PyCA's cryptography library
Go to file
Christian Heimes b166e77e86 Python 3.10 and OpenSSL 3.0.0 fixes (#1952522)
Fix compatibility issue with Python 3.10. Enums now use same
representation as on Python 3.9.

Backport OpenSSL 3.0.0 compatibility patches.

Resolves: RHBZ#1952522
2021-05-11 10:43:14 +02:00
.gitignore Update to 3.4.7, use vectors from sources (#1952024) 2021-04-22 08:07:57 +02:00
0001-fix-pkcs12-parse-ordering.-fixes-5872-5879.patch Python 3.10 and OpenSSL 3.0.0 fixes (#1952522) 2021-05-11 10:43:14 +02:00
0002-WIP-3.0.0-support-5250.patch Python 3.10 and OpenSSL 3.0.0 fixes (#1952522) 2021-05-11 10:43:14 +02:00
0003-switch-to-using-EVP_PKEY_derive-instead-of-DH_comput.patch Python 3.10 and OpenSSL 3.0.0 fixes (#1952522) 2021-05-11 10:43:14 +02:00
0004-Use-well-defined-enum-representation.patch Python 3.10 and OpenSSL 3.0.0 fixes (#1952522) 2021-05-11 10:43:14 +02:00
conftest-skipper.py Skip iso8601 and pretend tests on RHEL 2021-02-12 16:47:08 +01:00
python-cryptography.spec Python 3.10 and OpenSSL 3.0.0 fixes (#1952522) 2021-05-11 10:43:14 +02:00
README.md Update to 3.4.7, use vectors from sources (#1952024) 2021-04-22 08:07:57 +02:00
sources Update to 3.4.7, use vectors from sources (#1952024) 2021-04-22 08:07:57 +02:00
vendor_rust.py Create reproducible tar file 2021-02-16 14:33:41 +01:00

PyCA cryptography

https://cryptography.io/en/latest/

Packaging python-cryptography

The example assumes

  • Fedora Rawhide (f34)
  • PyCA cryptography release 3.4
  • Update Bugzilla issue is RHBZ#00000001

Build new python-cryptography

Switch and update branch

fedpkg switch-branch rawhide
fedpkg pull

Bump version and get sources

rpmdev-bumpspec -c "Update to 3.4 (#00000001)" -n 3.4 python-cryptography.spec
spectool -gf python-cryptography.spec

Upload new source

fedpkg new-sources cryptography-3.4.tar.gz

Commit changes

fedpkg commit --clog
fedpkg push

Build

fedpkg build

RHEL/CentOS builds

RHEL and CentOS use a different approach for Rust crates packaging than Fedora. On Fedora Rust dependencies are packaged as RPMs, e.g. rust-pyo3+default-devel RPM. These packages don't exist on RHEL and CentOS. Instead python-cryptography uses a tar ball with vendored crates. The tar ball is created by a script:

./vendor_rust.py
rhpkg upload cryptography-3.4-vendor.tar.bz2