search

italia / eudi-wallet-it-python

Python toolchain for building an OpenID4VP RP with a SATOSA backend compliant with the Italian Wallet implementation profile
Apache License 2.0
16 stars 8 forks source link

Dependency `cryptography` latest release breaks the wallet #234

Closed salvatorelaiso closed 5 months ago

salvatorelaiso commented 5 months ago

The latest release of the package cryptography v42.0.0 causes the following error when running this package in Satosa-Saml2Spid:

[2024-01-23 18:17:15] [ERROR]: Failed to create WSGI app. [satosa.proxy_server.make_app:203]
2024-01-23 18:17:15 Traceback (most recent call last):
2024-01-23 18:17:15   File "/usr/lib/python3.11/pydoc.py", line 442, in safeimport
2024-01-23 18:17:15     module = __import__(path)
2024-01-23 18:17:15              ^^^^^^^^^^^^^^^^
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/pyeudiw/satosa/backend.py", line 26, in <module>
2024-01-23 18:17:15     from pyeudiw.openid4vp.direct_post_response import DirectPostResponse
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/pyeudiw/openid4vp/direct_post_response.py", line 14, in <module>
2024-01-23 18:17:15     from pyeudiw.openid4vp.schemas.vp_token import VPTokenPayload, VPTokenHeader
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/pyeudiw/openid4vp/schemas/vp_token.py", line 6, in <module>
2024-01-23 18:17:15     from pyeudiw.sd_jwt.schema import is_sd_jwt_format
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/pyeudiw/sd_jwt/__init__.py", line 27, in <module>
2024-01-23 18:17:15     from cryptography.hazmat.backends.openssl.rsa import _RSAPrivateKey
2024-01-23 18:17:15 ModuleNotFoundError: No module named 'cryptography.hazmat.backends.openssl.rsa'
2024-01-23 18:17:15 
2024-01-23 18:17:15 During handling of the above exception, another exception occurred:
2024-01-23 18:17:15 
2024-01-23 18:17:15 Traceback (most recent call last):
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/satosa/proxy_server.py", line 195, in make_app
2024-01-23 18:17:15     res1 = WsgiApplication(satosa_config)
2024-01-23 18:17:15            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/satosa/proxy_server.py", line 117, in __init__
2024-01-23 18:17:15     super().__init__(config)
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/satosa/base.py", line 56, in __init__
2024-01-23 18:17:15     backends = load_backends(self.config, self._auth_resp_callback_func,
2024-01-23 18:17:15                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/satosa/plugin_loader.py", line 44, in load_backends
2024-01-23 18:17:15     backend_modules = _load_plugins(
2024-01-23 18:17:15                       ^^^^^^^^^^^^^^
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/satosa/plugin_loader.py", line 174, in _load_plugins
2024-01-23 18:17:15     module_class = _load_endpoint_module(plugin_config, plugin_filter)
2024-01-23 18:17:15                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/satosa/plugin_loader.py", line 193, in _load_endpoint_module
2024-01-23 18:17:15     return _load_plugin_module(plugin_config, plugin_filter)
2024-01-23 18:17:15            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/satosa/plugin_loader.py", line 197, in _load_plugin_module
2024-01-23 18:17:15     module_class = locate(plugin_config["module"])
2024-01-23 18:17:15                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-01-23 18:17:15   File "/usr/lib/python3.11/pydoc.py", line 1719, in locate
2024-01-23 18:17:15     nextmodule = safeimport('.'.join(parts[:n+1]), forceload)
2024-01-23 18:17:15                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-01-23 18:17:15   File "/usr/lib/python3.11/pydoc.py", line 457, in safeimport
2024-01-23 18:17:15     raise ErrorDuringImport(path, sys.exc_info())
2024-01-23 18:17:15 pydoc.ErrorDuringImport: problem in pyeudiw.satosa.backend - ModuleNotFoundError: No module named 'cryptography.hazmat.backends.openssl.rsa'
2024-01-23 18:17:15 Traceback (most recent call last):
2024-01-23 18:17:15   File "/usr/lib/python3.11/pydoc.py", line 442, in safeimport
2024-01-23 18:17:15     module = __import__(path)
2024-01-23 18:17:15              ^^^^^^^^^^^^^^^^
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/pyeudiw/satosa/backend.py", line 26, in <module>
2024-01-23 18:17:15     from pyeudiw.openid4vp.direct_post_response import DirectPostResponse
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/pyeudiw/openid4vp/direct_post_response.py", line 14, in <module>
2024-01-23 18:17:15     from pyeudiw.openid4vp.schemas.vp_token import VPTokenPayload, VPTokenHeader
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/pyeudiw/openid4vp/schemas/vp_token.py", line 6, in <module>
2024-01-23 18:17:15     from pyeudiw.sd_jwt.schema import is_sd_jwt_format
2024-01-23 18:17:15   File "/usr/lib/python3.11/site-packages/pyeudiw/sd_jwt/__init__.py", line 27, in <module>
2024-01-23 18:17:15     from cryptography.hazmat.backends.openssl.rsa import _RSAPrivateKey
2024-01-23 18:17:15 ModuleNotFoundError: No module named 'cryptography.hazmat.backends.openssl.rsa'

Info about the package from Satosa container:

$ pip show cryptography
Name: cryptography
Version: 42.0.0
Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
Home-page: 
Author: 
Author-email: The Python Cryptographic Authority and individual contributors <cryptography-dev@python.org>
License: Apache-2.0 OR BSD-3-Clause
Location: /usr/lib/python3.11/site-packages
Requires: cffi
Required-by: cryptojwt, jwcrypto, oic, pyOpenSSL, pysaml2

Required by cryptojwt, jwcrypto, oic, pyOpenSSL, pysaml2.

Works with the previous version.

peppelinux commented 5 months ago

Closed by https://github.com/italia/eudi-wallet-it-python/pull/236