Your message dated Fri, 05 Nov 2021 20:34:18 +0000
with message-id <[email protected]>
and subject line Bug#994266: fixed in azure-cli 2.30.0-1
has caused the Debian Bug report #994266,
regarding pyjwt breaks azure-cli autopkgtest: Could not deserialize key data.
The data may be in an incorrect format or it may be encrypted with an
unsupported algorithm.
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
994266: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994266
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: pyjwt, azure-cli
Control: found -1 pyjwt/2.1.0-1
Control: found -1 azure-cli/2.18.0-2
Severity: serious
Tags: sid bookworm
X-Debbugs-CC: [email protected]
User: [email protected]
Usertags: breaks needs-update
Dear maintainer(s),
With a recent upload of pyjwt the autopkgtest of azure-cli fails in
testing when that autopkgtest is run with the binary packages of pyjwt
from unstable. It passes when run with only packages from testing. In
tabular form:
pass fail
pyjwt from testing 2.1.0-1
azure-cli from testing 2.18.0-2
all others from testing from testing
I copied some of the output at the bottom of this report.
Currently this regression is blocking the migration of pyjwt to testing
[1]. Due to the nature of this issue, I filed this bug report against
both packages. Can you please investigate the situation and reassign the
bug to the right package?
More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation
Paul
[1] https://qa.debian.org/excuses.php?package=pyjwt
https://ci.debian.net/data/autopkgtest/testing/amd64/a/azure-cli/15220083/log.gz
=================================== FAILURES
===================================
_____________ TestProfile.test_find_subscriptions_in_cloud_console
_____________
self = <jwt.algorithms.RSAAlgorithm object at 0x7f8308a46ac0>, key = b''
def prepare_key(self, key):
if isinstance(key, RSAPrivateKey) or isinstance(key, RSAPublicKey):
return key
if isinstance(key, (bytes, str)):
key = force_bytes(key)
try:
if key.startswith(b"ssh-rsa"):
key = load_ssh_public_key(key)
else:
> key = load_pem_private_key(key, password=None)
/usr/lib/python3/dist-packages/jwt/algorithms.py:256:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _
data = b'', password = None
backend = <cryptography.hazmat.backends.openssl.backend.Backend object
at 0x7f8308b5c5b0>
def load_pem_private_key(data, password, backend=None):
backend = _get_backend(backend)
> return backend.load_pem_private_key(data, password)
/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/serialization/base.py:18:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _
self = <cryptography.hazmat.backends.openssl.backend.Backend object at
0x7f8308b5c5b0>
data = b'', password = None
def load_pem_private_key(self, data, password):
> return self._load_key(
self._lib.PEM_read_bio_PrivateKey,
self._evp_pkey_to_private_key,
data,
password,
)
/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py:1244:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _
self = <cryptography.hazmat.backends.openssl.backend.Backend object at
0x7f8308b5c5b0>
openssl_read_func = <built-in method PEM_read_bio_PrivateKey of
_cffi_backend.Lib object at 0x7f8308c24590>
convert_func = <bound method Backend._evp_pkey_to_private_key of
<cryptography.hazmat.backends.openssl.backend.Backend object at
0x7f8308b5c5b0>>
data = b'', password = None
def _load_key(self, openssl_read_func, convert_func, data, password):
mem_bio = self._bytes_to_bio(data)
userdata = self._ffi.new("CRYPTOGRAPHY_PASSWORD_DATA *")
if password is not None:
utils._check_byteslike("password", password)
password_ptr = self._ffi.from_buffer(password)
userdata.password = password_ptr
userdata.length = len(password)
evp_pkey = openssl_read_func(
mem_bio.bio,
self._ffi.NULL,
self._ffi.addressof(
self._lib._original_lib, "Cryptography_pem_password_cb"
),
userdata,
)
if evp_pkey == self._ffi.NULL:
if userdata.error != 0:
self._consume_errors()
if userdata.error == -1:
raise TypeError(
"Password was not given but private key is
encrypted"
)
else:
assert userdata.error == -2
raise ValueError(
"Passwords longer than {} bytes are not supported "
"by this backend.".format(userdata.maxsize - 1)
)
else:
> self._handle_key_loading_error()
/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py:1475:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _
self = <cryptography.hazmat.backends.openssl.backend.Backend object at
0x7f8308b5c5b0>
def _handle_key_loading_error(self):
errors = self._consume_errors()
if not errors:
raise ValueError(
"Could not deserialize key data. The data may be in an "
"incorrect format or it may be encrypted with an
unsupported "
"algorithm."
)
elif errors[0]._lib_reason_match(
self._lib.ERR_LIB_EVP, self._lib.EVP_R_BAD_DECRYPT
) or errors[0]._lib_reason_match(
self._lib.ERR_LIB_PKCS12,
self._lib.PKCS12_R_PKCS12_CIPHERFINAL_ERROR,
):
raise ValueError("Bad decrypt. Incorrect password?")
elif any(
error._lib_reason_match(
self._lib.ERR_LIB_EVP,
self._lib.EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM,
)
for error in errors
):
raise ValueError("Unsupported public key algorithm.")
else:
> raise ValueError(
"Could not deserialize key data. The data may be in an "
"incorrect format or it may be encrypted with an
unsupported "
"algorithm."
)
E ValueError: Could not deserialize key data. The data may be
in an incorrect format or it may be encrypted with an unsupported algorithm.
/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py:1517:
ValueError
OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: azure-cli
Source-Version: 2.30.0-1
Done: Luca Boccassi <[email protected]>
We believe that the bug you reported is fixed in the latest version of
azure-cli, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Luca Boccassi <[email protected]> (supplier of updated azure-cli package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 04 Nov 2021 23:46:19 +0000
Source: azure-cli
Architecture: source
Version: 2.30.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team <[email protected]>
Changed-By: Luca Boccassi <[email protected]>
Closes: 986657 989670 989676 994266
Changes:
azure-cli (2.30.0-1) unstable; urgency=medium
.
* Merge tag 'azure-cli-2.30.0' into debian/sid
(Closes: #994266, #986657, #989670, #989676)
* Update build dependencies for 2.30.0
* Drop obsolete crypto_dependency.patch
* Bump Standards-Version to 4.6.0, no changes
* autopkgtest: add dependency on python3-all:any
* Skip broken test
* Ignore very-long-line-length-in-source-file lintian warning
* python3-azure-cli-core: update Lintian warning paths
* Differentiate short descriptions
Checksums-Sha1:
d7fe8e6487366d33e8a40e6807a127ab6045194c 3728 azure-cli_2.30.0-1.dsc
8ea06f435c80e14e594544b678b25b5107c586eb 69903081 azure-cli_2.30.0.orig.tar.gz
30eaa12fc77e7df69c6b300692706fe7a15374cb 6776 azure-cli_2.30.0-1.debian.tar.xz
aab4eb2cc6759b2f3abb5686200d039270f582ce 9934
azure-cli_2.30.0-1_source.buildinfo
Checksums-Sha256:
debc1d60324ea43432683888481fb9f39fdc5ca3e79572546e56193874658b8e 3728
azure-cli_2.30.0-1.dsc
fc95b8e85268c926b29fd7cb236dd0010f9fc82ed405761dd78ef56f3a78d6e7 69903081
azure-cli_2.30.0.orig.tar.gz
f0b32c325c205720512098173edb2ae60df5bc6b6a2c74c8ce785a60c5abb9c7 6776
azure-cli_2.30.0-1.debian.tar.xz
da0893ff8871061847ff76ee5938c03a1c841707d274774a219caa3250973628 9934
azure-cli_2.30.0-1_source.buildinfo
Files:
548243bda694824ca2b256ca78a3e0fa 3728 python optional azure-cli_2.30.0-1.dsc
b1a4b0aff1184fce9567af18cd039fc7 69903081 python optional
azure-cli_2.30.0.orig.tar.gz
97a1b0355b87695787bab1f7dd2cbbcf 6776 python optional
azure-cli_2.30.0-1.debian.tar.xz
3cfc1c014bfa25676cc04365daa915bd 9934 python optional
azure-cli_2.30.0-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEErCSqx93EIPGOymuRKGv37813JB4FAmGFgyYRHGJsdWNhQGRl
Ymlhbi5vcmcACgkQKGv37813JB68zBAAqFIeQgEcieLY+Wlbft1HomhURh/zMQ7X
RfZm7HH4YGlvtUe4h61B+TZY4gUxw2nSScTBePmyhJmHW2t4xXy1PVBdBx+IuSSu
grJZSc6oSP3TbcAcRB8fmVKwsntVbQJIFFvsGpwk0WIb9YUALIp6ajVcXEdYKPsB
f9RkVytUOFFU8Jym2ay3BiTu2/PKBR22aCS6z1lIGdtePDgbIOjUgsbnWig1daSz
mu83o/Mu9FzuUAy4q5MiLU+/sopTswEr3/bYaxcrJlvnFa8JbQv/affDgW6cf9mC
Wc4JhfYqDop4vnEAUhPO5OqxBlLl03kn2sMv6oNQVb9hS6bSlFP6zcvqiOH7tvFv
CM8CXVc2TPrtSawQBs6mo9jMcleKelDLFwOnqZI+81ZCjFZSy2Oze5dq3DbN3EzD
7Pt3xwQo+ymndxHTa0Pm+mgwrF+JBi6Qkma+Xr88LfX0BQABeKQKYLe2wy5aJEVl
B1X9NXgw6M9gmHDbDiTR6g+0aCsC1yKefrViYA+LHkkdzBpoWoeq+HXb743bN21S
QlGKCjYQsdGq/3AYKs0AURN2vMgM7Q6HndnkMriCZKBsdEhYxQ1LzhO+FRpX8YWA
zvwE7PAOiuZOnOt2WfRbYSHdW7pXiWzUZwG+aru9yTMefgJyS3u8BasokCZyYEv4
D8r8e81Vi78=
=RtSY
-----END PGP SIGNATURE-----
--- End Message ---
