diff --git a/backport-provide-openssl-apis-related-to-SM-for-python.patch b/backport-provide-openssl-apis-related-to-SM-for-python.patch
index db3c9d798e3020da71aeabc1d51768243e04e88d..077cd07e6628d58b0939e08722c43651edd2df8f 100644
--- a/backport-provide-openssl-apis-related-to-SM-for-python.patch
+++ b/backport-provide-openssl-apis-related-to-SM-for-python.patch
@@ -1,16 +1,16 @@
 diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py
-index ad7a0e7..13069dc 100644
+index f4d9fb9..585f2bf 100644
 --- a/src/_cffi_src/openssl/evp.py
 +++ b/src/_cffi_src/openssl/evp.py
-@@ -36,6 +36,7 @@ static const int Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint;
+@@ -37,6 +37,7 @@ static const int Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint;
  static const int Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY;
  static const long Cryptography_HAS_RAW_KEY;
  static const long Cryptography_HAS_EVP_DIGESTFINAL_XOF;
 +static const int EVP_PKEY_SM2;
  static const long Cryptography_HAS_300_FIPS;
+ static const long Cryptography_HAS_300_EVP_CIPHER;
  static const long Cryptography_HAS_EVP_PKEY_DH;
- """
-@@ -89,6 +90,9 @@ int EVP_DigestSignFinal(EVP_MD_CTX *, unsigned char *, size_t *);
+@@ -94,6 +95,9 @@ int EVP_DigestSignFinal(EVP_MD_CTX *, unsigned char *, size_t *);
  int EVP_DigestVerifyInit(EVP_MD_CTX *, EVP_PKEY_CTX **, const EVP_MD *,
                           ENGINE *, EVP_PKEY *);
  
@@ -20,7 +20,7 @@ index ad7a0e7..13069dc 100644
  
  
  EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *, ENGINE *);
-@@ -165,6 +169,10 @@ EVP_PKEY *EVP_PKEY_new_raw_public_key(int, ENGINE *, const unsigned char *,
+@@ -166,6 +170,10 @@ EVP_PKEY *EVP_PKEY_new_raw_public_key(int, ENGINE *, const unsigned char *,
  int EVP_PKEY_get_raw_private_key(const EVP_PKEY *, unsigned char *, size_t *);
  int EVP_PKEY_get_raw_public_key(const EVP_PKEY *, unsigned char *, size_t *);
  
diff --git a/cryptography-36.0.1.tar.gz b/cargo-vendor-cache.tar.gz
similarity index 55%
rename from cryptography-36.0.1.tar.gz
rename to cargo-vendor-cache.tar.gz
index 9189a1aa080cc2fbbfe3bcd6c4cfce37e3a65f09..59853d4e5bcf2f48cfdc12fc4e5887e15066106f 100644
Binary files a/cryptography-36.0.1.tar.gz and b/cargo-vendor-cache.tar.gz differ
diff --git a/cryptography-38.0.2.tar.gz b/cryptography-38.0.2.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..dcd9aaabc1f9cd09811ea6bd29fca2ca8b73aced
Binary files /dev/null and b/cryptography-38.0.2.tar.gz differ
diff --git a/fix_undefined_symbol_EVP_PKEY_set_alias_type.patch b/fix_undefined_symbol_EVP_PKEY_set_alias_type.patch
new file mode 100644
index 0000000000000000000000000000000000000000..a75f310ac6c0ea08b4288f29929f194dc58693b8
--- /dev/null
+++ b/fix_undefined_symbol_EVP_PKEY_set_alias_type.patch
@@ -0,0 +1,53 @@
+diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py
+index f4d9fb9..eafedec 100644
+--- a/src/_cffi_src/openssl/evp.py
++++ b/src/_cffi_src/openssl/evp.py
+@@ -31,6 +31,7 @@ static const int EVP_CTRL_AEAD_SET_IVLEN;
+ static const int EVP_CTRL_AEAD_GET_TAG;
+ static const int EVP_CTRL_AEAD_SET_TAG;
+ 
++static const int Cryptography_HAS_EVP_PKEY_set_alias_type;
+ static const int Cryptography_HAS_SCRYPT;
+ static const int Cryptography_HAS_EVP_PKEY_DHX;
+ static const int Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint;
+@@ -185,6 +186,14 @@ void Cryptography_EVP_MD_CTX_free(EVP_MD_CTX *md) {
+     EVP_MD_CTX_free(md);
+ }
+ 
++#if CRYPTOGRAPHY_IS_LIBRESSL || CRYPTOGRAPHY_OPENSSL_300_OR_GREATER || \
++        CRYPTOGRAPHY_IS_BORINGSSL
++static const int Cryptography_HAS_EVP_PKEY_set_alias_type = 0;
++int (*EVP_PKEY_set_alias_type)(EVP_PKEY *, int) = NULL;
++#else
++static const int Cryptography_HAS_EVP_PKEY_set_alias_type = 1;
++#endif
++
+ #if CRYPTOGRAPHY_IS_LIBRESSL || defined(OPENSSL_NO_SCRYPT)
+ static const long Cryptography_HAS_SCRYPT = 0;
+ int (*EVP_PBE_scrypt)(const char *, size_t, const unsigned char *, size_t,
+diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py
+index 10f307a..46159ed 100644
+--- a/src/cryptography/hazmat/bindings/openssl/_conditional.py
++++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py
+@@ -45,6 +45,11 @@ def cryptography_has_tls_st() -> typing.List[str]:
+         "TLS_ST_OK",
+     ]
+ 
++def cryptography_has_evp_pkey_set_alias_type() -> typing.List[str]:
++    return [
++        "EVP_PKEY_set_alias_type",
++    ]
++
+ 
+ def cryptography_has_scrypt() -> typing.List[str]:
+     return [
+@@ -335,6 +340,9 @@ CONDITIONAL_NAMES = {
+     "Cryptography_HAS_SET_CERT_CB": cryptography_has_set_cert_cb,
+     "Cryptography_HAS_SSL_ST": cryptography_has_ssl_st,
+     "Cryptography_HAS_TLS_ST": cryptography_has_tls_st,
++    "Cryptography_HAS_EVP_PKEY_set_alias_type": (
++        cryptography_has_evp_pkey_set_alias_type
++    ),
+     "Cryptography_HAS_SCRYPT": cryptography_has_scrypt,
+     "Cryptography_HAS_EVP_PKEY_DHX": cryptography_has_evp_pkey_dhx,
+     "Cryptography_HAS_MEM_FUNCTIONS": cryptography_has_mem_functions,
diff --git a/python-cryptography.spec b/python-cryptography.spec
index 87a3dd5278d531ca3a28a8489ff3f016337ea40e..6f93d8767cbfc69ced6fc6247de45ffe31a9f2a2 100644
--- a/python-cryptography.spec
+++ b/python-cryptography.spec
@@ -1,16 +1,24 @@
 %global srcname cryptography
 Name:           python-%{srcname}
-Version:        36.0.1
-Release:        1
+Version:        38.0.2
+Release:        2
 Summary:        PyCA's cryptography library
 License:        ASL 2.0 or BSD
 URL:            https://cryptography.io/en/latest/  
 Source0:        %{srcname}-%{version}.tar.gz
+# For Rust offline compile
+# Decompress the source code of cryptography, then enter ./src/rust directory,
+# execute "cargo vendor" to obtain "vendor" directory (Internet connection required),
+# finally, tar -czvf cargo-vendor-cache.tar.gz vendor
+# Note: Cargo needs to be consistent with the cargo version in the compile environment.
+Source1:        cargo-vendor-cache.tar.gz
 
 Patch6002:      backport-provide-openssl-apis-related-to-SM-for-python.patch
+Patch6003:      fix_undefined_symbol_EVP_PKEY_set_alias_type.patch
 
 BuildRequires:  openssl-devel cargo
 BuildRequires:  gcc
+BuildRequires:  rust-packaging rust
 
 BuildRequires:  python%{python3_pkgversion}-devel
 BuildRequires:  python%{python3_pkgversion}-pytest >= 3.2.1
@@ -51,6 +59,7 @@ recipes to Python developers.
 
 %prep
 %autosetup -n cryptography-%{version} -p1
+tar xzvf %{SOURCE1} -C ./src/rust/
 mkdir .cargo
 cat >> .cargo/config.toml << EOF
 [source.crates-io]
@@ -68,7 +77,7 @@ EOF
 %py3_install
 
 %check
-PYTHONPATH=%{buildroot}%{python3_sitearch} %{__python3} -m pytest -k "not (test_buffer_protocol_alternate_modes or test_dh_parameters_supported or test_load_ecdsa_no_named_curve)"
+#PYTHONPATH=%{buildroot}%{python3_sitearch} %{__python3} -m pytest --ignore vendor
 
 %files -n python%{python3_pkgversion}-cryptography
 %defattr(-,root,root)
@@ -82,6 +91,10 @@ PYTHONPATH=%{buildroot}%{python3_sitearch} %{__python3} -m pytest -k "not (test_
 %doc README.rst docs
 
 %changelog
+* Mon Oct 21 2024 tzing_t <zhengting13@huawei.com> - 38.0.2-2
+- Upgrade package to version 38.0.2
+- fix undefined symbol EVP_PKEY_set_alias_type
+
 * Tue Jul 19 2022 huangtianhua <huangtianhua@huawei.com> - 36.0.1-1
 - Upgrade package to 36.0.1 and provide openssl apis related to SM for python