Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

copy.copy broken for Ed25519PublicKey in 41.0.3 (works in 38.0.4) #9403

Closed
dkg opened this issue Aug 11, 2023 · 3 comments
Closed

copy.copy broken for Ed25519PublicKey in 41.0.3 (works in 38.0.4) #9403

dkg opened this issue Aug 11, 2023 · 3 comments
Milestone
Forty Second Release

Comments

@dkg
Copy link

dkg commented Aug 11, 2023

Using python 3.11, with a venv containing python-cryptography 41.0.3 backed by OpenSSL 3.1.2, an attempt to copy an Ed25519PublicKey object yields this error:

  File "…/venv/lib/python3.11/site-packages/pgpy/packet/packets.py", line 1639, in pubkey
    self._extract_pubkey(pk)
  File ".../venv/lib/python3.11/site-packages/pgpy/packet/packets.py", line 1588, in _extract_pubkey
    pk.keymaterial._raw_pubkey = copy.copy(self.keymaterial._raw_pubkey)
                                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/copy.py" line 92, in copy
    rv = reductor(4)
         ^^^^^^^^^^^
TypeError: cannot pickle 'cryptography.hazmat.bindings._rust.openssl.ed25519.Ed25519PublicKey' object

This looks similar to the concerns in #7587.

You should be able to replicate this with:

import copy
from cryptography.hazmat.primitives.asymmetric import ed25519
privkey = ed25519.Ed25519PrivateKey.generate()
pubkey = privkey.public_key()
newpub = copy.copy(pubkey)

When i try it with python-cryptography 38.0.4 i do not see this failure. Is copy.copy meant to work, or should i be using something like the following instead?

pubkey.from_public_bytes(pubkey.public_bytes(serialization.Encoding.Raw, serialization.PublicFormat.Raw))
@alex
Copy link
Member

alex commented Aug 11, 2023

We've never tested, documented, or intentionally supported using copy.copy on Ed25519PublicKey objects. It happened to work because of Python's built-in behavior of pickling and unpickling all objects. So I'm not surprised it broke.

That said, Ed25519PublicKey objects are immutable, so a correct __copy__ implementation is trivial: return self. I think it'd be reasonable to add it.

@alex alex added this to the Forty Second Release milestone Aug 11, 2023
@dkg
Copy link
Author

dkg commented Aug 11, 2023

I'm assuming that the same is true for Ed448PublicKey, X25519PublicKey, and X448PublicKey objects (and maybe the corresponding PrivateKey objects too?). it'd be great to get them all sorted at once.

@alex
Copy link
Member

alex commented Aug 11, 2023 via email

dkg added a commit to dkg/PGPy that referenced this issue Aug 11, 2023
@dkg
Avoid copy on raw pubkey objects
c015a31 
These pubkey objects are immutable, as noted in
pyca/cryptography#9403, so it should be safe to just
assign.
dkg added a commit to dkg/PGPy that referenced this issue Aug 11, 2023
@dkg
Avoid copy on raw pubkey objects
2bcd414 
These pubkey objects are immutable, as noted in
pyca/cryptography#9403, so it should be safe to just
assign.
dkg added a commit to dkg/PGPy that referenced this issue Aug 11, 2023
@dkg
Avoid copy on raw pubkey objects
3f4d92a 
These pubkey objects are immutable, as noted in
pyca/cryptography#9403, so it should be safe to just
assign.
alex added a commit to alex/cryptography that referenced this issue Aug 16, 2023
@alex
fixes pyca#9403 -- re-allow copying public keys
0c26212 
they are immutable, so this is trivial
alex added a commit to alex/cryptography that referenced this issue Aug 16, 2023
@alex
fixes pyca#9403 -- re-allow copying public keys
bc9f7ad 
they are immutable, so this is trivial
dkg added a commit to dkg/PGPy that referenced this issue Aug 18, 2023
@dkg
Avoid copy on raw pubkey objects
522201a 
These pubkey objects are immutable, as noted in
pyca/cryptography#9403, so it should be safe to just
assign.
dkg added a commit to dkg/PGPy that referenced this issue Aug 18, 2023
@dkg
Avoid copy on raw pubkey objects
a445c16 
These pubkey objects are immutable, as noted in
pyca/cryptography#9403, so it should be safe to just
assign.
dkg added a commit to dkg/PGPy that referenced this issue Aug 18, 2023
@dkg
Avoid copy on raw pubkey objects
2b59d49 
These pubkey objects are immutable, as noted in
pyca/cryptography#9403, so it should be safe to just
assign.
dkg added a commit to dkg/PGPy that referenced this issue Aug 18, 2023
@dkg
Avoid copy on raw pubkey objects
f92bf30 
These pubkey objects are immutable, as noted in
pyca/cryptography#9403, so it should be safe to just
assign.
dkg added a commit to dkg/PGPy that referenced this issue Aug 19, 2023
@dkg
Avoid copy on raw pubkey objects
4ff99bd 
These pubkey objects are immutable, as noted in
pyca/cryptography#9403, so it should be safe to just
assign.
dkg added a commit to dkg/PGPy that referenced this issue Aug 24, 2023
@dkg
Avoid copy on raw pubkey objects
50efe13 
These pubkey objects are immutable, as noted in
pyca/cryptography#9403, so it should be safe to just
assign.
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 15, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Milestone
Forty Second Release
Development

No branches or pull requests
2 participants
@alex @dkg