summaryrefslogtreecommitdiff
path: root/dev-python/tpm2-pytss
diff options
context:
space:
mode:
Diffstat (limited to 'dev-python/tpm2-pytss')
-rw-r--r--dev-python/tpm2-pytss/Manifest4
-rw-r--r--dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-internal-crypto-fix-_MyRSAPrivateNumbers-with-crypto.patch73
-rw-r--r--dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-test-disable-pcr_set_auth_value-and-pcr_set_auth_pol.patch40
-rw-r--r--dev-python/tpm2-pytss/tpm2-pytss-2.1.0-r2.ebuild (renamed from dev-python/tpm2-pytss/tpm2-pytss-2.1.0-r1.ebuild)12
4 files changed, 124 insertions, 5 deletions
diff --git a/dev-python/tpm2-pytss/Manifest b/dev-python/tpm2-pytss/Manifest
index 016628986aea..d94f249ee59d 100644
--- a/dev-python/tpm2-pytss/Manifest
+++ b/dev-python/tpm2-pytss/Manifest
@@ -1,4 +1,6 @@
+AUX tpm2-pytss-2.1.0-internal-crypto-fix-_MyRSAPrivateNumbers-with-crypto.patch 2494 BLAKE2B 98250351f74b43bb03c714fe208e7ceeae295b5341426527e09ceabd7138b354b765fe8630b50ba37b0e0c157761ac4b8aa5cd7a516a5af3e81a2fc6fd94b989 SHA512 b4a67e42e91af48282648ca673e949380b1df32df2ff9595de387720ee0537c6c350d2bb836b320f6fadee6c6a83d52e3d97708a0797f5d699959e611e1c2995
AUX tpm2-pytss-2.1.0-test-add-check-for-renamed-cryptography-types.patch 1556 BLAKE2B a3346aa7a685514b2dab15c713ae1661e8edbfc91414a2c2d0cfe939fa7761c551095a03156119bcb73cbe8605abf80446f6fbc9ee7efdafd45f39cc88074679 SHA512 68746d0f71141ea4f8add786aec8f04d50e4b2fb5883d7cecea5e9eab13682bee4bf177bf9351f9a7caa9494430e608c4eb70aa9ca82bf42c379dfe6ddcbe1d5
+AUX tpm2-pytss-2.1.0-test-disable-pcr_set_auth_value-and-pcr_set_auth_pol.patch 1491 BLAKE2B bc39ba520ad03ff22b573f6e93bb6e4cea5d776ca667abad79e3ca09b88116c61e458743f954f2676503a488e5003b78eeb45b3bfb942988651018a83c94c80e SHA512 1ddd469ed5775b742461a2d7a48e692871c6c1a5d9696ae7dadf531707f003a0679dc618d1231b25147b3b744d57130804c4dedeb3ce20a9855a3a2813fe18f8
DIST tpm2-pytss-2.1.0.tar.gz 203244 BLAKE2B f960fc08c12d10835ec7127e47842ea82b760e2de4fb3060a2f55f9bab5396cbe6f8edd07cb35b98d90ba8ec22c2d3ff287acbad47feac05f02df38b154f2132 SHA512 b4d8b3a0124e67278f08ff72d3635221e84ae26b6a5489ee159e641931aa9045b4b5111ed02d5ff86d69bd89b8460b2592a3fdb94742562351e41783c78184ba
-EBUILD tpm2-pytss-2.1.0-r1.ebuild 1026 BLAKE2B f3c3553bc01cbb83ca7e26516b057f0cc83b67ec3e5d03c0465b9c1224a744b5805414774e75aa03ba21342361df2538aa223cbec130e2a33049b1be1f7b133e SHA512 1ed9a338ece9f58816a77c2364bb7f00dbe15558cf3a2358b9bc1223f67f863bfdc71a90d703869ce6735febd72710fec20824c91e9c474f7b42db2dca7b5a35
+EBUILD tpm2-pytss-2.1.0-r2.ebuild 1230 BLAKE2B 13c672d69ea01f1f89e6bb43773134a8b867e89ad8adcd25c0b88a82f59139af1cd2f3d040506ad54146874ddfe0e16edfd30e01bb8e443a2ac94a02cad8ea0b SHA512 656c63c9c2da8f1b4856fc91b8d7b441a1d30baadb1208148a8a7e1a43b4042ac867e55749cfddd7ee7530547cb7c0fa67492bfe94c455ba94149695040b9000
MISC metadata.xml 648 BLAKE2B e4de9aae579210454f1a71043de7073c1aa7ead9c5acdea48ec2c8ebf5665ebb6837f198b6de49f7ae58bd1f5062ed4f8ca7092df56d8904aecd16bc226d95cd SHA512 dd87ec10b28530281c08d57d86a5004178e4eda729a43690ad4ab84effe246b34d777ec56c66d61a1e0335d2b9c1599366aa55bc58477f7c2dfa4eec5ab7d9ac
diff --git a/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-internal-crypto-fix-_MyRSAPrivateNumbers-with-crypto.patch b/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-internal-crypto-fix-_MyRSAPrivateNumbers-with-crypto.patch
new file mode 100644
index 000000000000..4aaecd935c22
--- /dev/null
+++ b/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-internal-crypto-fix-_MyRSAPrivateNumbers-with-crypto.patch
@@ -0,0 +1,73 @@
+From 0fbb9d099370c0a7031dd13990986538f586836a Mon Sep 17 00:00:00 2001
+From: Erik Larsson <who+github@cnackers.org>
+Date: Fri, 26 Jan 2024 12:01:41 +0100
+Subject: [PATCH 3/3] internal/crypto: fix _MyRSAPrivateNumbers with
+ cryptograpy >= 42.0.1
+
+RSAPrivateNumbers was moved to a rust implementation in 42.0.1.
+So inheritance is no longer possible, so turn the class into a
+wrapper instead of a subclass.
+
+Fixes #561
+
+Signed-off-by: Erik Larsson <who+github@cnackers.org>
+---
+ src/tpm2_pytss/internal/crypto.py | 21 +++++++++------------
+ 1 file changed, 9 insertions(+), 12 deletions(-)
+
+diff --git a/src/tpm2_pytss/internal/crypto.py b/src/tpm2_pytss/internal/crypto.py
+index 93e5181..42030c5 100644
+--- a/src/tpm2_pytss/internal/crypto.py
++++ b/src/tpm2_pytss/internal/crypto.py
+@@ -23,7 +23,7 @@ from cryptography.hazmat.primitives.ciphers.algorithms import AES, Camellia
+ from cryptography.hazmat.primitives.ciphers import modes, Cipher, CipherAlgorithm
+ from cryptography.hazmat.backends import default_backend
+ from cryptography.exceptions import UnsupportedAlgorithm, InvalidSignature
+-from typing import Tuple, Type
++from typing import Tuple, Type, Any
+ import secrets
+ import sys
+
+@@ -220,7 +220,7 @@ def public_to_key(obj):
+ return key
+
+
+-class _MyRSAPrivateNumbers(rsa.RSAPrivateNumbers):
++class _MyRSAPrivateNumbers:
+ def __init__(self, p: int, n: int, e: int, pubnums: rsa.RSAPublicNumbers):
+
+ q = n // p
+@@ -231,7 +231,12 @@ class _MyRSAPrivateNumbers(rsa.RSAPrivateNumbers):
+ dmq1 = rsa.rsa_crt_dmq1(d, q)
+ iqmp = rsa.rsa_crt_iqmp(p, q)
+
+- super().__init__(p, q, d, dmp1, dmq1, iqmp, pubnums)
++ self._private_numbers = rsa.RSAPrivateNumbers(
++ p, q, d, dmp1, dmq1, iqmp, pubnums
++ )
++
++ def private_key(self, *args: Any, **kwargs: Any) -> rsa.RSAPrivateKey:
++ return self._private_numbers.private_key(*args, **kwargs)
+
+ @staticmethod
+ def _xgcd(a: int, b: int) -> Tuple[int, int, int]:
+@@ -251,15 +256,7 @@ class _MyRSAPrivateNumbers(rsa.RSAPrivateNumbers):
+ #
+ @staticmethod
+ def _modinv(a, m):
+-
+- if sys.version_info < (3, 8):
+- g, x, y = _MyRSAPrivateNumbers._xgcd(a, m)
+- if g != 1:
+- raise Exception("modular inverse does not exist")
+- else:
+- return x % m
+- else:
+- return pow(a, -1, m)
++ return pow(a, -1, m)
+
+ @staticmethod
+ def _generate_d(p, q, e, n):
+--
+2.43.0
+
diff --git a/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-test-disable-pcr_set_auth_value-and-pcr_set_auth_pol.patch b/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-test-disable-pcr_set_auth_value-and-pcr_set_auth_pol.patch
new file mode 100644
index 000000000000..6e99688b76ba
--- /dev/null
+++ b/dev-python/tpm2-pytss/files/tpm2-pytss-2.1.0-test-disable-pcr_set_auth_value-and-pcr_set_auth_pol.patch
@@ -0,0 +1,40 @@
+From c55775c30c06bf3a3066b4047cb51cb42f1e403d Mon Sep 17 00:00:00 2001
+From: Erik Larsson <who+github@cnackers.org>
+Date: Sat, 6 Jan 2024 06:25:54 +0100
+Subject: [PATCH 2/3] test: disable pcr_set_auth_value and pcr_set_auth_policy
+ tests for swtpm
+
+Since [commit][1] in libtpms setting auth values/policies for PCRs are no longer supported.
+
+[1]: https://github.com/stefanberger/libtpms/commit/af4fc0e66df6d012c61aee7c418148fb261d77a9
+
+Signed-off-by: Erik Larsson <who+github@cnackers.org>
+---
+ test/test_esapi.py | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/test/test_esapi.py b/test/test_esapi.py
+index 269a43b..e0b6d35 100644
+--- a/test/test_esapi.py
++++ b/test/test_esapi.py
+@@ -3585,6 +3585,8 @@ class TestEsys(TSS2_EsapiTest):
+ self.ectx.pcr_allocate(pcrsels, session3=object())
+
+ def test_pcr_set_auth_policy(self):
++ if getattr(self.tcti, "name", "") == "swtpm":
++ self.skipTest("pcr_set_auth_policy not supported by swtpm")
+
+ policy = b"0123456789ABCDEF0123456789ABCDEF"
+ self.ectx.pcr_set_auth_policy(policy, TPM2_ALG.SHA256, ESYS_TR.PCR20)
+@@ -3630,6 +3632,8 @@ class TestEsys(TSS2_EsapiTest):
+ )
+
+ def test_pcr_set_auth_value(self):
++ if getattr(self.tcti, "name", "") == "swtpm":
++ self.skipTest("pcr_set_auth_value not supported by swtpm")
+
+ self.ectx.pcr_set_auth_value(ESYS_TR.PCR20, b"password")
+ self.ectx.tr_set_auth(ESYS_TR.PCR20, b"password")
+--
+2.43.0
+
diff --git a/dev-python/tpm2-pytss/tpm2-pytss-2.1.0-r1.ebuild b/dev-python/tpm2-pytss/tpm2-pytss-2.1.0-r2.ebuild
index 18d96bdbc4e2..0ec096900a00 100644
--- a/dev-python/tpm2-pytss/tpm2-pytss-2.1.0-r1.ebuild
+++ b/dev-python/tpm2-pytss/tpm2-pytss-2.1.0-r2.ebuild
@@ -1,11 +1,11 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
DISTUTILS_EXT=1
DISTUTILS_USE_PEP517=setuptools
PYPI_NO_NORMALIZE=1
-PYTHON_COMPAT=( python3_{10..11} )
+PYTHON_COMPAT=( python3_{10..12} )
inherit distutils-r1 pypi
@@ -21,7 +21,8 @@ KEYWORDS="~amd64"
IUSE="+fapi test"
-RDEPEND="app-crypt/tpm2-tss:=[fapi=]
+RDEPEND="${PYTHON_DEPS}
+ app-crypt/tpm2-tss:=[fapi=]
fapi? ( >=app-crypt/tpm2-tss-3.0.3:= )
dev-python/cffi[${PYTHON_USEDEP}]
dev-python/asn1crypto[${PYTHON_USEDEP}]
@@ -32,11 +33,14 @@ RDEPEND="app-crypt/tpm2-tss:=[fapi=]
DEPEND="${RDEPEND}
test? ( app-crypt/swtpm )"
-BDEPEND="dev-python/setuptools-scm[${PYTHON_USEDEP}]
+BDEPEND="${PYTHON_DEPS}
+ dev-python/setuptools-scm[${PYTHON_USEDEP}]
dev-python/pkgconfig[${PYTHON_USEDEP}]"
PATCHES=(
"${FILESDIR}/${PN}-2.1.0-test-add-check-for-renamed-cryptography-types.patch"
+ "${FILESDIR}/${PN}-2.1.0-internal-crypto-fix-_MyRSAPrivateNumbers-with-crypto.patch"
+ "${FILESDIR}/${PN}-2.1.0-test-disable-pcr_set_auth_value-and-pcr_set_auth_pol.patch"
)
export SETUPTOOLS_SCM_PRETEND_VERSION=${PV}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-31 20:39:41 +0000