File: wheezy.patch

package info (click to toggle)
python-pyghmi 1.5.70-4
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 1,292 kB
  • sloc: python: 19,961; sh: 29; makefile: 18
file content (76 lines) | stat: -rw-r--r-- 3,183 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
diff -urN pyghmi/lower-constraints.txt pyghmi-wheezy/lower-constraints.txt
--- pyghmi/lower-constraints.txt	2018-08-30 09:41:36.771908238 -0400
+++ pyghmi-wheezy/lower-constraints.txt	2019-02-08 14:27:21.322413226 -0500
@@ -1,5 +1,4 @@
 coverage===4.0
-cryptography===2.1
 fixtures===3.0.0
 openstackdocstheme==1.18.1
 oslotest===3.2.0
diff -urN pyghmi/pyghmi/ipmi/private/session.py pyghmi-wheezy/pyghmi/ipmi/private/session.py
--- pyghmi/pyghmi/ipmi/private/session.py	2019-02-08 14:26:57.039077089 -0500
+++ pyghmi-wheezy/pyghmi/ipmi/private/session.py	2019-02-08 14:28:35.048397582 -0500
@@ -28,8 +28,8 @@
 import threading
 
 
-from cryptography.hazmat.backends import default_backend
-from cryptography.hazmat.primitives.ciphers import algorithms, Cipher, modes
+from Cryptodome.Cipher import AES
+
 
 import pyghmi.exceptions as exc
 from pyghmi.ipmi.private import constants
@@ -309,10 +309,6 @@
     # can do something like reassign our threading and select modules
     socketchecking = None
 
-    # Maintain single Cryptography backend for all IPMI sessions (seems to be
-    # thread-safe)
-    _crypto_backend = default_backend()
-
     @classmethod
     def _cleanup(cls):
         for sesskey in list(cls.bmc_handlers):
@@ -872,14 +868,9 @@
                 iv = os.urandom(16)
                 message += iv
                 payloadtocrypt = bytes(payload + _aespad(payload))
-                crypter = Cipher(
-                    algorithm=algorithms.AES(self.aeskey),
-                    mode=modes.CBC(iv),
-                    backend=self._crypto_backend
-                )
-                encryptor = crypter.encryptor()
-                message += encryptor.update(payloadtocrypt
-                                            ) + encryptor.finalize()
+                crypter = AES.new(self.aeskey, AES.MODE_CBC, iv)
+                crypted = crypter.encrypt(payloadtocrypt)
+                message += crypted
             else:  # no confidetiality algorithm
                 message.append(psize & 0xff)
                 message.append(psize >> 8)
@@ -1366,14 +1357,9 @@
             payload = data[16:16 + psize]
             if encrypted:
                 iv = data[16:32]
-                crypter = Cipher(
-                    algorithm=algorithms.AES(self.aeskey),
-                    mode=modes.CBC(bytes(iv)),
-                    backend=self._crypto_backend
-                )
-                decryptor = crypter.decryptor()
-                payload = bytearray(decryptor.update(bytes(payload[16:])
-                                                     ) + decryptor.finalize())
+                decrypter = AES.new(self.aeskey, AES.MODE_CBC, iv)
+                decrypted = decrypter.decrypt(payload[16:])
+                payload = bytearray(decrypted)
                 padsize = payload[-1] + 1
                 payload = payload[:-padsize]
             if ptype == 0:
diff -urN pyghmi/requirements.txt pyghmi-wheezy/requirements.txt
--- pyghmi/requirements.txt	2018-08-15 08:43:19.779309677 -0400
+++ pyghmi-wheezy/requirements.txt	2019-02-08 14:27:21.322413226 -0500
@@ -1 +1 @@
-cryptography>=2.1  # BSD/Apache-2.0
+pycryptodomex>=2.6