1334410 – update to python-cryptography breaks pyOpenSSL attempt to get key type

Bug 1334410 - update to python-cryptography breaks pyOpenSSL attempt to get key type

Summary: update to python-cryptography breaks pyOpenSSL attempt to get key type

Keywords:
Status:	CLOSED DUPLICATE of bug 1334409
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	pyOpenSSL
Sub Component:
Version:	24
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-05-09 14:34 UTC by James Hogarth
Modified:	2018-04-11 12:25 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2016-05-09 14:41:20 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1334409	0	unspecified	CLOSED	The 0.13 update had an API change that breaks pyOpenSSL	2021-02-22 00:41:40 UTC

Internal Links: 1334409

Description James Hogarth 2016-05-09 14:34:48 UTC

Description of problem:
python-cryptography 0.13 was recently built for F24 and rawhide.

This is breaking pyOpenSSL due to a way in which the key is read:
https://github.com/pyca/cryptography/issues/2837

Can you please update to pyOpenSSL 0.16 which fixes this.

Version-Release number of selected component (if applicable):
python-cryptography -> 1.3.1-1.fc25 and 1.3.1-1.fc24
pyOpenSSL 0.15.1-3.fc24  (and 0.15 in rawhide)

How reproducible:
Always (upstream bug)


Steps to Reproduce:
1. Attempt to access a key type in pyOpenSSL

Actual results:
======================================================================
ERROR: test_valid_true (certbot.tests.crypto_util_test.ValidPrivkeyTest)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/builddir/build/BUILD/certbot-38d7503f0f27686997ece77a25834f6387f47e47/certbot/tests/crypto_util_test.py", line 162, in test_valid_true
    self.assertTrue(self._call(RSA256_KEY))
  File "/builddir/build/BUILD/certbot-38d7503f0f27686997ece77a25834f6387f47e47/certbot/tests/crypto_util_test.py", line 159, in _call
    return valid_privkey(privkey)
  File "/builddir/build/BUILD/certbot-38d7503f0f27686997ece77a25834f6387f47e47/certbot/crypto_util.py", line 200, in valid_privkey
    OpenSSL.crypto.FILETYPE_PEM, privkey).check()
  File "/usr/lib/python2.7/site-packages/OpenSSL/crypto.py", line 243, in check
    if _lib.EVP_PKEY_type(self._pkey.type) != _lib.EVP_PKEY_RSA:
AttributeError: '_cffi_backend.CDataGCP' object has no attribute 'type'


Expected results:
Acquire key type

Additional info:
Upstream python-cryptography issue: https://github.com/pyca/cryptography/issues/2837
Upstream pyOpenSSL issue: https://github.com/pyca/pyopenssl/issues/407

Comment 1 James Hogarth 2016-05-09 14:41:20 UTC


*** This bug has been marked as a duplicate of bug 1334409 ***

Note You need to log in before you can comment on or make changes to this bug.