Bug 1334410

Summary: update to python-cryptography breaks pyOpenSSL attempt to get key type
Product: [Fedora] Fedora Reporter: James Hogarth <james.hogarth>
Component: pyOpenSSLAssignee: Tomas Mraz <tmraz>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 24CC: jlieskov, mcepl, mcepl, tmraz
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-05-09 14:41:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description James Hogarth 2016-05-09 14:34:48 UTC 
Description of problem:
python-cryptography 0.13 was recently built for F24 and rawhide.

This is breaking pyOpenSSL due to a way in which the key is read:
https://github.com/pyca/cryptography/issues/2837

Can you please update to pyOpenSSL 0.16 which fixes this.

Version-Release number of selected component (if applicable):
python-cryptography -> 1.3.1-1.fc25 and 1.3.1-1.fc24
pyOpenSSL 0.15.1-3.fc24  (and 0.15 in rawhide)

How reproducible:
Always (upstream bug)


Steps to Reproduce:
1. Attempt to access a key type in pyOpenSSL

Actual results:
======================================================================
ERROR: test_valid_true (certbot.tests.crypto_util_test.ValidPrivkeyTest)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/builddir/build/BUILD/certbot-38d7503f0f27686997ece77a25834f6387f47e47/certbot/tests/crypto_util_test.py", line 162, in test_valid_true
    self.assertTrue(self._call(RSA256_KEY))
  File "/builddir/build/BUILD/certbot-38d7503f0f27686997ece77a25834f6387f47e47/certbot/tests/crypto_util_test.py", line 159, in _call
    return valid_privkey(privkey)
  File "/builddir/build/BUILD/certbot-38d7503f0f27686997ece77a25834f6387f47e47/certbot/crypto_util.py", line 200, in valid_privkey
    OpenSSL.crypto.FILETYPE_PEM, privkey).check()
  File "/usr/lib/python2.7/site-packages/OpenSSL/crypto.py", line 243, in check
    if _lib.EVP_PKEY_type(self._pkey.type) != _lib.EVP_PKEY_RSA:
AttributeError: '_cffi_backend.CDataGCP' object has no attribute 'type'


Expected results:
Acquire key type

Additional info:
Upstream python-cryptography issue: https://github.com/pyca/cryptography/issues/2837
Upstream pyOpenSSL issue: https://github.com/pyca/pyopenssl/issues/407
Comment 1 James Hogarth 2016-05-09 14:41:20 UTC 

*** This bug has been marked as a duplicate of bug 1334409 ***