search

wbond / oscrypto

Compiler-free Python crypto library backed by the OS, supporting CPython and PyPy
MIT License
318 stars 71 forks source link

Test failure with OpenSSL 3.2.0 #80

Open micwoj92 opened 9 months ago

micwoj92 commented 9 months ago

Using release 1.3.0, same happens as of latest commit 1547f535001ba568b239b8797465536759c742a3 Works fine with OpenSSL 3.1.4.

============================= test session starts ==============================
platform linux -- Python 3.11.6, pytest-7.4.3, pluggy-1.3.0
rootdir: /build/python-oscrypto/src/oscrypto-1.3.0
collected 174 items / 8 deselected / 166 selected

tests/test_asymmetric.py ............................................... [ 28%]
.............                                                            [ 36%]
tests/test_init.py .                                                     [ 36%]
tests/test_kdf.py ....                                                   [ 39%]
tests/test_keys.py ..................................................... [ 71%]
                                                                         [ 71%]
tests/test_symmetric.py ...................                              [ 82%]
tests/test_tls.py ...............F....F....                              [ 97%]
tests/test_trust_list.py ....                                            [100%]

=================================== FAILURES ===================================
_________________________ TLSTests.test_tls_error_http _________________________

args = (<tests.test_tls.TLSTests testMethod=test_tls_error_http>,)
t = <Timer(Thread-35, stopped 140337561142976)>

    def wrapped(*args):
        try:
            if not osx_pypy_bug:
                t = threading.Timer(timeout, lambda: thread.interrupt_main())
                t.start()
>           f(*args)

tests/test_tls.py:75: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
tests/test_tls.py:129: in test_tls_error_http
    tls.TLSSocket('www.google.com', 80)
oscrypto/_openssl/tls.py:456: in __init__
    self._handshake()
oscrypto/_openssl/tls.py:683: in _handshake
    handle_openssl_error(0, TLSError)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

result = 0, exception_class = <class 'oscrypto.errors.TLSError'>

    def handle_openssl_error(result, exception_class=None):
        """
        Checks if an error occurred, and if so throws an OSError containing the
        last OpenSSL error message

        :param result:
            An integer result code - 1 or greater indicates success

        :param exception_class:
            The exception class to use for the exception if an error occurred

        :raises:
            OSError - when an OpenSSL error occurs
        """

        if result > 0:
            return

        if exception_class is None:
            exception_class = OSError

        error_num = libcrypto.ERR_get_error()
        buffer = buffer_from_bytes(120)
        libcrypto.ERR_error_string(error_num, buffer)

        # Since we are dealing with a string, it is NULL terminated
        error_string = byte_string_from_buffer(buffer)

>       raise exception_class(_try_decode(error_string))
E       oscrypto.errors.TLSError: error:0A0000C6:SSL routines::packet length too long

oscrypto/_openssl/_libcrypto.py:98: TLSError
____________________ TLSTests.test_tls_error_weak_dh_params ____________________

args = (<tests.test_tls.TLSTests testMethod=test_tls_error_weak_dh_params>,)
t = <Timer(Thread-40, stopped 140337561142976)>

    def wrapped(*args):
        try:
            if not osx_pypy_bug:
                t = threading.Timer(timeout, lambda: thread.interrupt_main())
                t.start()
>           f(*args)

tests/test_tls.py:75: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
tests/test_tls.py:226: in test_tls_error_weak_dh_params
    tls.TLSSocket('dh512.badssl.com', 443)
oscrypto/_openssl/tls.py:456: in __init__
    self._handshake()
oscrypto/_openssl/tls.py:683: in _handshake
    handle_openssl_error(0, TLSError)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

result = 0, exception_class = <class 'oscrypto.errors.TLSError'>

    def handle_openssl_error(result, exception_class=None):
        """
        Checks if an error occurred, and if so throws an OSError containing the
        last OpenSSL error message

        :param result:
            An integer result code - 1 or greater indicates success

        :param exception_class:
            The exception class to use for the exception if an error occurred

        :raises:
            OSError - when an OpenSSL error occurs
        """

        if result > 0:
            return

        if exception_class is None:
            exception_class = OSError

        error_num = libcrypto.ERR_get_error()
        buffer = buffer_from_bytes(120)
        libcrypto.ERR_error_string(error_num, buffer)

        # Since we are dealing with a string, it is NULL terminated
        error_string = byte_string_from_buffer(buffer)

>       raise exception_class(_try_decode(error_string))
E       oscrypto.errors.TLSError: error:030000A8:digital envelope routines::unknown security bits

oscrypto/_openssl/_libcrypto.py:98: TLSError
=============================== warnings summary ===============================
tests/__init__.py:4
  /build/python-oscrypto/src/oscrypto-1.3.0/tests/__init__.py:4: DeprecationWarning: the imp module is deprecated in favour of importlib and slated for removal in Python 3.12; see the module's documentation for alternative uses
    import imp

-- Docs: https://docs.pytest.org/en/stable/how-to/capture-warnings.html
=========================== short test summary info ============================
FAILED tests/test_tls.py::TLSTests::test_tls_error_http - oscrypto.errors.TLS...
FAILED tests/test_tls.py::TLSTests::test_tls_error_weak_dh_params - oscrypto....
=========== 2 failed, 164 passed, 8 deselected, 1 warning in 49.29s ============