-
Notifications
You must be signed in to change notification settings - Fork 178
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gramine-sgx-sign reports "'bytearray' object cannot be converted to 'PyBytes'" #1731
Comments
ack, will look into it |
@andre-w-fischer: Can you please check if #1732 fixes the problem? |
@woju I can verify that the change fixes the problem. Thank you. |
@andre-w-fischer Thanks for testing. I have one more ask if you're able: Can you wait about a week until cryptography.io releases 42.0.2 and then test without this fix (i.e. just 1.6) to check if they fixed correctly? Or even test now with unreleased cryptography.io if you can. This would be useful mostly for users of stable Gramine (from packages/tags). I'll totally understand if you won't, we'll probably merge #1732 anyway just for clarity of method names, so this is going to get fixed around 1.7 in any case. |
Description of the problem
signing a simple binary (/usr/bin/true in the attached example) with a built-from-source gramine 1.6 fails with stack trace
(see Actual Results).
Steps to reproduce
With the attached files
bytearray-error.zip
run build.sh to first build gramine 1.6 together with missing dependencies (based on registry.access.redhat.com/ubi8/ubi:8.7)
and then sign a simple binary.
Change cryptography-error.dockerfile:43 from
to
and the problem goes away.
The 42.0.0 release was made on 23. January 2023. The 42.01 version (released today?) does not seem to fix this issue.
Expected results
gramine-sgx-sign finishes without error.
Actual results
#59 0.621 Traceback (most recent call last):
#59 0.621 File "/usr/local/bin/gramine-sgx-sign", line 171, in
#59 0.621 main() # pylint: disable=no-value-for-parameter
#59 0.621 ^^^^^^
#59 0.621 File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1157, in call
#59 0.621 return self.main(*args, **kwargs)
#59 0.621 ^^^^^^^^^^^^^^^^^^^^^^^^^^
#59 0.621 File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1078, in main
#59 0.621 rv = self.invoke(ctx)
#59 0.621 ^^^^^^^^^^^^^^^^
#59 0.621 File "/usr/local/lib/python3.11/site-packages/click/core.py", line 1434, in invoke
#59 0.622 return ctx.invoke(self.callback, **ctx.params)
#59 0.622 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#59 0.622 File "/usr/local/lib/python3.11/site-packages/click/core.py", line 783, in invoke
#59 0.622 return __callback(*args, **kwargs)
#59 0.622 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
#59 0.622 File "/usr/local/lib/python3.11/site-packages/click/decorators.py", line 33, in new_func
#59 0.622 return f(get_current_context(), *args, **kwargs)
#59 0.622 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#59 0.622 File "/usr/local/bin/gramine-sgx-sign", line 145, in main
#59 0.622 sigstruct.sign(sign_func)
#59 0.622 File "/usr/local/lib/python3.11/site-packages/graminelibos/sigstruct.py", line 191, in sign
#59 0.622 exponent_int, modulus_int, signature_int = do_sign_callback(data, *args, **kwargs)
#59 0.622 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#59 0.622 File "/usr/local/lib/python3.11/site-packages/graminelibos/sgx_sign.py", line 664, in sign_with_private_key
#59 0.622 signature = private_key.sign(data, padding.PKCS1v15(), hashes.SHA256())
#59 0.622 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#59 0.622 TypeError: argument 'data': 'bytearray' object cannot be converted to 'PyBytes'
Gramine commit hash
https://github.com/gramineproject/gramine/archive/refs/tags/v1.6.tar.gz
The text was updated successfully, but these errors were encountered: