Signature Verification Issue Due to Missing Cryptography Backend Functions #713
Description
Installing pykmip==0.10.0 also installs cryptography=42.0.4
Cryptography 42.0.2 does not have the following functions, load_der_public_key and load_pem_public_key in the instance created by default_backend().
>>> import cryptography
>>> cryptography.__version__
'42.0.2'
>>> import kmip
>>> kmip.__version__
'0.10.0'
>>> from cryptography.hazmat.backends import default_backend
>>> backend = default_backend()
>>> backend.load_der_public_key(b"test")
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
AttributeError: 'Backend' object has no attribute 'load_der_public_key'
>>> backend.load_pem_public_key(b"test")
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
AttributeError: 'Backend' object has no attribute 'load_pem_public_key'
>>>
This is causing the kmip_server to throw, "Signing bytes could not be loaded" when there is an attempt to verify a signature using a public_key.
Code using older cryptography functions
kmip/services/server/crypto/engine.py
1490 try:
1491 public_key = backend.load_der_public_key(signing_key)
1492 except Exception:
1493 try:
1494 public_key = backend.load_pem_public_key(signing_key)
1495 except Exception:
1496 raise exceptions.CryptographicFailure(
1497 "The signing key bytes could not be loaded."
1498 )