Closed arv1ndh closed 8 months ago
Installing pykmip==0.10.0 also installs cryptography=42.0.4
Cryptography 42.0.2 does not have the following functions, load_der_public_key and load_pem_public_key in the instance created by default_backend().
>>> import cryptography >>> cryptography.__version__ '42.0.2' >>> import kmip >>> kmip.__version__ '0.10.0' >>> from cryptography.hazmat.backends import default_backend >>> backend = default_backend() >>> backend.load_der_public_key(b"test") Traceback (most recent call last): File "<stdin>", line 1, in <module> AttributeError: 'Backend' object has no attribute 'load_der_public_key' >>> backend.load_pem_public_key(b"test") Traceback (most recent call last): File "<stdin>", line 1, in <module> AttributeError: 'Backend' object has no attribute 'load_pem_public_key' >>>
This is causing the kmip_server to throw, "Signing bytes could not be loaded" when there is an attempt to verify a signature using a public_key.
Code using older cryptography functions
kmip/services/server/crypto/engine.py
1490 try: 1491 public_key = backend.load_der_public_key(signing_key) 1492 except Exception: 1493 try: 1494 public_key = backend.load_pem_public_key(signing_key) 1495 except Exception: 1496 raise exceptions.CryptographicFailure( 1497 "The signing key bytes could not be loaded." 1498 )
Installing pykmip==0.10.0 also installs cryptography=42.0.4
Cryptography 42.0.2 does not have the following functions, load_der_public_key and load_pem_public_key in the instance created by default_backend().
This is causing the kmip_server to throw, "Signing bytes could not be loaded" when there is an attempt to verify a signature using a public_key.
Code using older cryptography functions
kmip/services/server/crypto/engine.py