Projects
openEuler:Mainline
python-cryptography
Sign Up
Log In
Username
Password
We truncated the diff of some files because they were too big. If you want to see the full diff for every file,
click here
.
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 2
View file
_service:tar_scm:python-cryptography.spec
Changed
@@ -1,13 +1,14 @@ %global srcname cryptography Name: python-%{srcname} Version: 3.3.1 -Release: 2 +Release: 3 Summary: PyCA's cryptography library License: ASL 2.0 or BSD URL: https://cryptography.io/en/latest/ Source0: %{pypi_source} Patch6000: backport-CVE-2020-36242.patch +Patch6001: backport-add-SM4-symmetric-block-cipher-5834.patch BuildRequires: openssl-devel BuildRequires: gcc @@ -71,6 +72,12 @@ %doc README.rst docs %changelog +* Thu Jun 30 2022 tianwei<tianwei12@h-partners.com> -3.3.1-3 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC: add SM4 symmetric block cipher + * Tue Feb 23 2021 shixuantong <shixuantong@huawei.com> - 3.3.1-2 - fix CVE-2020-36242
View file
_service:tar_scm:backport-add-SM4-symmetric-block-cipher-5834.patch
Added
@@ -0,0 +1,366 @@ +From 1a0c76566944ed09e48f51ce17ff9968cf40c886 Mon Sep 17 00:00:00 2001 +From: tobyp <tobyp@tobyp.net> +Date: Sun, 28 Feb 2021 20:57:50 +0100 +Subject: PATCH Add SM4 symmetric block cipher (#5834) + +Reference:https://github.com/pyca/cryptography/commit/f69f27b1dd20ad2d24f48053a72545527e808104 +Conflict:The content of hazmat/primitives/ciphers/algorithms.py and tests/utils.py are adapted. +hazmat/primitives/ciphers/algorithms.py: +Community patch: + +class SM4(CipherAlgorithm, BlockCipherAlgorithm): +Adaptation patch: + +@utils.register_interface(BlockCipherAlgorithm) + +@utils.register_interface(CipherAlgorithm) + +class SM4(object): +tests/utils.py: +Adaptation patch: + +filepath = os.path.join(os.path.dirname(__file__), "../vectors/cryptography_vectors", filename) + +if os.path.exists(filepath): + + with open(filepath, mode) as vector_file: + + return loader(vector_file) + +Co-authored-by: Tobias Peter <tobias.peter@infineon.com> +Signed-off-by: hanxinke <hanxinke@huawei.com> +--- + .../primitives/symmetric-encryption.rst | 15 +++ + .../hazmat/backends/openssl/backend.py | 5 + + .../hazmat/primitives/ciphers/algorithms.py | 14 +++ + tests/hazmat/primitives/test_sm4.py | 99 +++++++++++++++++++ + tests/utils.py | 4 + + .../SM4/draft-ribose-cfrg-sm4-10-cbc.txt | 17 ++++ + .../SM4/draft-ribose-cfrg-sm4-10-cfb.txt | 17 ++++ + .../SM4/draft-ribose-cfrg-sm4-10-ctr.txt | 17 ++++ + .../SM4/draft-ribose-cfrg-sm4-10-ecb.txt | 28 ++++++ + .../SM4/draft-ribose-cfrg-sm4-10-ofb.txt | 17 ++++ + 10 files changed, 233 insertions(+) + create mode 100644 tests/hazmat/primitives/test_sm4.py + create mode 100644 vectors/cryptography_vectors/ciphers/SM4/draft-ribose-cfrg-sm4-10-cbc.txt + create mode 100644 vectors/cryptography_vectors/ciphers/SM4/draft-ribose-cfrg-sm4-10-cfb.txt + create mode 100644 vectors/cryptography_vectors/ciphers/SM4/draft-ribose-cfrg-sm4-10-ctr.txt + create mode 100644 vectors/cryptography_vectors/ciphers/SM4/draft-ribose-cfrg-sm4-10-ecb.txt + create mode 100644 vectors/cryptography_vectors/ciphers/SM4/draft-ribose-cfrg-sm4-10-ofb.txt + +diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst +index 8551acb..6e10d67 100644 +--- a/docs/hazmat/primitives/symmetric-encryption.rst ++++ b/docs/hazmat/primitives/symmetric-encryption.rst +@@ -196,6 +196,19 @@ Algorithms + :term:`bits` in length. + :type key: :term:`bytes-like` + ++.. class:: SM4(key) ++ ++ .. versionadded:: 35.0.0 ++ ++ SM4 is a block cipher developed by the Chinese Government and standardized ++ in the `GB/T 32907-2016`_. It is used in the Chinese WAPI ++ (Wired Authentication and Privacy Infrastructure) standard. (An English ++ description is available at `draft-ribose-cfrg-sm4-10`_.) ++ ++ :param key: The secret key. This must be kept secret. ``128`` ++ :term:`bits` in length. ++ :type key: :term:`bytes-like` ++ + Weak ciphers + ------------ + +@@ -815,3 +828,5 @@ Exceptions + .. _`International Data Encryption Algorithm`: https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + .. _`OpenPGP`: https://www.openpgp.org/ + .. _`disk encryption`: https://en.wikipedia.org/wiki/Disk_encryption_theory#XTS ++.. _`GB/T 32907-2016`: http://www.cnnic.cn/gcjsyj/qyjsyj/mmsfbz/sm4/201312/t20131204_43341.htm ++.. _`draft-ribose-cfrg-sm4-10`: https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10 +diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py +index 45d4a1a..ff9c23c 100644 +--- a/src/cryptography/hazmat/backends/openssl/backend.py ++++ b/src/cryptography/hazmat/backends/openssl/backend.py +@@ -139,6 +139,7 @@ from cryptography.hazmat.primitives.ciphers.algorithms import ( + ChaCha20, + IDEA, + SEED, ++ SM4, + TripleDES, + ) + from cryptography.hazmat.primitives.ciphers.modes import ( +@@ -415,6 +416,10 @@ class Backend(object): + ChaCha20, type(None), GetCipherByName("chacha20") + ) + self.register_cipher_adapter(AES, XTS, _get_xts_cipher) ++ for mode_cls in ECB, CBC, OFB, CFB, CTR: ++ self.register_cipher_adapter( ++ SM4, mode_cls, GetCipherByName("sm4-{mode.name}") ++ ) + + def _register_x509_ext_parsers(self): + ext_handlers = _EXTENSION_HANDLERS_BASE.copy() +diff --git a/src/cryptography/hazmat/primitives/ciphers/algorithms.py b/src/cryptography/hazmat/primitives/ciphers/algorithms.py +index 8072ced..a1db984 100644 +--- a/src/cryptography/hazmat/primitives/ciphers/algorithms.py ++++ b/src/cryptography/hazmat/primitives/ciphers/algorithms.py +@@ -168,3 +168,17 @@ class ChaCha20(object): + @property + def key_size(self): + return len(self.key) * 8 ++ ++@utils.register_interface(BlockCipherAlgorithm) ++@utils.register_interface(CipherAlgorithm) ++class SM4(object): ++ name = "SM4" ++ block_size = 128 ++ key_sizes = frozenset(128) ++ ++ def __init__(self, key: bytes): ++ self.key = _verify_key_size(self, key) ++ ++ @property ++ def key_size(self) -> int: ++ return len(self.key) * 8 +diff --git a/tests/hazmat/primitives/test_sm4.py b/tests/hazmat/primitives/test_sm4.py +new file mode 100644 +index 0000000..b757344 +--- /dev/null ++++ b/tests/hazmat/primitives/test_sm4.py +@@ -0,0 +1,99 @@ ++# This file is dual licensed under the terms of the Apache License, Version ++# 2.0, and the BSD License. See the LICENSE file in the root of this repository ++# for complete details. ++ ++import binascii ++import os ++ ++import pytest ++ ++from cryptography.hazmat.backends.interfaces import CipherBackend ++from cryptography.hazmat.primitives.ciphers import algorithms, modes ++ ++from .utils import generate_encrypt_test ++from ...utils import load_nist_vectors ++ ++ ++@pytest.mark.supported( ++ only_if=lambda backend: backend.cipher_supported( ++ algorithms.SM4(b"\x00" * 16), modes.ECB() ++ ), ++ skip_message="Does not support SM4 ECB", ++) ++@pytest.mark.requires_backend_interface(interface=CipherBackend) ++class TestSM4ModeECB(object): ++ test_ecb = generate_encrypt_test( ++ load_nist_vectors, ++ os.path.join("ciphers", "SM4"), ++ "draft-ribose-cfrg-sm4-10-ecb.txt", ++ lambda key, **kwargs: algorithms.SM4(binascii.unhexlify((key))), ++ lambda **kwargs: modes.ECB(), ++ ) ++ ++ ++@pytest.mark.supported( ++ only_if=lambda backend: backend.cipher_supported( ++ algorithms.SM4(b"\x00" * 16), modes.CBC(b"\x00" * 16) ++ ), ++ skip_message="Does not support SM4 CBC", ++) ++@pytest.mark.requires_backend_interface(interface=CipherBackend) ++class TestSM4ModeCBC(object): ++ test_cbc = generate_encrypt_test( ++ load_nist_vectors, ++ os.path.join("ciphers", "SM4"), ++ "draft-ribose-cfrg-sm4-10-cbc.txt", ++ lambda key, **kwargs: algorithms.SM4(binascii.unhexlify((key))), ++ lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)), ++ ) ++ ++ ++@pytest.mark.supported( ++ only_if=lambda backend: backend.cipher_supported( ++ algorithms.SM4(b"\x00" * 16), modes.OFB(b"\x00" * 16) ++ ), ++ skip_message="Does not support SM4 OFB", ++) ++@pytest.mark.requires_backend_interface(interface=CipherBackend) ++class TestSM4ModeOFB(object): ++ test_ofb = generate_encrypt_test( ++ load_nist_vectors, ++ os.path.join("ciphers", "SM4"), ++ "draft-ribose-cfrg-sm4-10-ofb.txt", ++ lambda key, **kwargs: algorithms.SM4(binascii.unhexlify((key))), ++ lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)), ++ ) ++ ++ ++@pytest.mark.supported( ++ only_if=lambda backend: backend.cipher_supported( ++ algorithms.SM4(b"\x00" * 16), modes.CFB(b"\x00" * 16) ++ ), ++ skip_message="Does not support SM4 CFB", ++) ++@pytest.mark.requires_backend_interface(interface=CipherBackend) ++class TestSM4ModeCFB(object): ++ test_cfb = generate_encrypt_test(
View file
_service
Changed
@@ -2,7 +2,7 @@ <service name="tar_scm"> <param name="scm">git</param> <param name="url">git@gitee.com:src-openeuler/python-cryptography.git</param> - <param name="revision">b783de1571e865c901118d09f519efce1efe9876</param> + <param name="revision">e0cdf441bb2fd3a829d961be6684141db730e66d</param> <param name="exclude">*</param> <param name="extract">*</param> </service>
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2