pool/python-fido2
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 891243 from devel:languages:python

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/891243
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-fido2?expand=0&rev=9
This commit is contained in:
Dominique Leuenberger 2021-05-07 14:45:53 +00:00 committed by Git OBS Bridge
commit c374a87420
8 changed files with 163 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
0001-Don-t-use-enum.auto-Python-2.patch Normal file
View File

@ -0,0 +1,42 @@
From ce19ba598a077dd09d164c2bef05169e01b69eaf Mon Sep 17 00:00:00 2001
From: Dain Nilsson <dain@yubico.com>
Date: Tue, 16 Mar 2021 14:59:59 +0100
Subject: [PATCH] Don't use enum.auto (Python 2).
---
fido2/attestation/base.py | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/fido2/attestation/base.py b/fido2/attestation/base.py
index 6f7d173..e631c48 100644
--- a/fido2/attestation/base.py
+++ b/fido2/attestation/base.py
@@ -25,7 +25,7 @@
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
-from enum import Enum, auto
+from enum import Enum
from cryptography import x509
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import padding, ec, rsa
@@ -67,11 +67,11 @@ AttestationResult = namedtuple("AttestationResult", ["attestation_type", "trust_
class AttestationType(Enum):
- BASIC = auto()
- SELF = auto()
- ATT_CA = auto()
- ANON_CA = auto()
- NONE = auto
+ BASIC = 1
+ SELF = 2
+ ATT_CA = 3
+ ANON_CA = 4
+ NONE = 0
def catch_builtins(f):
--
2.26.2

86
0001-Skip-tests-on-older-Cryptography-versions.patch Normal file
View File

@ -0,0 +1,86 @@
From 2e3224d7a8be8625b05e88c10efdbf57b646107c Mon Sep 17 00:00:00 2001
From: Dain Nilsson <dain@yubico.com>
Date: Tue, 16 Feb 2021 08:41:30 +0100
Subject: [PATCH] Skip tests on older Cryptography versions.
---
test/test_cose.py | 25 +++++++++++++------------
test/utils.py | 5 +++++
2 files changed, 18 insertions(+), 12 deletions(-)
diff --git a/test/test_cose.py b/test/test_cose.py
index 4ce0fd7..4ae0479 100644
--- a/test/test_cose.py
+++ b/test/test_cose.py
@@ -30,7 +30,8 @@ from __future__ import absolute_import, unicode_literals
from fido2 import cbor
from fido2.cose import CoseKey, ES256, RS256, EdDSA, UnsupportedKey
-from cryptography.exceptions import UnsupportedAlgorithm
+from cryptography import __version__ as cryptography_version
+from distutils.version import LooseVersion
from binascii import a2b_hex
import unittest
@@ -100,6 +101,9 @@ class TestCoseKey(unittest.TestCase):
)
def test_EdDSA_parse_verify(self):
+ if LooseVersion(cryptography_version) < LooseVersion("2.6"):
+ self.skipTest("EdDSA support missing")
+
key = CoseKey.parse(cbor.decode(_EdDSA_KEY))
self.assertIsInstance(key, EdDSA)
self.assertEqual(
@@ -113,17 +117,14 @@ class TestCoseKey(unittest.TestCase):
),
},
)
- try:
- key.verify(
- a2b_hex(
- b"a379a6f6eeafb9a55e378c118034e2751e682fab9f2d30ab13d2125586ce1947010000000500a11a323057d1103784ddff99a354ddd42348c2f00e88d8977b916cabf92268" # noqa E501
- ),
- a2b_hex(
- b"e8c927ef1a57c738ff4ba8d6f90e06d837a5219eee47991f96b126b0685d512520c9c2eedebe4b88ff2de2b19cb5f8686efc7c4261e9ed1cb3ac5de50869be0a" # noqa E501
- ),
- )
- except UnsupportedAlgorithm:
- self.skipTest("EdDSA support missing")
+ key.verify(
+ a2b_hex(
+ b"a379a6f6eeafb9a55e378c118034e2751e682fab9f2d30ab13d2125586ce1947010000000500a11a323057d1103784ddff99a354ddd42348c2f00e88d8977b916cabf92268" # noqa E501
+ ),
+ a2b_hex(
+ b"e8c927ef1a57c738ff4ba8d6f90e06d837a5219eee47991f96b126b0685d512520c9c2eedebe4b88ff2de2b19cb5f8686efc7c4261e9ed1cb3ac5de50869be0a" # noqa E501
+ ),
+ )
def test_unsupported_key(self):
key = CoseKey.parse({1: 4711, 3: 4712, -1: b"123", -2: b"456"})
diff --git a/test/utils.py b/test/utils.py
index d649cb2..f50898d 100644
--- a/test/utils.py
+++ b/test/utils.py
@@ -1,4 +1,5 @@
import six
+import unittest
from binascii import a2b_hex
from cryptography.hazmat.backends import default_backend
@@ -17,8 +18,12 @@ class U2FDevice(object):
)
def __init__(self, credential_id, app_id):
+ if not hasattr(serialization.Encoding, "X962"):
+ raise unittest.SkipTest("Requires Cryptography >= 2.5")
+
assert isinstance(credential_id, six.binary_type)
assert isinstance(app_id, six.binary_type)
+
# Note: do not use in production, no garantees is provided this is
# cryptographically safe to use.
priv_key_params = ConcatKDFHash(
--
2.26.2

3
fido2-0.8.1.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:449068f6876f397c8bb96ebc6a75c81c2692f045126d3f13ece21d409acdf7c3
size 201198

BIN
fido2-0.8.1.tar.gz.sig
View File

Binary file not shown.

3
fido2-0.9.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8680ee25238e2307596eb3900a0f8c0d9cc91189146ed8039544f1a3a69dfe6e
size 206395

BIN
fido2-0.9.1.tar.gz.sig Normal file
View File

Binary file not shown.

21
python-fido2.changes
View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Thu May 6 14:23:34 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update to version 0.9.1
* Add new CTAP error codes and improve handling of unknown codes.
* Client: API changes to better support extensions.
* Client.make_credential now returns a AuthenticatorAttestationResponse,
which holds the AttestationObject and ClientData, as well as any
client extension results for the credential.
* Client.get_assertion now returns an AssertionSelection object,
which is used to select between multiple assertions
* Renames: The CTAP1 and CTAP2 classes have been renamed to
Ctap1 and Ctap2, respectively.
* ClientPin: The ClientPin API has been restructured to support
multiple PIN protocols, UV tokens, and token permissions.
* CTAP 2.1 PRE: Several new features have been added for CTAP 2.1
* HID: The platform specific HID code has been revamped
- Add 0001-Don-t-use-enum.auto-Python-2.patch from upstream
- Add 0001-Skip-tests-on-older-Cryptography-versions.patch from
upstream
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Apr 20 12:42:34 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com> Mon Apr 20 12:42:34 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>

17
python-fido2.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package python-fido2 # spec file for package python-fido2
# #
# Copyright (c) 2020 SUSE LLC # Copyright (c) 2021 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -19,14 +19,18 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}} %{?!python_module:%define python_module() python-%{**} python3-%{**}}
%bcond_without python2 %bcond_without python2
Name: python-fido2 Name: python-fido2
Version: 0.8.1 Version: 0.9.1
Release: 0 Release: 0
Summary: Python-based FIDO 2.0 library Summary: Python-based FIDO 2.0 library
License: BSD-2-Clause AND BSD-3-Clause AND Apache-2.0 AND MPL-2.0 License: BSD-2-Clause AND BSD-3-Clause AND Apache-2.0 AND MPL-2.0
Group: Development/Languages/Python Group: Development/Languages/Python
URL: https://github.com/Yubico/python-fido2 URL: https://github.com/Yubico/python-fido2
Source0: https://github.com/Yubico/python-fido2/releases/download/%{version}/fido2-%{version}.tar.gz Source0: %{URL}/releases/download/%{version}/fido2-%{version}.tar.gz
Source1: https://github.com/Yubico/python-fido2/releases/download/%{version}/fido2-%{version}.tar.gz.sig Source1: %{URL}/releases/download/%{version}/fido2-%{version}.tar.gz.sig
# PATCH-FIX-UPSTREAM 0001-Don-t-use-enum.auto-Python-2.patch -- https://github.com/Yubico/python-fido2/commit/ce19ba598a077dd09d164c2bef05169e01b69eaf
Patch0: 0001-Don-t-use-enum.auto-Python-2.patch
# PATCH-FIX-UPSTREAM 0001-Skip-tests-on-older-Cryptography-versions.patch -- https://github.com/Yubico/python-fido2/commit/2e3224d7a8be8625b05e88c10efdbf57b646107c
Patch1: 0001-Skip-tests-on-older-Cryptography-versions.patch
BuildRequires: %{python_module cryptography >= 1.5} BuildRequires: %{python_module cryptography >= 1.5}
BuildRequires: %{python_module mock >= 1.0.1} BuildRequires: %{python_module mock >= 1.0.1}
BuildRequires: %{python_module pyfakefs >= 3.4} BuildRequires: %{python_module pyfakefs >= 3.4}
@ -52,7 +56,7 @@ In addition to this low-level device access, classes defined in the fido2.client
implement higher level device operations. implement higher level device operations.
%prep %prep
%setup -q -n fido2-%{version} %autosetup -p1 -n fido2-%{version}
%build %build
%python_build %python_build
@ -62,7 +66,8 @@ implement higher level device operations.
%python_expand %fdupes %{buildroot}%{$python_sitelib} %python_expand %fdupes %{buildroot}%{$python_sitelib}
%check %check
%python_exec setup.py test # %%pyunittest
%python_expand $python -m unittest
%files %{python_files} %files %{python_files}
%doc NEWS* README* %doc NEWS* README*