[Freeipa-devel] [PATCH 0014] [py3] Replace M2Crypto RC4 with python-cryptography ARC4
Jan Cholasta
jcholast at redhat.com
Thu Jul 23 08:54:52 UTC 2015
Hi,
Dne 23.7.2015 v 10:43 Christian Heimes napsal(a):
> This patch removes the dependency on M2Crypto in favor for cryptography.
> Cryptography is more strict about the key size and doesn't support
> non-standard key sizes:
>
>>>> from M2Crypto import RC4
>>>> from ipaserver.dcerpc import arcfour_encrypt
>>>> RC4.RC4(b'key').update(b'data')
> 'o\r@\x8c'
>>>> arcfour_encrypt(b'key', b'data')
> Traceback (most recent call last):
> ...
> ValueError: Invalid key size (24) for RC4.
>
> Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported:
>
>>>> arcfour_encrypt(b'key12', b'data')
> '\xcd\xf80d'
>>>> RC4.RC4(b'key12').update(b'data')
> '\xcd\xf80d'
>
> http://cryptography.readthedocs.org/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.ARC4
> https://fedorahosted.org/freeipa/ticket/5148
NACK on the spec file change. There is a BuildRequires and Requires on
m2crypto, replace them with BuildRequires and Requires on
python-cryptography.
Honza
--
Jan Cholasta
More information about the Freeipa-devel
mailing list