When using pywebpush, a CryptographyDeprecationWarning is generated, indicating a future incompatibility with the cryptography library. The warning suggests that the curve argument in the generate_private_key function must be an instance of an EllipticCurve class, not the class itself.
Steps to Reproduce:
Install the pywebpush library (version: specify_version_here) in an environment with the cryptography library (version: specify_version_here).
Execute a function or method that results in calling ec.generate_private_key(ec.SECP256R1, default_backend()).
Expected Behavior:
The library should not raise any deprecation warnings related to the cryptography library and should be compatible with the current and future versions of the cryptography library.
Actual Behavior:
The following deprecation warning is displayed:
/usr/local/lib/python3.12/site-packages/pywebpush/__init__.py:203: CryptographyDeprecationWarning: Curve argument must be an instance of an EllipticCurve class. Did you pass a class by mistake? This will be an exception in a future version of cryptography.
2024-01-24T05:01:02.462398157Z server_key = ec.generate_private_key(ec.SECP256R1, default_backend())
Environment:
official Python 3.12.1 image based on Alpine 3.19
$ pip install -U pywebpush
Requirement already satisfied: pywebpush in /usr/local/lib/python3.12/site-packages (1.14.0)
Requirement already satisfied: cryptography>=2.6.1 in /usr/local/lib/python3.12/site-packages (from pywebpush) (42.0.0)
Requirement already satisfied: http-ece>=1.1.0 in /usr/local/lib/python3.12/site-packages (from pywebpush) (1.2.0)
Requirement already satisfied: requests>=2.21.0 in /usr/local/lib/python3.12/site-packages (from pywebpush) (2.31.0)
Requirement already satisfied: six>=1.15.0 in /usr/local/lib/python3.12/site-packages (from pywebpush) (1.16.0)
Requirement already satisfied: py-vapid>=1.7.0 in /usr/local/lib/python3.12/site-packages (from pywebpush) (1.9.0)
Requirement already satisfied: cffi>=1.12 in /usr/local/lib/python3.12/site-packages (from cryptography>=2.6.1->pywebpush) (1.16.0)
Requirement already satisfied: charset-normalizer<4,>=2 in /usr/local/lib/python3.12/site-packages (from requests>=2.21.0->pywebpush) (3.3.2)
Requirement already satisfied: idna<4,>=2.5 in /usr/local/lib/python3.12/site-packages (from requests>=2.21.0->pywebpush) (3.6)
Requirement already satisfied: urllib3<3,>=1.21.1 in /usr/local/lib/python3.12/site-packages (from requests>=2.21.0->pywebpush) (2.1.0)
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.12/site-packages (from requests>=2.21.0->pywebpush) (2023.11.17)
Requirement already satisfied: pycparser in /usr/local/lib/python3.12/site-packages (from cffi>=1.12->cryptography>=2.6.1->pywebpush) (2.21)
Additional Context:
This warning suggests future compatibility issues and hinders the clean usage of the library. It would be beneficial for maintenance and future-proofing to address this deprecation warning.
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.backends import default_backend
# Create an instance of the SECP256R1 curve
curve = ec.SECP256R1()
server_key = ec.generate_private_key(curve, default_backend())
Description:
When using pywebpush, a CryptographyDeprecationWarning is generated, indicating a future incompatibility with the cryptography library. The warning suggests that the curve argument in the generate_private_key function must be an instance of an EllipticCurve class, not the class itself.
Steps to Reproduce:
Expected Behavior:
The library should not raise any deprecation warnings related to the cryptography library and should be compatible with the current and future versions of the cryptography library.
Actual Behavior:
The following deprecation warning is displayed:
Environment:
official Python 3.12.1 image based on Alpine 3.19
Additional Context:
This warning suggests future compatibility issues and hinders the clean usage of the library. It would be beneficial for maintenance and future-proofing to address this deprecation warning.
Original code:
server_key = ec.generate_private_key(ec.SECP256R1, default_backend())Suggestion for a fixed code: