[PATCH] wireless-regdb: Replace M2Crypto with cryptography package
Ben Hutchings
benh at debian.org
Mon Feb 16 12:03:34 PST 2026
M2Crypto is deprecated by its maintainers in favour of the
cryptography package. Update db2bin.py to use that for signing
regulatory.bin.
Signed-off-by: Ben Hutchings <benh at debian.org>
---
This applies on top of the preceding fix for M2Crypto usage, but I can
squash them together if it's preferable to switch directly to
cryptography.
Ben.
--- a/db2bin.py
+++ b/db2bin.py
@@ -2,7 +2,6 @@
from io import BytesIO, open
import struct
-import hashlib
from dbparse import DBParser
import sys
@@ -125,19 +124,18 @@ if len(sys.argv) > 3:
# Load RSA only now so people can use this script
# without having those libraries installed to verify
# their SQL changes
- from M2Crypto import RSA
+ from cryptography.hazmat.primitives import hashes, serialization
+ from cryptography.hazmat.primitives.asymmetric import padding
# determine signature length
- key = RSA.load_key(sys.argv[3])
- hash = hashlib.sha1()
- hash.update(output.getvalue())
- sig = key.sign(hash.digest(), algo='sha1')
+ with open(sys.argv[3], 'rb') as key_file:
+ key = serialization.load_pem_private_key(key_file.read(),
+ password=None)
+ sig = key.sign(output.getvalue(), padding.PKCS1v15(), hashes.SHA1())
# write it to file
siglen.set(len(sig))
# sign again
- hash = hashlib.sha1()
- hash.update(output.getvalue())
- sig = key.sign(hash.digest(), algo='sha1')
+ sig = key.sign(output.getvalue(), padding.PKCS1v15(), hashes.SHA1())
output.write(sig)
else:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/wireless-regdb/attachments/20260216/46767cf1/attachment.sig>
More information about the wireless-regdb
mailing list