Description of problem: Package python-SecretStorage fails to build from source in Fedora rawhide. Version-Release number of selected component (if applicable): 3.1.0-2.fc30 Steps to Reproduce: koji build --scratch f30 python-SecretStorage-3.1.0-2.fc30.src.rpm Additional info: This package is tracked by Koschei. See: http://apps.fedoraproject.org/koschei/package/python-SecretStorage
Created attachment 1536177 [details] build.log Relevant snippet from build.log: ERROR: test_secret (test_item.ItemTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/builddir/build/BUILD/SecretStorage-3.1.0/tests/test_item.py", line 59, in test_secret self.assertEqual(self.item.get_secret(), b'pa$$word') File "/builddir/build/BUILD/SecretStorage-3.1.0/secretstorage/item.py", line 106, in get_secret padded_secret = decryptor.update(encrypted_secret) + decryptor.finalize() File "/usr/lib64/python3.7/site-packages/cryptography/hazmat/primitives/ciphers/base.py", line 149, in update return self._ctx.update(data) File "/usr/lib64/python3.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.py", line 124, in update n = self.update_into(data, buf) File "/usr/lib64/python3.7/site-packages/cryptography/hazmat/backends/openssl/ciphers.py", line 140, in update_into self._backend._ffi.from_buffer(data), len(data) TypeError: a bytes-like object is required, not 'list'
This failure of a test is obviously the result from recent (unannounced) major update of python3-cryptography 2.3-3.fc30 > 2.5-1.fc30 https://src.fedoraproject.org/rpms/python-cryptography/c/437c09bb12d0b3e1795ae236b273a35ea4455af3?branch=master See also: https://www.python.org/dev/peps/pep-0404/#strings-and-bytes
I don't think it's related to python-cryptography update. It's more likely related to some internal changes in python-cffi. Anyhow lists was never officially supported. CipherContet.update() must be called with a bytes-like object, https://cryptography.readthedocs.io/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.CipherContext.update . There was a recent change to python-SecretStorage that addresses the problem, https://github.com/mitya57/secretstorage/commit/a334722a68fa857087e82aad2ac756f96d848b31#diff-ebc7e112765d29e01b7aabc6d8fad7ed . Please apply the upstream patch.
My first analysis was wrong. Alex Gaynor from python-cryptography upstream correct just told me that <quote>python-cryptography changed which APIs are for buffers. The fact that it used to work with lists was an accident. </quote> https://cryptography.readthedocs.io/en/latest/changelog/#v2-5 > Numerous classes and functions have been updated to allow bytes-like types for keying material and passwords, including symmetric algorithms, AEAD ciphers, KDFs, loading asymmetric keys, and one time password classes.
It looks like this was fixed with 3.1.1: https://github.com/mitya57/secretstorage/blob/3.1.1/changelog