swap to using cryptography and stdlib

[reaperhulk]

Status

Ready for review

Description of Changes

Fixes #3399

Changes proposed in this pull request:

Uses pyca/cryptography instead of pycryptodome

Testing

How should the reviewer test this PR?

All test cases must pass.

Deployment

Checklist

If you made changes to the server application code:

• Linting (make ci-lint) and tests (make -C securedrop test) pass in the development container

If you made changes to securedrop-admin:

• Linting and tests (make -C admin test) pass in the admin development container

If you made changes to the system configuration:

• Configuration tests pass

If you made changes to documentation:

• Doc linting (make docs-lint) passed locally

[ghost]

"cryptography requires setuptools 18.5 or newer, please upgrade to a "\n\nRuntimeError: cryptography requires setuptools 18.5 or newer, please upgrade to a newer version

This is from https://circleci.com/gh/freedomofpress/securedrop/13132?utm_campaign=vcs-integration-link&utm_medium=referral&utm_source=github-build-link and looks legit :-)

[kushaldas]

This is from https://circleci.com/gh/freedomofpress/securedrop/13132?utm_campaign=vcs-integration-link&utm_medium=referral&utm_source=github-build-link and looks legit :-)

Yes, and while testing a new update on this PR, issue #3407 came up.

[redshiftzero]

Hey @reaperhulk, thanks for this PR! 😄

To merge this for the next minor release (0.8.0), we'll need to temporarily pin to a slightly older version of pyca/cryptography, 2.0.3, to get the this to install on SecureDrop servers (more details). Let us know if you forsee any issues with that approach. To get the tests to run in CI in this PR, one can pick in 117acb6 from #3458.

In terms of your diff here, there was a legitimate test failure: tests/test_secure_tempfile.py::test_buffered_read, where only the first 1024 bytes of the test ciphertext were decrypting properly. Commit 7f636da from #3458 resolves that test failure. What do you think of those changes?

[reaperhulk]

@redshiftzero thanks for running with this! When does close get called here?

[redshiftzero]

@reaperhulk good question, the close method will be called when the temporary encrypted file is deleted (i.e. when the __del__ method is called) - the code that does that is here in tempfile._TemporaryFileWrapper which SecureTemporaryFile inherits from. Since this is definitely not clear upon initial inspection I've added some comments in 7a35752

[reaperhulk]

@redshiftzero Okay, that looks good then. Makes sense why you'd be seeing test failures prior to that change since it was finalizing a cipher context that was going to process additional data.

[redshiftzero]

Excellent, thanks @reaperhulk for your contribution to SecureDrop 😄 - we'll merge your commit over in #3458

[redshiftzero]

These changes have been merged in #3458, closing!