pysaml2 icon indicating copy to clipboard operation
pysaml2 copied to clipboard

Published 20 hours ago verified publisher icon IdentityPython

usage of pyopenssl library

Open defigor opened this issue 2 years ago • 4 comments

It seems that pyopenssl library should not be used for cryptography: https://github.com/pyca/pyopenssl Note: The Python Cryptographic Authority strongly suggests the use of pyca/cryptography where possible. If you are using pyOpenSSL for anything other than making a TLS connection you should move to cryptography and drop your pyOpenSSL dependency.

It seems that it is still being used in cert: https://github.com/IdentityPython/pysaml2/blob/master/src/saml2/cert.py#L8 Is it expected? Is there a plan to fix it?

Code Version

7.2.1

Expected Behavior

No dependency on pyopenssl

Current Behavior

pyopenssl is a dependency and is being used for cert.

Please let me know if we are wrong and that the library is not being used for cryptography and only for TLS connection. Also please let me know if we need to provide any further information. Thanks in advance.

defigor avatar Nov 03 '22 00:11 defigor

Hello, this is known and will be fixed, but I don't have a specific timeframe. This time of the year is very busy with meetings but I hope I can get to it soon.

c00kiemon5ter avatar Nov 29 '22 12:11 c00kiemon5ter

Hi @c00kiemon5ter I hope this time is less busy. By any chance do you have an update on this one?

defigor avatar Feb 13 '23 05:02 defigor

Hi, by any chance are there any updates on this issue?

defigor avatar Jun 05 '23 07:06 defigor

Hi, just checking if there are any updates on this one. Thanks in advance.

defigor avatar Sep 03 '23 22:09 defigor