --git a/src/cryptography/x509/base.py b/src/cryptography/x509/base.py
index 5505fa3b..26ec43d5 100644
--- a/src/cryptography/x509/base.py
+++ b/src/cryptography/x509/base.py
@@ -7,8 +7,8 @@ import abc
import datetime
import os
import typing
-from enum import Enum
+from cryptography import utils
from cryptography.hazmat._types import _PRIVATE_KEY_TYPES, _PUBLIC_KEY_TYPES
from cryptography.hazmat.backends import _get_backend
from cryptography.hazmat.primitives import hashes, serialization
@@ -66,7 +66,7 @@ def _convert_to_naive_utc_time(time: datetime.datetime) -> datetime.datetime:
return time
-class Version(Enum):
+class Version(utils.Enum):
v1 = 0
v3 = 2
diff --git a/src/cryptography/x509/certificate_transparency.py b/src/cryptography/x509/certificate_transparency.py
index d51bee92..d80f051a 100644
--- a/src/cryptography/x509/certificate_transparency.py
+++ b/src/cryptography/x509/certificate_transparency.py
@@ -5,15 +5,16 @@
import abc
import datetime
-from enum import Enum
+from cryptography import utils
-class LogEntryType(Enum):
+
+class LogEntryType(utils.Enum):
X509_CERTIFICATE = 0
PRE_CERTIFICATE = 1
-class Version(Enum):
+class Version(utils.Enum):
v1 = 0
diff --git a/src/cryptography/x509/extensions.py b/src/cryptography/x509/extensions.py
index 6cae016a..742f1fa2 100644
--- a/src/cryptography/x509/extensions.py
+++ b/src/cryptography/x509/extensions.py
@@ -8,7 +8,6 @@ import datetime
import hashlib
import ipaddress
import typing
-from enum import Enum
from cryptography import utils
from cryptography.hazmat._der import (
@@ -634,7 +633,7 @@ class DistributionPoint(object):
crl_issuer = utils.read_only_property("_crl_issuer")
-class ReasonFlags(Enum):
+class ReasonFlags(utils.Enum):
unspecified = "unspecified"
key_compromise = "keyCompromise"
ca_compromise = "cACompromise"
@@ -978,7 +977,7 @@ class TLSFeature(ExtensionType):
return hash(tuple(self._features))
-class TLSFeatureType(Enum):
+class TLSFeatureType(utils.Enum):
# status_request is defined in RFC 6066 and is used for what is commonly
# called OCSP Must-Staple when present in the TLS Feature extension in an
# X.509 certificate.
diff --git a/src/cryptography/x509/name.py b/src/cryptography/x509/name.py
index a579aa21..9069a9f4 100644
--- a/src/cryptography/x509/name.py
+++ b/src/cryptography/x509/name.py
@@ -3,14 +3,13 @@
# for complete details.
import typing
-from enum import Enum
from cryptography import utils
from cryptography.hazmat.backends import _get_backend
from cryptography.x509.oid import NameOID, ObjectIdentifier
-class _ASN1Type(Enum):
+class _ASN1Type(utils.Enum):
UTF8String = 12
NumericString = 18
PrintableString = 19
diff --git a/src/cryptography/x509/ocsp.py b/src/cryptography/x509/ocsp.py
index 1c5de73e..bcf210c1 100644
--- a/src/cryptography/x509/ocsp.py
+++ b/src/cryptography/x509/ocsp.py
@@ -6,8 +6,8 @@
import abc
import datetime
import typing
-from enum import Enum
+from cryptography import utils
from cryptography import x509
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.x509.base import (
@@ -27,12 +27,12 @@ _OIDS_TO_HASH = {
}
-class OCSPResponderEncoding(Enum):
+class OCSPResponderEncoding(utils.Enum):
HASH = "By Hash"
NAME = "By Name"
-class OCSPResponseStatus(Enum):
+class OCSPResponseStatus(utils.Enum):
SUCCESSFUL = 0
MALFORMED_REQUEST = 1
INTERNAL_ERROR = 2
@@ -58,7 +58,7 @@ def _verify_algorithm(algorithm):
)
-class OCSPCertStatus(Enum):
+class OCSPCertStatus(utils.Enum):
GOOD = 0
REVOKED = 1
UNKNOWN = 2
diff --git a/tests/test_cryptography_utils.py b/tests/test_cryptography_utils.py
index 6b795e0c..803997ac 100644
--- a/tests/test_cryptography_utils.py
+++ b/tests/test_cryptography_utils.py
@@ -2,6 +2,7 @@
# 2.0, and the BSD License. See the LICENSE file in the root of this repository
# for complete details.
+import enum
import typing
import pytest
@@ -51,3 +52,13 @@ class TestCachedProperty(object):
assert len(accesses) == 1
assert t.t == 14
assert len(accesses) == 1
+
+
+def test_enum():
+ class TestEnum(utils.Enum):
+ value = "something"
+
+ assert issubclass(TestEnum, enum.Enum)
+ assert isinstance(TestEnum.value, enum.Enum)
+ assert repr(TestEnum.value) == "<TestEnum.value: 'something'>"
+ assert str(TestEnum.value) == "TestEnum.value"
--
2.31.1

View File

@ -7,7 +7,7 @@
Name: python-%{srcname}
Version: 3.4.7
Release: 1%{?dist}
Release: 2%{?dist}
Summary: PyCA's cryptography library
License: ASL 2.0 or BSD
@ -18,6 +18,10 @@ Source0: https://github.com/pyca/cryptography/archive/%{version}/%{srcnam
Source1: cryptography-%{version}-vendor.tar.bz2
Source2: conftest-skipper.py
%endif
Patch0001: 0001-fix-pkcs12-parse-ordering.-fixes-5872-5879.patch
Patch0002: 0002-WIP-3.0.0-support-5250.patch
Patch0003: 0003-switch-to-using-EVP_PKEY_derive-instead-of-DH_comput.patch
Patch0004: 0004-Use-well-defined-enum-representation.patch
ExclusiveArch: %{rust_arches}
@ -117,6 +121,11 @@ PYTHONPATH=${PWD}/vectors:%{buildroot}%{python3_sitearch} \
%{python3_sitearch}/%{srcname}-%{version}-py*.egg-info
%changelog
* Tue May 11 2021 Christian Heimes <cheimes@redhat.com> - 3.4.7-2
- Fix compatibility issue with Python 3.10. Enums now use same
representation as on Python 3.9. (#1952522)
- Backport OpenSSL 3.0.0 compatibility patches.
* Wed Apr 21 2021 Christian Heimes <cheimes@redhat.com> - 3.4.7-1
- Update to 3.4.7
- Remove dependency on python-cryptography-vectors package and use vectors