search

Mastercard / client-encryption-python

Library for Mastercard API compliant payload encryption/decryption.
https://developer.mastercard.com/platform/documentation/security-and-authentication/securing-sensitive-data-using-payload-encryption/
MIT License
16 stars 9 forks source link

pyOpenSSL version doesn't support Cryptography 42.0.0 #32

Closed Rizzle93 closed 6 months ago

Rizzle93 commented 6 months ago

Running pipdeptree after install of the mastercard client-encryption-library shows that this library is pinning the pyopenssl version meaning that cryptography 42.0.0 is not supported

mastercard-client-encryption==1.9.0 ├── pycryptodome [required: >=3.8.1, installed: 3.20.0] ├── pyOpenSSL [required: >=22.1.0,<=23.2.0, installed: 23.2.0] │ └── cryptography [required: >=38.0.0,<42,!=40.0.1,!=40.0.0, installed: 41.0.7] │ └── cffi [required: >=1.12, installed: 1.16.0] │ └── pycparser [required: Any, installed: 2.21]

The issue seems to be on this line: https://github.com/Mastercard/client-encryption-python/blob/main/setup.py#L25 where the pyOpenSSL library version is restricted. Please update your library to support a minumum of pyOpenSSL 23.3.0 (so that Cryptography 42.0.0 can be installed)

karen-avetisyan-mc commented 6 months ago

Hi @Rizzle93 , We are working on the fix and will provide the update shortly, please watch the space. Sorry for the inconvenience Thanks

karen-avetisyan-mc commented 6 months ago

Hi @Rizzle93 https://pypi.org/project/mastercard-client-encryption/ - please use version 1.20.0 and let as know if issue has been resolved.