Re: Incorrect code or Python regression?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 21. 07. 24 19:10, Paul Howarth wrote:

Hi Miro,

On Sun, 21 Jul 2024 17:46:24 +0200
Miro Hrončok <mhroncok@xxxxxxxxxx> wrote:

Hey Paul.

I just tried this with pip-installed cryptography in Python 3.13 venv:

  >>> from cryptography.exceptions import _Reasons
  >>> from cryptography.hazmat.primitives.kdf.kbkdf import KBKDFHMAC
  >>> try:
...     KBKDFHMAC(None, None, None, None, None, None, None, None,
None) ... except Exception as e:
...     ex = e
...
  >>> ex
UnsupportedAlgorithm('Algorithm supplied is not a supported hash
algorithm.')
  >>> ex._reason
_Reasons.UNSUPPORTED_HASH
  >>> ex._reason is _Reasons.UNSUPPORTED_HASH
True


dnf-installed cryptography behaves the same in Rawhide mock.

How can I raise the exception that has a _reason that equals but is
not identical to _Reasons.UNSUPPORTED_HASH?


Sure way is to try rebuilding python-paramiko. The code that exhibits
this behavior is in tests/_util.py:

from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding, rsa

...

def sha1_signing_unsupported():
     """
     This is used to skip tests in environments where SHA-1 signing is
     not supported by the backend.
     """
     private_key = rsa.generate_private_key(
         public_exponent=65537, key_size=2048, backend=default_backend()
     )
     message = b"Some dummy text"
     try:
         private_key.sign(
             message,
             padding.PSS(
                 mgf=padding.MGF1(hashes.SHA1()),
                 salt_length=padding.PSS.MAX_LENGTH,
             ),
             hashes.SHA1(),
         )
         return False
     except UnsupportedAlgorithm as e:
         return e._reason is _Reasons.UNSUPPORTED_HASH
I can reproduce that. But I unable to say whether it's a bug in cpython, cryptography or pyo3. The code in cryptography is written in Rust and I don't have much experience with hat.
I suggest reporting this behavior at https://github.com/pyca/cryptography/issues as a starting point. 

--
Miro Hrončok
--
Phone: +420777974800
Fedora Matrix: mhroncok

--
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux