-
Notifications
You must be signed in to change notification settings - Fork 98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
import pgpy is failing with an error - cryptography.utils has no attribute register_interface #402
Comments
This looks to be the relevant change in |
Seeing the same issue after upgrading cryptography to V38.*
|
You can try the version 37.0. See the install log, pgpy is using version 37 which should fix your problem. %pip install cryptography==37.0 import pgpy Python interpreter will be restarted. |
yes with cryptography==37.0.4 it works well.. |
This can be fixed by switching from register_interface to subclassing (sigh) the ec.EllipticCurve abstract base class and will work in all versions of cryptography including 38.0. That will require a PR against this project + new release of course. |
I created a PR that does exactly what you proposed (and what they did internally in the cryptography library). I'm not sure if this is helpful though, since I have no idea what I'm doing 😬. |
@swadeesh - I already applied the workaround by downgrading the crypto library, I have raised this issue because at some point we would need to upgrade the cryptography version |
- pin the dependency on pycrypto back to 37.0.4 due to SecurityInnovation/PGPy#402 - drop support for python 3.6, which is past its EOL date - replace flakehell (abandoned) with flakeheaven (not); set up basic exclusions in pyproject.toml - clean up some cruft in the Makefile
This addresses #8 - pin the dependency on pycrypto back to 37.0.4 due to SecurityInnovation/PGPy#402 - drop support for python 3.6, which is past its EOL date - replace flakehell (abandoned) with flakeheaven (not); set up basic exclusions in pyproject.toml - clean up some cruft in the Makefile
This addresses #8 - pin the dependency on pycrypto back to 37.0.4 due to SecurityInnovation/PGPy#402 - drop support for python 3.6, which is past its EOL date - replace flakehell (abandoned) with flakeheaven (not); set up basic exclusions in pyproject.toml - clean up some cruft in the Makefile
This addresses #8 - pin the dependency on pycrypto back to 37.0.4 due to SecurityInnovation/PGPy#402 - drop support for python 3.6, which is past its EOL date - replace flakehell (abandoned) with flakeheaven (not); set up basic exclusions in pyproject.toml - clean up some cruft in the Makefile
This addresses #8 - pin the dependency on pycrypto back to 37.0.4 due to SecurityInnovation/PGPy#402 - drop support for python 3.6, which is past its EOL date - replace flakehell (abandoned) with flakeheaven (not); set up basic exclusions in pyproject.toml - clean up some cruft in the Makefile
PGPy is not yet compatible with cryptography >= 38.0.0 SecurityInnovation/PGPy#402
PGPy is not yet compatible with cryptography >= 38.0.0 SecurityInnovation/PGPy#402
I have raised #408 (and associated PR #408) to suggest that we release a version of PGPy that pins the maximum cryptography version to less than Until a version of pip install pgpy "cryptography<38" NOTE: because |
Any updates on this? It's causing dependency mismatch in our code and preventing us to update other indirectly related packages that require |
This should be fixed with v0.6.0 which I just released |
OpenSSL 1.0.2 is ancient at this point -- Brainpool is part of the standard distribution. At any rate, we need 1.1.0 for X25519 and 1.1.1 for Ed25519. And python's cryptography module has supported Brainpool since version 2.2 (also ancient). Registering subclasses with the cryptography module is complicated across versions (see pyca/cryptography#7234 which removed register_interface), but we don't need any of that functionality as long as we depend on non-ancient modules. At the same time, we don't need pyasn1 any longer if we just treat the OID as a bytestring label. As this also drops all the shenanigans around cryptography.utils.register_interface, we can also say it Closes: SecurityInnovation#402
OpenSSL 1.0.2 is ancient at this point -- Brainpool is part of the standard distribution. At any rate, we need 1.1.0 for X25519 and 1.1.1 for Ed25519. And python's cryptography module has supported Brainpool since version 2.2 (also ancient). Registering subclasses with the cryptography module is complicated across versions (see pyca/cryptography#7234 which removed register_interface), but we don't need any of that functionality as long as we depend on non-ancient modules. At the same time, we don't need pyasn1 any longer if we just treat the OID as a bytestring label. As this also drops all the shenanigans around cryptography.utils.register_interface, we can also say it Closes: SecurityInnovation#402
OpenSSL 1.0.2 is ancient at this point -- Brainpool is part of the standard distribution. At any rate, we need 1.1.0 for X25519 and 1.1.1 for Ed25519. And python's cryptography module has supported Brainpool since version 2.2 (also ancient). Registering subclasses with the cryptography module is complicated across versions (see pyca/cryptography#7234 which removed register_interface), but we don't need any of that functionality as long as we depend on non-ancient modules. At the same time, we don't need pyasn1 any longer if we just treat the OID as a bytestring label. As this also drops all the shenanigans around cryptography.utils.register_interface, we can also say it Closes: SecurityInnovation#402
OpenSSL 1.0.2 is ancient at this point -- Brainpool is part of the standard distribution. At any rate, we need 1.1.0 for X25519 and 1.1.1 for Ed25519. And python's cryptography module has supported Brainpool since version 2.2 (also ancient). Registering subclasses with the cryptography module is complicated across versions (see pyca/cryptography#7234 which removed register_interface), but we don't need any of that functionality as long as we depend on non-ancient modules. At the same time, we don't need pyasn1 any longer if we just treat the OID as a bytestring label. As this also drops all the shenanigans around cryptography.utils.register_interface, we can also say it Closes: SecurityInnovation#402
Is there a timescale for upgrading past |
You should be able to upgrade to the latest version. No idea why this was reopened, but I didn't really have time to read and comprehend what the other issue is about 😉 |
OpenSSL 1.0.2 is ancient at this point -- Brainpool is part of the standard distribution. At any rate, we need 1.1.0 for X25519 and 1.1.1 for Ed25519. And python's cryptography module has supported Brainpool since version 2.2 (also ancient). Registering subclasses with the cryptography module is complicated across versions (see pyca/cryptography#7234 which removed register_interface), but we don't need any of that functionality as long as we depend on non-ancient modules. At the same time, we don't need pyasn1 any longer if we just treat the OID as a bytestring label. As this also drops all the shenanigans around cryptography.utils.register_interface, we can also say it Closes: SecurityInnovation#402
It's probably because pgpy hasn't been updated on conda(0.5.4). At least that's what happened to me. |
Your branch is behind 'origin/2-swagger' by 1 commit, and can be fast-forwarded. (use "git pull" to update your local branch) Changes to be committed: modified: requirements.txt Necessário ficar assim devido: SecurityInnovation/PGPy#402
We started facing this issue in the Databricks notebook environment, we realized this is because of cryptography library was upgraded a few hours back.
This breaks the compatibility to use the recent version of pgpy in our environment
Stack Trace -
AttributeError: module 'cryptography.utils' has no attribute 'register_interface'
AttributeError Traceback (most recent call last)
in
----> 1 import pgpy
/databricks/python_shell/dbruntime/PythonPackageImportsInstrumentation/init.py in import_patch(name, globals, locals, fromlist, level)
165 # Import the desired module. If you’re seeing this while debugging a failed import,
166 # look at preceding stack frames for relevant error information.
--> 167 original_result = python_builtin_import(name, globals, locals, fromlist, level)
168
169 is_root_import = thread_local._nest_level == 1
/local_disk0/.ephemeral_nfs/envs/pythonEnv-4001c277-1e53-462b-91f8-060b1edfc8c6/lib/python3.8/site-packages/pgpy/init.py in
2 """
3
----> 4 from .pgp import PGPKey
5 from .pgp import PGPKeyring
6 from .pgp import PGPMessage
/databricks/python_shell/dbruntime/PythonPackageImportsInstrumentation/init.py in import_patch(name, globals, locals, fromlist, level)
165 # Import the desired module. If you’re seeing this while debugging a failed import,
166 # look at preceding stack frames for relevant error information.
--> 167 original_result = python_builtin_import(name, globals, locals, fromlist, level)
168
169 is_root_import = thread_local._nest_level == 1
/local_disk0/.ephemeral_nfs/envs/pythonEnv-4001c277-1e53-462b-91f8-060b1edfc8c6/lib/python3.8/site-packages/pgpy/pgp.py in
25 from cryptography.hazmat.primitives import hashes
26
---> 27 from .constants import CompressionAlgorithm
28 from .constants import Features
29 from .constants import HashAlgorithm
/databricks/python_shell/dbruntime/PythonPackageImportsInstrumentation/init.py in import_patch(name, globals, locals, fromlist, level)
165 # Import the desired module. If you’re seeing this while debugging a failed import,
166 # look at preceding stack frames for relevant error information.
--> 167 original_result = python_builtin_import(name, globals, locals, fromlist, level)
168
169 is_root_import = thread_local._nest_level == 1
/local_disk0/.ephemeral_nfs/envs/pythonEnv-4001c277-1e53-462b-91f8-060b1edfc8c6/lib/python3.8/site-packages/pgpy/constants.py in
21 from .decorators import classproperty
22 from .types import FlagEnum
---> 23 from ._curves import BrainpoolP256R1, BrainpoolP384R1, BrainpoolP512R1, X25519, Ed25519
24
25 all = ['Backend',
/databricks/python_shell/dbruntime/PythonPackageImportsInstrumentation/init.py in import_patch(name, globals, locals, fromlist, level)
165 # Import the desired module. If you’re seeing this while debugging a failed import,
166 # look at preceding stack frames for relevant error information.
--> 167 original_result = python_builtin_import(name, globals, locals, fromlist, level)
168
169 is_root_import = thread_local._nest_level == 1
/local_disk0/.ephemeral_nfs/envs/pythonEnv-4001c277-1e53-462b-91f8-060b1edfc8c6/lib/python3.8/site-packages/pgpy/_curves.py in
35
36
---> 37 @utils.register_interface(ec.EllipticCurve)
38 class BrainpoolP256R1(object):
39 name = 'brainpoolP256r1'
The text was updated successfully, but these errors were encountered: