From 3c36aff150edb3dcb9e85ea14a82c734e033d9a3732acc9641554122a44dd045 Mon Sep 17 00:00:00 2001 From: Steve Kowalik Date: Wed, 9 Oct 2024 04:01:48 +0000 Subject: [PATCH] - Update to version 2.3.0: * FAPI: support exists_ok for create_nv * Compatibility with python-cryptography 42 * scripts: update regex for #defines * cryptography: fixes for newer version of cryptography * docs/maintainers: add gpg key details * docs: fix whitespace error * docs: fix error on SECURITY.md not being used * cryptography: add module for using TPM keys with the cryptography module * encoding: add deprecation warning to tools_encdec * internal/crypto: fix _MyRSAPrivateNumbers with cryptograpy >= 42.0.1 * test: disable pcr_set_auth_value and pcr_set_auth_policy tests for swtpm - Drop patch python-tpm2-pytss-RSAPrivateNumbers.patch, included upstream. - Switch to pyproject macros. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-tpm2-pytss?expand=0&rev=11 --- .gitattributes | 23 ++++++ .gitignore | 1 + _service | 18 +++++ _servicedata | 4 + python-tpm2-pytss-RSAPrivateNumbers.patch | 53 ++++++++++++ python-tpm2-pytss.changes | 96 ++++++++++++++++++++++ python-tpm2-pytss.spec | 98 +++++++++++++++++++++++ tpm2-pytss-2.2.0.tar.gz | 3 + tpm2-pytss-2.3.0.tar.gz | 3 + 9 files changed, 299 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 _service create mode 100644 _servicedata create mode 100644 python-tpm2-pytss-RSAPrivateNumbers.patch create mode 100644 python-tpm2-pytss.changes create mode 100644 python-tpm2-pytss.spec create mode 100644 tpm2-pytss-2.2.0.tar.gz create mode 100644 tpm2-pytss-2.3.0.tar.gz diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/_service b/_service new file mode 100644 index 0000000..ae827a5 --- /dev/null +++ b/_service @@ -0,0 +1,18 @@ + + + tpm2-pytss + 2.3.0 + git + disable + https://github.com/tpm2-software/tpm2-pytss.git + @PARENT_TAG@ + [v]?([^\+]+)(.*) + \1 + enable + + + *.tar + gz + + + diff --git a/_servicedata b/_servicedata new file mode 100644 index 0000000..199d509 --- /dev/null +++ b/_servicedata @@ -0,0 +1,4 @@ + + + https://github.com/tpm2-software/tpm2-pytss.git + 930cee2c45b84ac533c320b883b226edaeda9a38 \ No newline at end of file diff --git a/python-tpm2-pytss-RSAPrivateNumbers.patch b/python-tpm2-pytss-RSAPrivateNumbers.patch new file mode 100644 index 0000000..a1b5a2a --- /dev/null +++ b/python-tpm2-pytss-RSAPrivateNumbers.patch @@ -0,0 +1,53 @@ +Index: tpm2-pytss-2.2.0/src/tpm2_pytss/internal/crypto.py +=================================================================== +--- tpm2-pytss-2.2.0.orig/src/tpm2_pytss/internal/crypto.py ++++ tpm2-pytss-2.2.0/src/tpm2_pytss/internal/crypto.py +@@ -23,7 +23,7 @@ from cryptography.hazmat.primitives.ciph + from cryptography.hazmat.primitives.ciphers import modes, Cipher, CipherAlgorithm + from cryptography.hazmat.backends import default_backend + from cryptography.exceptions import UnsupportedAlgorithm, InvalidSignature +-from typing import Tuple, Type ++from typing import Tuple, Type, Any + import secrets + import sys + +@@ -220,7 +220,7 @@ def public_to_key(obj): + return key + + +-class _MyRSAPrivateNumbers(rsa.RSAPrivateNumbers): ++class _MyRSAPrivateNumbers: + def __init__(self, p: int, n: int, e: int, pubnums: rsa.RSAPublicNumbers): + + q = n // p +@@ -231,7 +231,12 @@ class _MyRSAPrivateNumbers(rsa.RSAPrivat + dmq1 = rsa.rsa_crt_dmq1(d, q) + iqmp = rsa.rsa_crt_iqmp(p, q) + +- super().__init__(p, q, d, dmp1, dmq1, iqmp, pubnums) ++ self._private_numbers = rsa.RSAPrivateNumbers( ++ p, q, d, dmp1, dmq1, iqmp, pubnums ++ ) ++ ++ def private_key(self, *args: Any, **kwargs: Any) -> rsa.RSAPrivateKey: ++ return self._private_numbers.private_key(*args, **kwargs) + + @staticmethod + def _xgcd(a: int, b: int) -> Tuple[int, int, int]: +@@ -251,15 +256,7 @@ class _MyRSAPrivateNumbers(rsa.RSAPrivat + # + @staticmethod + def _modinv(a, m): +- +- if sys.version_info < (3, 8): +- g, x, y = _MyRSAPrivateNumbers._xgcd(a, m) +- if g != 1: +- raise Exception("modular inverse does not exist") +- else: +- return x % m +- else: +- return pow(a, -1, m) ++ return pow(a, -1, m) + + @staticmethod + def _generate_d(p, q, e, n): diff --git a/python-tpm2-pytss.changes b/python-tpm2-pytss.changes new file mode 100644 index 0000000..ef5f84d --- /dev/null +++ b/python-tpm2-pytss.changes @@ -0,0 +1,96 @@ +------------------------------------------------------------------- +Wed Oct 9 04:00:45 UTC 2024 - Steve Kowalik + +- Update to version 2.3.0: + * FAPI: support exists_ok for create_nv + * Compatibility with python-cryptography 42 + * scripts: update regex for #defines + * cryptography: fixes for newer version of cryptography + * docs/maintainers: add gpg key details + * docs: fix whitespace error + * docs: fix error on SECURITY.md not being used + * cryptography: add module for using TPM keys with the cryptography module + * encoding: add deprecation warning to tools_encdec + * internal/crypto: fix _MyRSAPrivateNumbers with cryptograpy >= 42.0.1 + * test: disable pcr_set_auth_value and pcr_set_auth_policy tests for swtpm +- Drop patch python-tpm2-pytss-RSAPrivateNumbers.patch, included upstream. +- Switch to pyproject macros. + +------------------------------------------------------------------- +Wed Feb 28 10:44:28 UTC 2024 - Pedro Monreal + +- Fix tpm2-pkcs11 build: + * internal/crypto: fix _MyRSAPrivateNumbers with cryptograpy >= 42.0.1 + * Upstream: github.com/tpm2-software/tpm2-pytss/pull/562 + * Add python-tpm2-pytss-RSAPrivateNumbers.patch + +------------------------------------------------------------------- +Tue Feb 27 18:21:56 UTC 2024 - Pedro Monreal + +- Update to version 2.2.0: + * docs: use same requirements as in setup.cfg + * policy: fix hardcoded size in description + * policy: fix hardcoded size in get_calculated_json + * readthedocs: switch to new build specification format + * test: test against python 3.12 + * test: skip tests if ECC curves aren't supported. + * init: provide a better error message for missing symbols + * scripts: remove references to TPMS_ALGORITHM_DESCRIPTION + * tctildr: use Tss2_TctiLdr_GetInfo to lookup tcti backend + * setup: fixup compilation with fortify source enabled + * setup: drop python 3.7 + * test: add check for renamed cryptography types + * constants: use relative import over absolute + * constants: support unmarshal and marshal routines + * ESAPI: fix check on ESYS_TR in policy_secret + * constants: add routine for making ESYS_TR from parts + * setup: define __float128 for pycparse + * Remove fix_pycparse_float128.patch fixed upstream + +------------------------------------------------------------------- +Fri Feb 17 13:17:22 UTC 2023 - Alberto Planas Dominguez + +- Add fix_pycparse_float128.patch to fix issue in 32bits platforms + +------------------------------------------------------------------- +Thu Feb 16 15:30:10 UTC 2023 - aplanas@suse.com + +- Update to version 2.1.0: + * CHANGELOG: update for 2.1.0 + * SECURITY.md: initial commit + * TCTISPIHelper: add missing pass + * TCTISPIHelper: update docs on exceptions + * build(deps): bump gitpython from 3.1.24 to 3.1.30 in /docs + * ci: set publish to use ubuntu-20.04 + * CHANGELOG: update for 2.1.0-rc0 + * TCTI: Implement bindings to spi-helper + * ci: add 4.0.0, drop 2.4.6 + * docs: fix PyTCTI members + * use released tss2 versions for library version checking + * build(deps): bump certifi from 2021.10.8 to 2022.12.7 in /docs + * Add util functions to convert a credential from and to tpm2-tools format + * ESAPI: start_auth_session support strs for auth_hash + * ESAPI: start_auth_session support strings for symdef + * types: add parse to TPMT_SYM_[DEF|_OBJECT] + * internal: check for sphinx not unittest.mock for docs workaround + +------------------------------------------------------------------- +Thu Dec 08 10:33:50 UTC 2022 - aplanas@suse.com + +- Update to version 2.0.0: + * CHANGELOG: update for 2.0 release + * CHANGELOG: move breaking items to changed + * Revert "ci: publish_pkg update to tss 4.0.0-rc0" + * ci: publish_pkg update to tss 4.0.0-rc0 + * ci: update publish script to py3.7 + * README: Update mailing list + * CHANGELOG: update for 2.0-rc0 + * docs: add PyTCTI to docs + * README: add newest libraries + * FAPI: drop unused import Dict +- Drop patch 0001-test_crypto-fix-test_ecc_bad_curves-assert.patch + +------------------------------------------------------------------- +Mon Jul 11 07:35:34 UTC 2022 - Alberto Planas Dominguez + +- Initial package for 1.2.0 diff --git a/python-tpm2-pytss.spec b/python-tpm2-pytss.spec new file mode 100644 index 0000000..d6ea41c --- /dev/null +++ b/python-tpm2-pytss.spec @@ -0,0 +1,98 @@ +# +# spec file for package python-tpm2-pytss +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define pythons python3 +%define srcname tpm2-pytss +%bcond_with test +Name: python-%{srcname} +Version: 2.3.0 +Release: 0 +Summary: Python bindings for TSS +License: BSD-2-Clause +URL: https://github.com/tpm2-software/tpm2-pytss +Source: %{srcname}-%{version}.tar.gz +BuildRequires: %{python_module PyYAML} +BuildRequires: %{python_module asn1crypto} +BuildRequires: %{python_module cffi} +BuildRequires: %{python_module cryptography} +BuildRequires: %{python_module devel} +BuildRequires: %{python_module packaging} +BuildRequires: %{python_module pip} +BuildRequires: %{python_module pkgconfig} +BuildRequires: %{python_module pycparser} +BuildRequires: %{python_module setuptools_scm} +BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module wheel} +BuildRequires: fdupes +BuildRequires: pkgconfig +BuildRequires: python-rpm-macros +BuildRequires: pkgconfig(tss2-esys) +BuildRequires: pkgconfig(tss2-fapi) +Requires: python3-PyYAML +Requires: python3-asn1crypto +Requires: python3-cffi +Requires: python3-cryptography +Requires: python3-packaging +Requires: pkgconfig(tss2-esys) +Requires: pkgconfig(tss2-fapi) +%if %{with test} +# SECTION test requirements +BuildRequires: %{python_module pytest} +BuildRequires: swtpm +# /SECTION +%endif +%python_subpackages + +%description +TPM2 TSS Python bindings for Enhanced System API (ESYS), Feature API +(FAPI), Marshaling (MU), TCTI Loader (TCTILdr) and RC Decoding +(rcdecode) libraries. It also contains utility methods for wrapping +keys to TPM 2.0 data structures for importation into the TPM, +unwrapping keys and exporting them from the TPM, TPM-less +makecredential command and name calculations, TSS2 PEM Key format +support, importing Keys from PEM, DER and SSH formats, conversion from +tpm2-tools based command line strings and loading tpm2-tools context +files. + +%prep +%autosetup -p1 -n %{srcname}-%{version} + +%build +# Provides a PKG-INFO with "version" for setuptools_scm +cat < PKG-INFO +Metadata-Version: 1.1 +Version: %{version} +EOF +export CFLAGS="%{optflags}" +%pyproject_wheel + +%install +%pyproject_install +%python_expand %fdupes %{buildroot}%{$python_sitearch} + +%if %{with test} +%check +%pytest_arch +%endif + +%files %{python_files} +%license LICENSE +%{python_sitearch}/tpm2_pytss +%{python_sitearch}/tpm2_pytss-%{version}.dist-info + +%changelog diff --git a/tpm2-pytss-2.2.0.tar.gz b/tpm2-pytss-2.2.0.tar.gz new file mode 100644 index 0000000..7a10ac0 --- /dev/null +++ b/tpm2-pytss-2.2.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:68e1caf6fc81fc93392bc917a72a48bb149bf03acf1c3408ed3a8433095d94d2 +size 210068 diff --git a/tpm2-pytss-2.3.0.tar.gz b/tpm2-pytss-2.3.0.tar.gz new file mode 100644 index 0000000..fb8677d --- /dev/null +++ b/tpm2-pytss-2.3.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:57c9e04cb600f2ba07f01a355e33d8b8d2d1119f116e28d5ab20924aee9db1dc +size 216441