From 1a64e8f4bd08441d05dbc9c50b44f7f0f7ff4bec Mon Sep 17 00:00:00 2001 From: Wassilios Lytras Date: Thu, 28 Jul 2022 05:27:16 +0200 Subject: [PATCH 1/4] Fix github action build fail due to: (#54) https://stackoverflow.com/questions/71673404/importerror-cannot-import-name-unicodefun-from-click --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 59a607f..71bda72 100644 --- a/setup.py +++ b/setup.py @@ -14,7 +14,7 @@ "pylint==2.12.1", "pylama==8.3.7", "pylama-pylint==3.1.1", - "black==21.12b0", + "black==22.6.0", "pytest-black==0.3.12", ] From 7f11cb4dfe0ff530232e686d122add5fcb160edb Mon Sep 17 00:00:00 2001 From: Wassilios Lytras Date: Thu, 28 Jul 2022 05:32:18 +0200 Subject: [PATCH 2/4] Feature to force binary canonicalization (#55) * Added partner setting to force canonicalize binary. * Formatted with black --- pyas2lib/as2.py | 8 +++++++- pyas2lib/utils.py | 8 ++++++-- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/pyas2lib/as2.py b/pyas2lib/as2.py index 9eadd4e..cb058ad 100644 --- a/pyas2lib/as2.py +++ b/pyas2lib/as2.py @@ -177,6 +177,8 @@ class Partner: :param mdn_confirm_text: The text to be used in the MDN for successfully processed messages received from this partner. + :param canonicalize_as_binary: force binary canonicalization for this partner + """ as2_name: str @@ -194,6 +196,7 @@ class Partner: mdn_digest_alg: str = None mdn_confirm_text: str = MDN_CONFIRM_TEXT ignore_self_signed: bool = True + canonicalize_as_binary: bool = False def __post_init__(self): """Run the post initialisation checks for this class.""" @@ -638,7 +641,10 @@ def parse(self, raw_content, find_org_cb, find_partner_cb, find_message_cb=None) # Verify the message, first using raw message and if it fails # then convert to canonical form and try again - mic_content = canonicalize(self.payload) + mic_content = canonicalize( + self.payload, + canonicalize_as_binary=self.sender.canonicalize_as_binary, + ) verify_cert = self.sender.load_verify_cert() self.digest_alg = verify_message(mic_content, signature, verify_cert) diff --git a/pyas2lib/utils.py b/pyas2lib/utils.py index 5947c55..48ad8dd 100644 --- a/pyas2lib/utils.py +++ b/pyas2lib/utils.py @@ -75,15 +75,19 @@ def mime_to_bytes(msg: message.Message, email_policy: policy.Policy = policy.HTT return fp.getvalue() -def canonicalize(email_message: message.Message): +def canonicalize(email_message: message.Message, canonicalize_as_binary: bool = False): """ Function to convert an email Message to standard format string/ :param email_message: email.message.Message to be converted to standard string + :param canonicalize_as_binary: force binary canonicalization :return: the standard representation of the email message in bytes """ - if email_message.get("Content-Transfer-Encoding") == "binary": + if ( + email_message.get("Content-Transfer-Encoding") == "binary" + or canonicalize_as_binary + ): message_header = "" message_body = email_message.get_payload(decode=True) for k, v in email_message.items(): From 7cadd1a4fd383089e8a062b95866e0b138b41a6d Mon Sep 17 00:00:00 2001 From: Abhishek Ram Date: Sun, 11 Dec 2022 14:36:57 +0530 Subject: [PATCH 3/4] Fix issue with latest version of cffi (#56) * Fix the version in the changelog * Freeze the version of pyflakes to resolve https://github.com/klen/pylama/issues/224 * Update the versions of oscrypt and asn1crypto * Use SMIMECapabilites from asn1crypto instead of the custom class --- .github/workflows/run-tests.yml | 2 +- CHANGELOG.md | 2 +- pyas2lib/cms.py | 96 +++++++++++---------------------- setup.py | 5 +- 4 files changed, 35 insertions(+), 70 deletions(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 48f1b3b..b012af3 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -8,7 +8,7 @@ on: - "master" jobs: build: - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 strategy: matrix: python-version: [3.7, 3.8, 3.9, "3.10"] diff --git a/CHANGELOG.md b/CHANGELOG.md index fee551e..fd5f254 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,6 @@ # Release History -## 1.4.0 - 2022-02-06 +## 1.4.1 - 2022-02-06 * fix: freezing pylama version to avoid breaking changes * feat: option to pass custom domain for AS2 message-id generation diff --git a/pyas2lib/cms.py b/pyas2lib/cms.py index 01bc008..0172980 100644 --- a/pyas2lib/cms.py +++ b/pyas2lib/cms.py @@ -1,19 +1,19 @@ """Define functions related to the CMS operations such as encrypting, signature, etc.""" import hashlib import zlib -from collections import OrderedDict from datetime import datetime, timezone from asn1crypto import cms, core, algos +from asn1crypto.cms import SMIMECapabilityIdentifier from oscrypto import asymmetric, symmetric, util +from pyas2lib.constants import DIGEST_ALGORITHMS from pyas2lib.exceptions import ( AS2Exception, DecompressionError, DecryptionError, IntegrityError, ) -from pyas2lib.constants import DIGEST_ALGORITHMS from pyas2lib.utils import normalize_digest_alg @@ -277,68 +277,6 @@ def sign_message( digest_func.update(data_to_sign) message_digest = digest_func.digest() - class SmimeCapability(core.Sequence): - """Define the possible list of Smime Capability.""" - - _fields = [ - ("0", core.Any, {"optional": True}), - ("1", core.Any, {"optional": True}), - ("2", core.Any, {"optional": True}), - ("3", core.Any, {"optional": True}), - ("4", core.Any, {"optional": True}), - ] - - class SmimeCapabilities(core.Sequence): - """Define the Smime Capabilities supported by pyas2.""" - - _fields = [ - ("0", SmimeCapability), - ("1", SmimeCapability, {"optional": True}), - ("2", SmimeCapability, {"optional": True}), - ("3", SmimeCapability, {"optional": True}), - ("4", SmimeCapability, {"optional": True}), - ("5", SmimeCapability, {"optional": True}), - ] - - smime_cap = OrderedDict( - [ - ( - "0", - OrderedDict( - [("0", core.ObjectIdentifier("2.16.840.1.101.3.4.1.42"))] - ), - ), - ( - "1", - OrderedDict( - [("0", core.ObjectIdentifier("2.16.840.1.101.3.4.1.2"))] - ), - ), - ( - "2", - OrderedDict([("0", core.ObjectIdentifier("1.2.840.113549.3.7"))]), - ), - ( - "3", - OrderedDict( - [ - ("0", core.ObjectIdentifier("1.2.840.113549.3.2")), - ("1", core.Integer(128)), - ] - ), - ), - ( - "4", - OrderedDict( - [ - ("0", core.ObjectIdentifier("1.2.840.113549.3.4")), - ("1", core.Integer(128)), - ] - ), - ), - ] - ) - signed_attributes = cms.CMSAttributes( [ cms.CMSAttribute( @@ -376,8 +314,34 @@ class SmimeCapabilities(core.Sequence): cms.CMSAttribute( { "type": cms.CMSAttributeType("1.2.840.113549.1.9.15"), - "values": cms.SetOfAny( - [core.Any(SmimeCapabilities(smime_cap))] + "values": cms.SetOfSMIMECapabilites( + [ + cms.SMIMECapabilites( + [ + SMIMECapabilityIdentifier( + {"capability_id": "2.16.840.1.101.3.4.1.42"} + ), + SMIMECapabilityIdentifier( + {"capability_id": "2.16.840.1.101.3.4.1.2"} + ), + SMIMECapabilityIdentifier( + {"capability_id": "1.2.840.113549.3.7"} + ), + SMIMECapabilityIdentifier( + { + "capability_id": "1.2.840.113549.3.2", + "parameters": core.Integer(128), + } + ), + SMIMECapabilityIdentifier( + { + "capability_id": "1.2.840.113549.3.4", + "parameters": core.Integer(128), + } + ), + ] + ) + ] ), } ), diff --git a/setup.py b/setup.py index 71bda72..f111d11 100644 --- a/setup.py +++ b/setup.py @@ -1,8 +1,8 @@ from setuptools import setup, find_packages install_requires = [ - "asn1crypto==1.4.0", - "oscrypto==1.2.1", + "asn1crypto==1.5.1", + "oscrypto==1.3.0", "pyOpenSSL==21.0.0", ] @@ -16,6 +16,7 @@ "pylama-pylint==3.1.1", "black==22.6.0", "pytest-black==0.3.12", + "pyflakes==2.4.0", ] setup( From 26669fd0184b52739ce4fedb693bcc254f40c20e Mon Sep 17 00:00:00 2001 From: abhishekram Date: Sun, 11 Dec 2022 14:43:33 +0530 Subject: [PATCH 4/4] Bump version to 1.4.2 and update change log --- CHANGELOG.md | 8 ++++++++ setup.py | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fd5f254..308eeab 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # Release History +## 1.4.2 - 2022-12-11 + +* fix: update the black version to fix github ci pipeline +* feat: added partner setting to force canonicalize binary +* fix: freeze the version of pyflakes to resolve klen/pylama#224 +* feat: update the versions of oscrypt and asn1crypto +* fix: Use SMIMECapabilites from asn1crypto instead of the custom class (needed due to asn1crypto upgrade) + ## 1.4.1 - 2022-02-06 * fix: freezing pylama version to avoid breaking changes diff --git a/setup.py b/setup.py index f111d11..7bc4ff0 100644 --- a/setup.py +++ b/setup.py @@ -27,7 +27,7 @@ long_description="Docs for this project are maintained at " "https://github.com/abhishek-ram/pyas2-lib/blob/" "master/README.md", - version="1.4.1", + version="1.4.2", author="Abhishek Ram", author_email="abhishek8816@gmail.com", packages=find_packages(where=".", exclude=("test*",)),