diff options
Diffstat (limited to 'dev-python/tpm2-pytss/files')
2 files changed, 113 insertions, 0 deletions
diff --git a/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-internal-crypto-fix-_MyRSAPrivateNumbers-with-crypto.patch b/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-internal-crypto-fix-_MyRSAPrivateNumbers-with-crypto.patch new file mode 100644 index 000000000000..4aaecd935c22 --- /dev/null +++ b/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-internal-crypto-fix-_MyRSAPrivateNumbers-with-crypto.patch @@ -0,0 +1,73 @@ +From 0fbb9d099370c0a7031dd13990986538f586836a Mon Sep 17 00:00:00 2001 +From: Erik Larsson <who+github@cnackers.org> +Date: Fri, 26 Jan 2024 12:01:41 +0100 +Subject: [PATCH 3/3] internal/crypto: fix _MyRSAPrivateNumbers with + cryptograpy >= 42.0.1 + +RSAPrivateNumbers was moved to a rust implementation in 42.0.1. +So inheritance is no longer possible, so turn the class into a +wrapper instead of a subclass. + +Fixes #561 + +Signed-off-by: Erik Larsson <who+github@cnackers.org> +--- + src/tpm2_pytss/internal/crypto.py | 21 +++++++++------------ + 1 file changed, 9 insertions(+), 12 deletions(-) + +diff --git a/src/tpm2_pytss/internal/crypto.py b/src/tpm2_pytss/internal/crypto.py +index 93e5181..42030c5 100644 +--- a/src/tpm2_pytss/internal/crypto.py ++++ b/src/tpm2_pytss/internal/crypto.py +@@ -23,7 +23,7 @@ from cryptography.hazmat.primitives.ciphers.algorithms import AES, Camellia + from cryptography.hazmat.primitives.ciphers import modes, Cipher, CipherAlgorithm + from cryptography.hazmat.backends import default_backend + from cryptography.exceptions import UnsupportedAlgorithm, InvalidSignature +-from typing import Tuple, Type ++from typing import Tuple, Type, Any + import secrets + import sys + +@@ -220,7 +220,7 @@ def public_to_key(obj): + return key + + +-class _MyRSAPrivateNumbers(rsa.RSAPrivateNumbers): ++class _MyRSAPrivateNumbers: + def __init__(self, p: int, n: int, e: int, pubnums: rsa.RSAPublicNumbers): + + q = n // p +@@ -231,7 +231,12 @@ class _MyRSAPrivateNumbers(rsa.RSAPrivateNumbers): + dmq1 = rsa.rsa_crt_dmq1(d, q) + iqmp = rsa.rsa_crt_iqmp(p, q) + +- super().__init__(p, q, d, dmp1, dmq1, iqmp, pubnums) ++ self._private_numbers = rsa.RSAPrivateNumbers( ++ p, q, d, dmp1, dmq1, iqmp, pubnums ++ ) ++ ++ def private_key(self, *args: Any, **kwargs: Any) -> rsa.RSAPrivateKey: ++ return self._private_numbers.private_key(*args, **kwargs) + + @staticmethod + def _xgcd(a: int, b: int) -> Tuple[int, int, int]: +@@ -251,15 +256,7 @@ class _MyRSAPrivateNumbers(rsa.RSAPrivateNumbers): + # + @staticmethod + def _modinv(a, m): +- +- if sys.version_info < (3, 8): +- g, x, y = _MyRSAPrivateNumbers._xgcd(a, m) +- if g != 1: +- raise Exception("modular inverse does not exist") +- else: +- return x % m +- else: +- return pow(a, -1, m) ++ return pow(a, -1, m) + + @staticmethod + def _generate_d(p, q, e, n): +-- +2.43.0 + diff --git a/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-test-disable-pcr_set_auth_value-and-pcr_set_auth_pol.patch b/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-test-disable-pcr_set_auth_value-and-pcr_set_auth_pol.patch new file mode 100644 index 000000000000..6e99688b76ba --- /dev/null +++ b/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-test-disable-pcr_set_auth_value-and-pcr_set_auth_pol.patch @@ -0,0 +1,40 @@ +From c55775c30c06bf3a3066b4047cb51cb42f1e403d Mon Sep 17 00:00:00 2001 +From: Erik Larsson <who+github@cnackers.org> +Date: Sat, 6 Jan 2024 06:25:54 +0100 +Subject: [PATCH 2/3] test: disable pcr_set_auth_value and pcr_set_auth_policy + tests for swtpm + +Since [commit][1] in libtpms setting auth values/policies for PCRs are no longer supported. + +[1]: https://github.com/stefanberger/libtpms/commit/af4fc0e66df6d012c61aee7c418148fb261d77a9 + +Signed-off-by: Erik Larsson <who+github@cnackers.org> +--- + test/test_esapi.py | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/test/test_esapi.py b/test/test_esapi.py +index 269a43b..e0b6d35 100644 +--- a/test/test_esapi.py ++++ b/test/test_esapi.py +@@ -3585,6 +3585,8 @@ class TestEsys(TSS2_EsapiTest): + self.ectx.pcr_allocate(pcrsels, session3=object()) + + def test_pcr_set_auth_policy(self): ++ if getattr(self.tcti, "name", "") == "swtpm": ++ self.skipTest("pcr_set_auth_policy not supported by swtpm") + + policy = b"0123456789ABCDEF0123456789ABCDEF" + self.ectx.pcr_set_auth_policy(policy, TPM2_ALG.SHA256, ESYS_TR.PCR20) +@@ -3630,6 +3632,8 @@ class TestEsys(TSS2_EsapiTest): + ) + + def test_pcr_set_auth_value(self): ++ if getattr(self.tcti, "name", "") == "swtpm": ++ self.skipTest("pcr_set_auth_value not supported by swtpm") + + self.ectx.pcr_set_auth_value(ESYS_TR.PCR20, b"password") + self.ectx.tr_set_auth(ESYS_TR.PCR20, b"password") +-- +2.43.0 + |