Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rsa 4.1.0 failed on PyPy 6.0.0 #147

Closed
yankos opened this issue Jun 11, 2020 · 1 comment
Closed

rsa 4.1.0 failed on PyPy 6.0.0 #147

yankos opened this issue Jun 11, 2020 · 1 comment

Comments

@yankos
Copy link

yankos commented Jun 11, 2020

I can't install rsa 4.1.0 with pypy 6.0.0. Looks like "pysha3" module is unsupported at the moment and it brakes the installation.
Version 4.0.0 works fine.

How to reproduce:

$ wget https://bitbucket.org/pypy/pypy/downloads/pypy3-v6.0.0-linux64.tar.bz2
$ tar jxf pypy3-v6.0.0-linux64.tar.bz2
$ mkdir ./venv_pypy
$ virtualenv -p ./pypy3-v6.0.0-linux64/bin/pypy3 ./venv_pypy
$ source ./venv_pypy/bin/activate
$ pip install rsa==4.1
Collecting rsa==4.1
  Using cached rsa-4.1-py3-none-any.whl (32 kB)
Requirement already satisfied: pyasn1>=0.1.3 in ./venv_pypy/site-packages (from rsa==4.1) (0.4.8)
Collecting pysha3<2.0,>=1.0; python_version >= "3.5" and python_version < "3.6"
  Using cached pysha3-1.0.2.tar.gz (829 kB)
Building wheels for collected packages: pysha3
  Building wheel for pysha3 (setup.py) ... error
  ERROR: Command errored out with exit status 1:
   command: /home/develop/venv_pypy/bin/pypy3 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-9q7018wt/pysha3/setup.py'"'"'; __file__='"'"'/tmp/pip-install-9q7018wt/pysha3/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' bdist_wheel -d /tmp/pip-wheel-fza3daue
       cwd: /tmp/pip-install-9q7018wt/pysha3/
  Complete output (16 lines):
  running bdist_wheel
  running build
  running build_py
  creating build
  creating build/lib.linux-x86_64-3.5
  copying sha3.py -> build/lib.linux-x86_64-3.5
  running build_ext
  building '_pysha3' extension
  creating build/temp.linux-x86_64-3.5
  creating build/temp.linux-x86_64-3.5/Modules
  creating build/temp.linux-x86_64-3.5/Modules/_sha3
  cc -pthread -DNDEBUG -O2 -fPIC -DPY_WITH_KECCAK=1 -I/home/develop/venv_pypy/pypy3-v6.0.0-linux64/include -c Modules/_sha3/sha3module.c -o build/temp.linux-x86_64-3.5/Modules/_sha3/sha3module.o
  In file included from Modules/_sha3/sha3module.c:20:0:
  Modules/_sha3/backport.inc:78:22: fatal error: pystrhex.h: No such file or directory
  compilation terminated.
  error: command 'cc' failed with exit status 1
  ----------------------------------------
  ERROR: Failed building wheel for pysha3
  Running setup.py clean for pysha3
Failed to build pysha3
Installing collected packages: pysha3, rsa
    Running setup.py install for pysha3 ... error
    ERROR: Command errored out with exit status 1:
     command: /home/develop/venv_pypy/bin/pypy3 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-9q7018wt/pysha3/setup.py'"'"'; __file__='"'"'/tmp/pip-install-9q7018wt/pysha3/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record /tmp/pip-record-pjjhc4qx/install-record.txt --single-version-externally-managed --compile --install-headers /home/develop/venv_pypy/include/site/python3.5/pysha3
         cwd: /tmp/pip-install-9q7018wt/pysha3/
    Complete output (16 lines):
    running install
    running build
    running build_py
    creating build
    creating build/lib.linux-x86_64-3.5
    copying sha3.py -> build/lib.linux-x86_64-3.5
    running build_ext
    building '_pysha3' extension
    creating build/temp.linux-x86_64-3.5
    creating build/temp.linux-x86_64-3.5/Modules
    creating build/temp.linux-x86_64-3.5/Modules/_sha3
    cc -pthread -DNDEBUG -O2 -fPIC -DPY_WITH_KECCAK=1 -I/home/develop/venv_pypy/pypy3-v6.0.0-linux64/include -c Modules/_sha3/sha3module.c -o build/temp.linux-x86_64-3.5/Modules/_sha3/sha3module.o
    In file included from Modules/_sha3/sha3module.c:20:0:
    Modules/_sha3/backport.inc:78:22: fatal error: pystrhex.h: No such file or directory
    compilation terminated.
    error: command 'cc' failed with exit status 1
    ----------------------------------------
ERROR: Command errored out with exit status 1: /home/develop/venv_pypy/bin/pypy3 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-9q7018wt/pysha3/setup.py'"'"'; __file__='"'"'/tmp/pip-install-9q7018wt/pysha3/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record /tmp/pip-record-pjjhc4qx/install-record.txt --single-version-externally-managed --compile --install-headers /home/develop/venv_pypy/include/site/python3.5/pysha3 Check the logs for full command output.
sybrenstuvel added a commit that referenced this issue Jun 11, 2020
@sybrenstuvel
Limit SHA3 support to Python 3.6+
9032802 
The third-party library that adds support for this to Python 3.5 is a
binary package, and thus breaks the pure-Python nature of Python-RSA.

This should fix [#147](#147).
@sybrenstuvel sybrenstuvel mentioned this issue Jun 11, 2020
Closed
@sybrenstuvel
Copy link
Owner

This should be fixed now. No SHA3 on Python 3.5 though (or PyPy that's at 3.5 level), but it does make the entire thing installable for you.

mtremer pushed a commit to ipfire/ipfire-2.x that referenced this issue Feb 14, 2022
@pmu-ipf
python3-rsa: Update to version 4.8 and python-3.10
0f721b0 
- Update from 4.0 to 4.8
- Update of rootfile
- Changelog
- Switch to [Poetry](https://python-poetry.org/) for dependency and release management.
- Compatibility with Python 3.10.
- Chain exceptions using `raise new_exception from old_exception`
  ([#157](sybrenstuvel/python-rsa#157))
- Added marker file for PEP 561. This will allow type checking tools in dependent projects
  to use type annotations from Python-RSA
  ([#136](sybrenstuvel/python-rsa#136)).
- Use the Chinese Remainder Theorem when decrypting with a private key. This
  makes decryption 2-4x faster
  ([#163](sybrenstuvel/python-rsa#163)).
- Fix picking/unpickling issue introduced in 4.7
  ([#173](sybrenstuvel/python-rsa#173))
- Fix threading issue introduced in 4.7
  ([#173](sybrenstuvel/python-rsa#173))
- Fix [#165](sybrenstuvel/python-rsa#165):
  CVE-2020-25658 - Bleichenbacher-style timing oracle in PKCS#1 v1.5 decryption
  code
- Add padding length check as described by PKCS#1 v1.5 (Fixes
  [#164](sybrenstuvel/python-rsa#164))
- Reuse of blinding factors to speed up blinding operations.
  Fixes [#162](sybrenstuvel/python-rsa#162).
- Declare & test support for Python 3.9
Version 4.4 and 4.6 are almost a re-tagged release of version 4.2. It requires
Python 3.5+. To avoid older Python installations from trying to upgrade to RSA
4.4, this is now made explicit in the `python_requires` argument in `setup.py`.
There was a mistake releasing 4.4 as "3.5+ only", which made it necessary to
retag 4.4 as 4.6 as well.
No functional changes compared to version 4.2.
Version 4.3 and 4.5 are almost a re-tagged release of version 4.0. It is the
last to support Python 2.7. This is now made explicit in the `python_requires`
argument in `setup.py`. Python 3.4 is not supported by this release. There was a
mistake releasing 4.4 as "3.5+ only", which made it necessary to retag 4.3 as
4.5 as well.
Two security fixes have also been backported, so 4.3 = 4.0 + these two fixes.
- Choose blinding factor relatively prime to N. Thanks Christian Heimes for pointing this out.
- Reject cyphertexts (when decrypting) and signatures (when verifying) that have
  been modified by prepending zero bytes. This resolves CVE-2020-13757. Thanks
  Carnil for pointing this out.
- Rolled back the switch to Poetry, and reverted back to using Pipenv + setup.py
  for dependency management. There apparently is an issue no-binary installs of
  packages build with Poetry. This fixes
  [#148](sybrenstuvel/python-rsa#148)
- Limited SHA3 support to those Python versions (3.6+) that support it natively.
  The third-party library that adds support for this to Python 3.5 is a binary
  package, and thus breaks the pure-Python nature of Python-RSA.
  This should fix [#147](sybrenstuvel/python-rsa#147).
- Added support for Python 3.8.
- Dropped support for Python 2 and 3.4.
- Added type annotations to the source code. This will make Python-RSA easier to use in
  your IDE, and allows better type checking.
- Added static type checking via [MyPy](http://mypy-lang.org/).
- Fix [#129](sybrenstuvel/python-rsa#129) Installing from source
  gives UnicodeDecodeError.
- Switched to using [Poetry](https://poetry.eustace.io/) for package
  management.
- Added support for SHA3 hashing: SHA3-256, SHA3-384, SHA3-512. This
  is natively supported by Python 3.6+ and supported via a third-party
  library on Python 3.5.
- Choose blinding factor relatively prime to N. Thanks Christian Heimes for pointing this out.
- Reject cyphertexts (when decrypting) and signatures (when verifying) that have
  been modified by prepending zero bytes. This resolves CVE-2020-13757. Thanks
  Adelapie for pointing this out.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yankos @sybrenstuvel