Saturday, February 29, 2020

Re: [new] net/py-tlslite-ng

On Sat, Feb 29, 2020 at 02:52:07PM +0100, Theo Buehler wrote:
> > I finally got around to running the regression tests on sparc64, and 71
> > fail. They all seem to fail the same way though:
> >
> > > raise NotImplementedError("Use module Crypto.Cipher.PKCS1_OAEP instead")
> > E NotImplementedError: Use module Crypto.Cipher.PKCS1_OAEP instead
> >
> > /usr/local/lib/python3.7/site-packages/Crypto/PublicKey/RSA.py:379: NotImplement
> > edError

> > So this is not a problem with this new port.

> It turns out that this failure is triggered by the presence of
> py3-cryptodome.

> Removing py3-cryptodome on sparc64 makes all tests pass. For both
> tlslite-ng and tlsfuzzer. Since a ton of stuff pulls in py3-cryptodome
> via gobject-introspection, I think we had better work around this, as it
> will break all RSA operations.

> With the patch below all tests for tlslite-ng and tlsfuzzer pass
> independently of whether py3-cryptodome is present. Tested on both
> sparc64 and amd64.

> ok? or do you have a better suggestion?

That fixes it for sparc64 for me. ok kmos

--Kurt

> Index: Makefile
> ===================================================================
> RCS file: /var/cvs/ports/net/py-tlslite-ng/Makefile,v
> retrieving revision 1.1.1.1
> diff -u -p -r1.1.1.1 Makefile
> --- Makefile 28 Feb 2020 09:18:41 -0000 1.1.1.1
> +++ Makefile 29 Feb 2020 13:41:16 -0000
> @@ -6,6 +6,7 @@ MODPY_EGG_VERSION = 0.8.0-alpha37
> DISTNAME = tlslite-ng-${MODPY_EGG_VERSION}
> PKGNAME = py-${DISTNAME:S/-alpha/alpha/}
> CATEGORIES = net
> +REVISION = 0
>
> GH_ACCOUNT = tomato42
> GH_PROJECT = tlslite-ng
> Index: patches/patch-tlslite_utils_cryptomath_py
> ===================================================================
> RCS file: patches/patch-tlslite_utils_cryptomath_py
> diff -N patches/patch-tlslite_utils_cryptomath_py
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ patches/patch-tlslite_utils_cryptomath_py 29 Feb 2020 13:42:00 -0000
> @@ -0,0 +1,24 @@
> +$OpenBSD$
> +
> +Avoid loading pycrypto. If py3-cryptodome is installed, this will hit failures
> +as the one below whenever RSA methods are used:
> +
> +> raise NotImplementedError("Use module Crypto.Cipher.PKCS1_OAEP instead")
> +E NotImplementedError: Use module Crypto.Cipher.PKCS1_OAEP instead
> +
> +/usr/local/lib/python3.7/site-packages/Crypto/PublicKey/RSA.py:379: NotImplementedErro
> +
> +Index: tlslite/utils/cryptomath.py
> +--- tlslite/utils/cryptomath.py.orig
> ++++ tlslite/utils/cryptomath.py
> +@@ -51,8 +51,8 @@ except ImportError:
> +
> + #Try to load pycrypto
> + try:
> +- import Crypto.Cipher.AES
> +- pycryptoLoaded = True
> ++ # import Crypto.Cipher.AES
> ++ pycryptoLoaded = False
> + except ImportError:
> + pycryptoLoaded = False
> +
>

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)