From paul.l.kehrer at gmail.com Tue Aug 1 16:37:14 2023 From: paul.l.kehrer at gmail.com (Paul Kehrer) Date: Wed, 2 Aug 2023 08:37:14 +1200 Subject: [Cryptography-dev] PyCA cryptography 41.0.3 released Message-ID: PyCA cryptography 41.0.3 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric algorithms, message digests, X509, key derivation functions, and much more. We support Python 3.7+, and PyPy3 7.3.10+. Changelog (https://cryptography.io/en/latest/changelog/#v41-0-3): * Fixed performance regression loading DH public keys. * Fixed a memory leak when using ChaCha20Poly1305. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.2. -Paul Kehrer (reaperhulk) From RishiKesh_Kumar at iptiq.com Wed Aug 2 15:36:12 2023 From: RishiKesh_Kumar at iptiq.com (Rishi Kesh Kumar) Date: Wed, 2 Aug 2023 19:36:12 +0000 Subject: [Cryptography-dev] How to update Python Cryptography Message-ID: Hi, As part of CVE-2023-38325, I need to upgrade the version of Cryptography from 39.0.2. to 41.0.2 through Docker file. I keep getting error while installing Cryptography package I am running below 3 command in RHEL 8.5 in docker file. #RUN yum install python3-pip -y #RUN yum install gcc libffi-devel python-devel OpenSSL-devel ## RUN pip install cryptography Error: Unable to find a match: python-devel OpenSSL-devel The command '/bin/sh -c yum install gcc libffi-devel python-devel OpenSSL-devel' returned a non-zero code: 1 ##[error]The command '/bin/sh -c yum install gcc libffi-devel python-devel OpenSSL-devel' returned a non-zero code: 1 PIP is not installed that?s why I am installing PIP first. Installed Python version when vulnerability is coming. python Python 3.9.16 (main, May 31 2023, 12:21:58) [GCC 8.5.0 20210514 (Red Hat 8.5.0-18)] on linux Kindly help me. This e-mail, including attachments, is intended for the person(s) or company(s) named and may contain confidential and/or legally privileged information. Unauthorized disclosure, copying or use of this information may be unlawful and is prohibited. If you are not the intended recipient, please delete this message and notify the sender. All incoming and outgoing e-mail messages are stored in the Swiss Re Electronic Message Repository. If you do not wish the retention of potentially private e-mails by Swiss Re, we strongly advise you not to use the Swiss Re e-mail account for any private, non-business related communications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From alex.gaynor at gmail.com Wed Aug 2 17:39:19 2023 From: alex.gaynor at gmail.com (Alex Gaynor) Date: Wed, 2 Aug 2023 17:39:19 -0400 Subject: [Cryptography-dev] How to update Python Cryptography In-Reply-To: References: Message-ID: The error you're receiving, "Error: Unable to find a match: python-devel OpenSSL-devel" is coming from yum, and not from anything to do with cryptography. For support with using yum, you should contact Red Hat. Alex On Wed, Aug 2, 2023 at 5:37?PM Rishi Kesh Kumar wrote: > > Hi, > > As part of CVE-2023-38325, I need to upgrade the version of Cryptography from 39.0.2. to 41.0.2 through Docker file. I keep getting error while installing Cryptography package > > > > I am running below 3 command in RHEL 8.5 in docker file. > > > > #RUN yum install python3-pip -y > > #RUN yum install gcc libffi-devel python-devel OpenSSL-devel > > ## RUN pip install cryptography > > > > > > Error: Unable to find a match: python-devel OpenSSL-devel > > The command '/bin/sh -c yum install gcc libffi-devel python-devel OpenSSL-devel' returned a non-zero code: 1 > > ##[error]The command '/bin/sh -c yum install gcc libffi-devel python-devel OpenSSL-devel' returned a non-zero code: 1 > > > > > > PIP is not installed that?s why I am installing PIP first. > > > > > > Installed Python version when vulnerability is coming. > > python > > Python 3.9.16 (main, May 31 2023, 12:21:58) > > [GCC 8.5.0 20210514 (Red Hat 8.5.0-18)] on linux > > > > > > Kindly help me. > > > This e-mail, including attachments, is intended for the person(s) or company(s) named and may contain confidential and/or legally privileged information. Unauthorized disclosure, copying or use of this information may be unlawful and is prohibited. If you are not the intended recipient, please delete this message and notify the sender. All incoming and outgoing e-mail messages are stored in the Swiss Re Electronic Message Repository. If you do not wish the retention of potentially private e-mails by Swiss Re, we strongly advise you not to use the Swiss Re e-mail account for any private, non-business related communications. > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev -- All that is necessary for evil to succeed is for good people to do nothing. From simo at redhat.com Thu Aug 3 09:53:48 2023 From: simo at redhat.com (Simo Sorce) Date: Thu, 03 Aug 2023 09:53:48 -0400 Subject: [Cryptography-dev] How to update Python Cryptography In-Reply-To: References: Message-ID: <97df328bc22aa4b0db85d21716d1e901d40a31ea.camel@redhat.com> The openssl devel package is called openssl-devel, not OpenSSL-devel Simo. On Wed, 2023-08-02 at 19:36 +0000, Rishi Kesh Kumar wrote: > Hi, > As part of CVE-2023-38325, I need to upgrade the version of Cryptography from 39.0.2. to 41.0.2 through Docker file. I keep getting error while installing Cryptography package > > I am running below 3 command in RHEL 8.5 in docker file. > > #RUN yum install python3-pip -y > #RUN yum install gcc libffi-devel python-devel OpenSSL-devel > ## RUN pip install cryptography > > > Error: Unable to find a match: python-devel OpenSSL-devel > The command '/bin/sh -c yum install gcc libffi-devel python-devel OpenSSL-devel' returned a non-zero code: 1 > ##[error]The command '/bin/sh -c yum install gcc libffi-devel python-devel OpenSSL-devel' returned a non-zero code: 1 > > > PIP is not installed that?s why I am installing PIP first. > > > Installed Python version when vulnerability is coming. > > python > > Python 3.9.16 (main, May 31 2023, 12:21:58) > > [GCC 8.5.0 20210514 (Red Hat 8.5.0-18)] on linux > > > Kindly help me. > > This e-mail, including attachments, is intended for the person(s) or company(s) named and may contain confidential and/or legally privileged information. Unauthorized disclosure, copying or use of this information may be unlawful and is prohibited. If you are not the intended recipient, please delete this message and notify the sender. All incoming and outgoing e-mail messages are stored in the Swiss Re Electronic Message Repository. If you do not wish the retention of potentially private e-mails by Swiss Re, we strongly advise you not to use the Swiss Re e-mail account for any private, non-business related communications. > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev -- Simo Sorce RHEL Crypto Team Red Hat, Inc From tierox at gmail.com Fri Aug 4 11:20:36 2023 From: tierox at gmail.com (Gualtiero Scotti) Date: Fri, 4 Aug 2023 17:20:36 +0200 Subject: [Cryptography-dev] Python cryptography fails to load due to _rust DDL import error Message-ID: I'm struggling with this issue from few days... I've a Python application that can run in two ways: - Stand alone -> launched directly using the python interpreter - From a windows service -> wrapping application with pywin32 and using the same interpreter When app starts in standalone mode it works fine but when starts through Windows service it fails with the following stackTrace: ............................. from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC File "C:\Program Files (x86)\...\Python\Lib\site-package\cryptography\hazmat\primitives\kdf\pbkdf2.py", line 10, in from cryptography.exceptions import ( File "C:\Program Files (x86)\...\Python\Lib\site-packages\cryptography\exceptions.py", line 9, in from cryptography.hazmat.bindings._rust import exceptions as rust_exceptions ImportError: DLL load failed while importing _rust: The specified module could not be found." I' don't know wich DLLs cryptography uses.....maybe they are not in librarypath??? - Python 3.11.3 32-bit - Windows 11 Requirements.txt pywin32==305 pywin32-ctypes~=0.2.0 Flask~=2.1.2 flask-login~=0.6.1 Werkzeug~=2.0.2 waitress~=2.1.2 websockets~=10.3 transitions~=0.8.11 bitstruct~=8.15.1 PyYAML~=6.0 passlib~=1.7.4 dacite~=1.5.1 paho-mqtt~=1.6.1 setuptools~=60.2.0 six~=1.16.0 MarkupSafe~=2.1.1 click~=8.1.3 itsdangerous~=2.1.2 Jinja2~=3.1.2 pythonnet~=3.0.1 requests~=2.29.0 pyserial~=3.5.0 zeep~=4.2.1 *cryptography~=41.0.2* pycryptodome~=3.18.0 Did someone have the same issue? Any suggestion is appreciated. Thanks in advance. -------------- next part -------------- An HTML attachment was scrubbed... URL: From alex.gaynor at gmail.com Fri Aug 4 12:02:05 2023 From: alex.gaynor at gmail.com (Alex Gaynor) Date: Fri, 4 Aug 2023 12:02:05 -0400 Subject: [Cryptography-dev] Python cryptography fails to load due to _rust DDL import error In-Reply-To: References: Message-ID: This very likely indicates that however you've packaged and installed the application in your environment isn't properly including the extension module for cryptography. Alex On Fri, Aug 4, 2023 at 11:20?AM Gualtiero Scotti wrote: > > I'm struggling with this issue from few days... > > I've a Python application that can run in two ways: > > Stand alone -> launched directly using the python interpreter > From a windows service -> wrapping application with pywin32 and using the same interpreter > > When app starts in standalone mode it works fine but when starts through Windows service it fails with the following stackTrace: > > ............................. > from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC > File "C:\Program Files (x86)\...\Python\Lib\site-package\cryptography\hazmat\primitives\kdf\pbkdf2.py", line 10, in > from cryptography.exceptions import ( > File "C:\Program Files (x86)\...\Python\Lib\site-packages\cryptography\exceptions.py", line 9, in > from cryptography.hazmat.bindings._rust import exceptions as rust_exceptions > ImportError: DLL load failed while importing _rust: The specified module could not be found." > > I' don't know wich DLLs cryptography uses.....maybe they are not in librarypath??? > > Python 3.11.3 32-bit > Windows 11 > > Requirements.txt > > pywin32==305 pywin32-ctypes~=0.2.0 Flask~=2.1.2 flask-login~=0.6.1 Werkzeug~=2.0.2 waitress~=2.1.2 websockets~=10.3 transitions~=0.8.11 bitstruct~=8.15.1 PyYAML~=6.0 passlib~=1.7.4 dacite~=1.5.1 paho-mqtt~=1.6.1 setuptools~=60.2.0 six~=1.16.0 MarkupSafe~=2.1.1 click~=8.1.3 itsdangerous~=2.1.2 Jinja2~=3.1.2 pythonnet~=3.0.1 requests~=2.29.0 pyserial~=3.5.0 zeep~=4.2.1 cryptography~=41.0.2 pycryptodome~=3.18.0 > > Did someone have the same issue? Any suggestion is appreciated. > > Thanks in advance. > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev -- All that is necessary for evil to succeed is for good people to do nothing. From tierox at gmail.com Fri Aug 4 12:23:26 2023 From: tierox at gmail.com (Gualtiero Scotti) Date: Fri, 4 Aug 2023 18:23:26 +0200 Subject: [Cryptography-dev] Python cryptography fails to load due to _rust DDL import error In-Reply-To: References: Message-ID: Thank you Alex for your response. Could you provide me more details? Thanks in advance Il Ven 4 Ago 2023, 18:02 Alex Gaynor ha scritto: > This very likely indicates that however you've packaged and installed > the application in your environment isn't properly including the > extension module for cryptography. > > Alex > > On Fri, Aug 4, 2023 at 11:20?AM Gualtiero Scotti wrote: > > > > I'm struggling with this issue from few days... > > > > I've a Python application that can run in two ways: > > > > Stand alone -> launched directly using the python interpreter > > From a windows service -> wrapping application with pywin32 and using > the same interpreter > > > > When app starts in standalone mode it works fine but when starts through > Windows service it fails with the following stackTrace: > > > > ............................. > > from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC > > File "C:\Program Files > (x86)\...\Python\Lib\site-package\cryptography\hazmat\primitives\kdf\pbkdf2.py", > line 10, in > > from cryptography.exceptions import ( > > File "C:\Program Files > (x86)\...\Python\Lib\site-packages\cryptography\exceptions.py", line 9, in > > > from cryptography.hazmat.bindings._rust import exceptions as > rust_exceptions > > ImportError: DLL load failed while importing _rust: The specified module > could not be found." > > > > I' don't know wich DLLs cryptography uses.....maybe they are not in > librarypath??? > > > > Python 3.11.3 32-bit > > Windows 11 > > > > Requirements.txt > > > > pywin32==305 pywin32-ctypes~=0.2.0 Flask~=2.1.2 flask-login~=0.6.1 > Werkzeug~=2.0.2 waitress~=2.1.2 websockets~=10.3 transitions~=0.8.11 > bitstruct~=8.15.1 PyYAML~=6.0 passlib~=1.7.4 dacite~=1.5.1 paho-mqtt~=1.6.1 > setuptools~=60.2.0 six~=1.16.0 MarkupSafe~=2.1.1 click~=8.1.3 > itsdangerous~=2.1.2 Jinja2~=3.1.2 pythonnet~=3.0.1 requests~=2.29.0 > pyserial~=3.5.0 zeep~=4.2.1 cryptography~=41.0.2 pycryptodome~=3.18.0 > > > > Did someone have the same issue? Any suggestion is appreciated. > > > > Thanks in advance. > > > > _______________________________________________ > > Cryptography-dev mailing list > > Cryptography-dev at python.org > > https://mail.python.org/mailman/listinfo/cryptography-dev > > > > -- > All that is necessary for evil to succeed is for good people to do nothing. > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > -------------- next part -------------- An HTML attachment was scrubbed... URL: From alex.gaynor at gmail.com Fri Aug 4 12:27:42 2023 From: alex.gaynor at gmail.com (Alex Gaynor) Date: Fri, 4 Aug 2023 12:27:42 -0400 Subject: [Cryptography-dev] Python cryptography fails to load due to _rust DDL import error In-Reply-To: References: Message-ID: Not particularly. Based on the error message you shared, when Python attempted to import _rust.dll, it encountered the error "The specified module could not be found." I'm inferring that this means that something about the module could not be loaded. Perhaps _rust.dll is linked dynamically against another library that's not on the load path? Are you building cryptography from source, or installing from a pre-built wheel? Alex On Fri, Aug 4, 2023 at 12:23?PM Gualtiero Scotti wrote: > > Thank you Alex for your response. Could you provide me more details? Thanks in advance > > Il Ven 4 Ago 2023, 18:02 Alex Gaynor ha scritto: >> >> This very likely indicates that however you've packaged and installed >> the application in your environment isn't properly including the >> extension module for cryptography. >> >> Alex >> >> On Fri, Aug 4, 2023 at 11:20?AM Gualtiero Scotti wrote: >> > >> > I'm struggling with this issue from few days... >> > >> > I've a Python application that can run in two ways: >> > >> > Stand alone -> launched directly using the python interpreter >> > From a windows service -> wrapping application with pywin32 and using the same interpreter >> > >> > When app starts in standalone mode it works fine but when starts through Windows service it fails with the following stackTrace: >> > >> > ............................. >> > from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC >> > File "C:\Program Files (x86)\...\Python\Lib\site-package\cryptography\hazmat\primitives\kdf\pbkdf2.py", line 10, in >> > from cryptography.exceptions import ( >> > File "C:\Program Files (x86)\...\Python\Lib\site-packages\cryptography\exceptions.py", line 9, in >> > from cryptography.hazmat.bindings._rust import exceptions as rust_exceptions >> > ImportError: DLL load failed while importing _rust: The specified module could not be found." >> > >> > I' don't know wich DLLs cryptography uses.....maybe they are not in librarypath??? >> > >> > Python 3.11.3 32-bit >> > Windows 11 >> > >> > Requirements.txt >> > >> > pywin32==305 pywin32-ctypes~=0.2.0 Flask~=2.1.2 flask-login~=0.6.1 Werkzeug~=2.0.2 waitress~=2.1.2 websockets~=10.3 transitions~=0.8.11 bitstruct~=8.15.1 PyYAML~=6.0 passlib~=1.7.4 dacite~=1.5.1 paho-mqtt~=1.6.1 setuptools~=60.2.0 six~=1.16.0 MarkupSafe~=2.1.1 click~=8.1.3 itsdangerous~=2.1.2 Jinja2~=3.1.2 pythonnet~=3.0.1 requests~=2.29.0 pyserial~=3.5.0 zeep~=4.2.1 cryptography~=41.0.2 pycryptodome~=3.18.0 >> > >> > Did someone have the same issue? Any suggestion is appreciated. >> > >> > Thanks in advance. >> > >> > _______________________________________________ >> > Cryptography-dev mailing list >> > Cryptography-dev at python.org >> > https://mail.python.org/mailman/listinfo/cryptography-dev >> >> >> >> -- >> All that is necessary for evil to succeed is for good people to do nothing. >> _______________________________________________ >> Cryptography-dev mailing list >> Cryptography-dev at python.org >> https://mail.python.org/mailman/listinfo/cryptography-dev > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev -- All that is necessary for evil to succeed is for good people to do nothing. From tierox at gmail.com Fri Aug 4 12:29:51 2023 From: tierox at gmail.com (Gualtiero Scotti) Date: Fri, 4 Aug 2023 18:29:51 +0200 Subject: [Cryptography-dev] Python cryptography fails to load due to _rust DDL import error In-Reply-To: References: Message-ID: I m installing it from pip.and so using static wheel. Thank you Il Ven 4 Ago 2023, 18:28 Alex Gaynor ha scritto: > Not particularly. > > Based on the error message you shared, when Python attempted to import > _rust.dll, it encountered the error "The specified module could not be > found." I'm inferring that this means that something about the module > could not be loaded. Perhaps _rust.dll is linked dynamically against > another library that's not on the load path? > > Are you building cryptography from source, or installing from a pre-built > wheel? > > Alex > > On Fri, Aug 4, 2023 at 12:23?PM Gualtiero Scotti wrote: > > > > Thank you Alex for your response. Could you provide me more details? > Thanks in advance > > > > Il Ven 4 Ago 2023, 18:02 Alex Gaynor ha scritto: > >> > >> This very likely indicates that however you've packaged and installed > >> the application in your environment isn't properly including the > >> extension module for cryptography. > >> > >> Alex > >> > >> On Fri, Aug 4, 2023 at 11:20?AM Gualtiero Scotti > wrote: > >> > > >> > I'm struggling with this issue from few days... > >> > > >> > I've a Python application that can run in two ways: > >> > > >> > Stand alone -> launched directly using the python interpreter > >> > From a windows service -> wrapping application with pywin32 and using > the same interpreter > >> > > >> > When app starts in standalone mode it works fine but when starts > through Windows service it fails with the following stackTrace: > >> > > >> > ............................. > >> > from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC > >> > File "C:\Program Files > (x86)\...\Python\Lib\site-package\cryptography\hazmat\primitives\kdf\pbkdf2.py", > line 10, in > >> > from cryptography.exceptions import ( > >> > File "C:\Program Files > (x86)\...\Python\Lib\site-packages\cryptography\exceptions.py", line 9, in > > >> > from cryptography.hazmat.bindings._rust import exceptions as > rust_exceptions > >> > ImportError: DLL load failed while importing _rust: The specified > module could not be found." > >> > > >> > I' don't know wich DLLs cryptography uses.....maybe they are not in > librarypath??? > >> > > >> > Python 3.11.3 32-bit > >> > Windows 11 > >> > > >> > Requirements.txt > >> > > >> > pywin32==305 pywin32-ctypes~=0.2.0 Flask~=2.1.2 flask-login~=0.6.1 > Werkzeug~=2.0.2 waitress~=2.1.2 websockets~=10.3 transitions~=0.8.11 > bitstruct~=8.15.1 PyYAML~=6.0 passlib~=1.7.4 dacite~=1.5.1 paho-mqtt~=1.6.1 > setuptools~=60.2.0 six~=1.16.0 MarkupSafe~=2.1.1 click~=8.1.3 > itsdangerous~=2.1.2 Jinja2~=3.1.2 pythonnet~=3.0.1 requests~=2.29.0 > pyserial~=3.5.0 zeep~=4.2.1 cryptography~=41.0.2 pycryptodome~=3.18.0 > >> > > >> > Did someone have the same issue? Any suggestion is appreciated. > >> > > >> > Thanks in advance. > >> > > >> > _______________________________________________ > >> > Cryptography-dev mailing list > >> > Cryptography-dev at python.org > >> > https://mail.python.org/mailman/listinfo/cryptography-dev > >> > >> > >> > >> -- > >> All that is necessary for evil to succeed is for good people to do > nothing. > >> _______________________________________________ > >> Cryptography-dev mailing list > >> Cryptography-dev at python.org > >> https://mail.python.org/mailman/listinfo/cryptography-dev > > > > _______________________________________________ > > Cryptography-dev mailing list > > Cryptography-dev at python.org > > https://mail.python.org/mailman/listinfo/cryptography-dev > > > > -- > All that is necessary for evil to succeed is for good people to do nothing. > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > -------------- next part -------------- An HTML attachment was scrubbed... URL: