Skip to content

Python: Support EC keygen without class-instance for cryptography #5836

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 10, 2021
Merged

Python: Support EC keygen without class-instance for cryptography #5836

merged 3 commits into from
Jun 10, 2021

Conversation

RasmusWL
Copy link
Member

@RasmusWL RasmusWL commented May 5, 2021

No description provided.

RasmusWL added 2 commits May 5, 2021 10:52
@RasmusWL
Python: Add cryptography test for EC
3ceb8bb 
Apparently, passing in the class (without instantiating it) is allowed
@RasmusWL
Python: Support EC keygen without class-instance for cryptography
668bfd3 
I also added a new test to show off how what the origin ends up looking
like... I think it looks ok
@RasmusWL RasmusWL requested a review from a team as a code owner May 5, 2021 10:31
@RasmusWL RasmusWL added the no-change-note-required This PR does not need a change note label May 5, 2021
@github-actions github-actions bot added the Python label May 5, 2021
tausbn
tausbn approved these changes Jun 9, 2021
View reviewed changes
Copy link
Contributor

@tausbn tausbn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's something about the use of type trackers here (for what is essentially data flow) that bothers me, but I don't see that as reason enough to block this PR.

I do think, however, that there should be a better solution available... 🤔

@tausbn
Copy link
Contributor

tausbn commented Jun 9, 2021

Ah, I think I can articulate at least one thing that bugs me. If we know the origin, then surely we don't have to track the keysize as well. We should be able to read that out of the fact that origin is a use of a specific API node.

@RasmusWL
Copy link
Member Author

There's something about the use of type trackers here (for what is essentially data flow) that bothers me

Agreed, I also had concerns about doing it this way back in #5075 ...

Ah, I think I can articulate at least one thing that bugs me. If we know the origin, then surely we don't have to track the keysize as well. We should be able to read that out of the fact that origin is a use of a specific API node.

I see your point here 👍 Let's do that in a different PR though

@codeql-ci codeql-ci merged commit a241c11 into github:main Jun 10, 2021
@RasmusWL RasmusWL deleted the ec-class-improvement branch June 10, 2021 13:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tausbn tausbn tausbn approved these changes

Assignees
No one assigned
Labels
no-change-note-required This PR does not need a change note Python
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@RasmusWL @tausbn @codeql-ci