Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-pynitrokey for
openSUSE:Factory checked in at 2024-02-01 18:04:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-pynitrokey (Old)
and /work/SRC/openSUSE:Factory/.python-pynitrokey.new.1815 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-pynitrokey"
Thu Feb 1 18:04:42 2024 rev:8 rq:1143287 version:0.4.45
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-pynitrokey/python-pynitrokey.changes
2024-01-07 21:40:56.353409198 +0100
+++
/work/SRC/openSUSE:Factory/.python-pynitrokey.new.1815/python-pynitrokey.changes
2024-02-01 18:05:11.154652022 +0100
@@ -1,0 +2,19 @@
+Wed Jan 31 15:56:49 UTC 2024 - Dirk Müller <dmuel...@suse.com>
+
+- add support-spsdk-2.0.patch: support spsdk 2.0
+
+-------------------------------------------------------------------
+Mon Jan 29 08:19:30 UTC 2024 - Dirk Müller <dmuel...@suse.com>
+
+- allow the fixed click version as well
+- correct runtime requires
+
+-------------------------------------------------------------------
+Fri Jan 26 20:51:05 UTC 2024 - Johannes Kastl
<opensuse_buildserv...@ojkastl.de>
+
+- update to 0.4.45:
+ * Remove firmware version check for SE050 test by
+ @sosthene-nitrokey in #481
+ * nk3 secrets: Log payload length by @robin-nitrokey in #496
+
+-------------------------------------------------------------------
Old:
----
pynitrokey-0.4.44.tar.gz
New:
----
pynitrokey-0.4.45.tar.gz
support-spsdk-2.0.patch
BETA DEBUG BEGIN:
New:
- add support-spsdk-2.0.patch: support spsdk 2.0
BETA DEBUG END:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-pynitrokey.spec ++++++
--- /var/tmp/diff_new_pack.v18Wrf/_old 2024-02-01 18:05:11.978681837 +0100
+++ /var/tmp/diff_new_pack.v18Wrf/_new 2024-02-01 18:05:11.978681837 +0100
@@ -23,7 +23,7 @@
%endif
Name: python-pynitrokey
-Version: 0.4.44
+Version: 0.4.45
Release: 0
Summary: Python Library for Nitrokey devices
License: Apache-2.0 OR MIT
@@ -31,6 +31,8 @@
Source:
https://files.pythonhosted.org/packages/source/p/pynitrokey/pynitrokey-%{version}.tar.gz
Source1: LICENSE-MIT
Source2: LICENSE-APACHE
+# PATCH-FIX-UPSTREAM: support spsdk >= 2.0
+Patch1:
https://github.com/Nitrokey/pynitrokey/pull/499.patch#/support-spsdk-2.0.patch
BuildRequires: %{python_module click-aliases}
BuildRequires: %{python_module flit}
BuildRequires: %{python_module pip}
@@ -38,9 +40,9 @@
# https://github.com/Nitrokey/pynitrokey/blob/master/pyproject.toml
BuildRequires: %{python_module certifi >= 14.5.14}
BuildRequires: %{python_module cffi}
-BuildRequires: %{python_module click >= 8.0.0 with %python-click < 9}
-# "cryptography >=3.4.4,<37"
-BuildRequires: %{python_module cryptography}
+BuildRequires: %{python_module click >= 8.1.6}
+# "cryptography >=41.0.4,<44"
+BuildRequires: %{python_module cryptography >= 41.0.4 with
%python-cryptography < 44}
BuildRequires: %{python_module ecdsa}
# "frozendict ~= 2.3.4"
BuildRequires: %{python_module frozendict >= 2.3.4}
@@ -52,12 +54,9 @@
BuildRequires: %{python_module python-dateutil >= 2.7.0}
BuildRequires: %{python_module pyusb}
BuildRequires: %{python_module requests}
-# "spsdk >=1.7.0,<1.8.0"
-BuildRequires: %{python_module spsdk >= 1.11.0 with %python-spsdk < 1.12.0}
-BuildRequires: %{python_module tqdm}
-# "urllib3 ~= 1.26.7"
-BuildRequires: %{python_module urllib3 >= 1.26.7}
+BuildRequires: %{python_module spsdk >= 2.0 with %python-spsdk < 2.1}
BuildRequires: %{python_module tlv8}
+BuildRequires: %{python_module tqdm}
# "typing_extensions ~= 4.3.0"
BuildRequires: %{python_module typing_extensions >= 4.3.0}
BuildRequires: %{python_module pyserial}
@@ -72,6 +71,7 @@
Requires: intelhex
Requires: python-certifi >= 14.5.14
Requires: python-cffi
+Requires: python-click >= 8.1.6
Requires: python-click-aliases
Requires: python-cryptography
Requires: python-ecdsa
@@ -83,16 +83,15 @@
Requires: python-pyusb
Requires: python-requests
Requires: python-semver
-Requires: python-spsdk >= 1.7.0
Requires: python-tlv8
Requires: python-tqdm
Requires: python-typing_extensions >= 4.3.0
Requires: python-urllib3 >= 1.26.7
-Requires: (python-click >= 8.0.0 with python-click < 9)
Requires: (python-fido2 >= 1.1.0 with python-fido2 < 2)
Requires: (python-nethsm >= 0.5.0 with python-nethsm < 2)
+Requires: (python-spsdk >= 2.0 with python-spsdk < 2.1)
Requires(post): update-alternatives
-Requires(postun):update-alternatives
+Requires(postun): update-alternatives
# only build for x86_64, as some dependencies are not available
# for other architectures
ExclusiveArch: x86_64
@@ -120,7 +119,7 @@
- [NetHSM](https://docs.nitrokey.com/nethsm/index.html)
%prep
-%setup -q -n pynitrokey-%{version}
+%autosetup -p1 -n pynitrokey-%{version}
cp %SOURCE1 .
cp %SOURCE2 .
++++++ pynitrokey-0.4.44.tar.gz -> pynitrokey-0.4.45.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pynitrokey-0.4.44/PKG-INFO
new/pynitrokey-0.4.45/PKG-INFO
--- old/pynitrokey-0.4.44/PKG-INFO 1970-01-01 01:00:00.000000000 +0100
+++ new/pynitrokey-0.4.45/PKG-INFO 1970-01-01 01:00:00.000000000 +0100
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: pynitrokey
-Version: 0.4.44
+Version: 0.4.45
Summary: Python Library for Nitrokey devices.
Author-email: Nitrokey <p...@nitrokey.com>
Requires-Python: >=3.9
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pynitrokey-0.4.44/pynitrokey/VERSION
new/pynitrokey-0.4.45/pynitrokey/VERSION
--- old/pynitrokey-0.4.44/pynitrokey/VERSION 2023-12-18 23:49:57.000000000
+0100
+++ new/pynitrokey-0.4.45/pynitrokey/VERSION 2024-01-23 17:12:03.000000000
+0100
@@ -1 +1 @@
-0.4.44
+0.4.45
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pynitrokey-0.4.44/pynitrokey/cli/nk3/test.py
new/pynitrokey-0.4.45/pynitrokey/cli/nk3/test.py
--- old/pynitrokey-0.4.44/pynitrokey/cli/nk3/test.py 2023-12-18
23:49:57.000000000 +0100
+++ new/pynitrokey-0.4.45/pynitrokey/cli/nk3/test.py 2024-01-23
17:12:03.000000000 +0100
@@ -360,13 +360,6 @@
if not isinstance(device, Nitrokey3Device):
return TestResult(TestStatus.SKIPPED)
- firmware_version = ctx.firmware_version or device.version()
- if (
- firmware_version.core() < Version(1, 5, 0)
- or firmware_version.core() >= Version(1, 6, 0)
- or firmware_version.pre is None
- ):
- return TestResult(TestStatus.SKIPPED)
que: Queue[Optional[bytes]] = Queue()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pynitrokey-0.4.44/pynitrokey/nk3/secrets_app.py
new/pynitrokey-0.4.45/pynitrokey/nk3/secrets_app.py
--- old/pynitrokey-0.4.44/pynitrokey/nk3/secrets_app.py 2023-12-18
23:49:57.000000000 +0100
+++ new/pynitrokey-0.4.45/pynitrokey/nk3/secrets_app.py 2024-01-23
17:12:03.000000000 +0100
@@ -347,9 +347,7 @@
return self._send_receive_inner(bytes_data, log_info=f"{ins}")
def _send_receive_inner(self, data: bytes, log_info: str = "") -> bytes:
- self.logfn(
- f"Sending {log_info if log_info else ''} {data.hex() if data else
data!r}"
- )
+ self.logfn(f"Sending {log_info if log_info else ''} (data: {len(data)}
bytes)")
try:
result = self.dev.otp(data=data)
@@ -358,18 +356,14 @@
raise
status_bytes, result = result[:2], result[2:]
- self.logfn(
- f"Received [{status_bytes.hex()}] {result.hex() if result else
result!r}"
- )
+ self.logfn(f"Received [{status_bytes.hex()}] (data: {len(result)}
bytes)")
log_multipacket = False
data_final = result
MORE_DATA_STATUS_BYTE = 0x61
while status_bytes[0] == MORE_DATA_STATUS_BYTE:
if log_multipacket:
- self.logfn(
- f"Got RemainingData status: [{status_bytes.hex()}]
{result.hex() if result else result!r}"
- )
+ self.logfn(f"Got RemainingData status: [{status_bytes.hex()}]")
log_multipacket = True
ins_b, p1, p2 = self._encode_command(Instruction.SendRemaining)
bytes_data = iso7816_compose(ins_b, p1, p2)
@@ -380,9 +374,7 @@
raise
# Data order is different here than in APDU - SW is first, then
the data if any
status_bytes, result = result[:2], result[2:]
- self.logfn(
- f"Received [{status_bytes.hex()}] {result.hex() if result else
result!r}"
- )
+ self.logfn(f"Received [{status_bytes.hex()}] (data: {len(result)}
bytes)")
if status_bytes[0] in [0x90, MORE_DATA_STATUS_BYTE]:
data_final += result
@@ -391,15 +383,15 @@
if log_multipacket:
self.logfn(
- f"Received final data: [{status_bytes.hex()}]
{data_final.hex() if data_final else data_final!r}"
+ f"Received final data: [{status_bytes.hex()}] (data:
{len(data_final)} bytes)"
)
if data_final:
try:
- self.logfn(
- f"Decoded received: {[e.data for e in
tlv8.decode(data_final)]}"
- )
+ tlv8.decode(data_final)
+ self.logfn("TLV-decoding of data successful")
except Exception:
+ self.logfn("TLV-decoding of data failed")
pass
return data_final
@@ -481,7 +473,7 @@
for e in resd:
# e: tlv8.Entry
res[e.type_id] = e.data
- self.logfn(f"{hex(e.type_id)} {hex(len(e.data))} {e.data.hex()}")
+ self.logfn(f"{hex(e.type_id)} {hex(len(e.data))}")
p = PasswordSafeEntry(
login=res.get(Tag.PwsLogin.value),
password=res.get(Tag.PwsPassword.value),
++++++ support-spsdk-2.0.patch ++++++
>From c6b206348cce17f439c4718ab784fd9be459293b Mon Sep 17 00:00:00 2001
From: Markus Meissner <co...@safemailbox.de>
Date: Tue, 30 Jan 2024 00:44:05 +0100
Subject: [PATCH] update spsdk to v2.0 and adapt; fixes #486
---
pynitrokey/nk3/bootloader/lpc55.py | 20 +++++++++++---------
pyproject.toml | 2 +-
2 files changed, 12 insertions(+), 10 deletions(-)
diff --git a/pynitrokey/nk3/bootloader/lpc55.py
b/pynitrokey/nk3/bootloader/lpc55.py
index 7429ca48..22d3c682 100644
--- a/pynitrokey/nk3/bootloader/lpc55.py
+++ b/pynitrokey/nk3/bootloader/lpc55.py
@@ -13,16 +13,18 @@
import sys
from typing import List, Optional, Tuple
-from spsdk.mboot import McuBoot, StatusCode
-from spsdk.mboot.interfaces.usb import RawHid
+from spsdk.mboot.error_codes import StatusCode
+from spsdk.mboot.interfaces.usb import MbootUSBInterface
+from spsdk.mboot.mcuboot import McuBoot
from spsdk.mboot.properties import PropertyTag
from spsdk.sbfile.sb2.images import BootImageV21
+from spsdk.utils.interfaces.device.usb_device import UsbDevice
from spsdk.utils.usbfilter import USBDeviceFilter
from ..utils import Uuid, Version
from . import FirmwareMetadata, Nitrokey3Bootloader, ProgressCallback, Variant
-RKHT =
bytes.fromhex("050aad3e77791a81e59c5b2ba5a158937e9460ee325d8ccba09734b8fdebb171")
+RKTH =
bytes.fromhex("050aad3e77791a81e59c5b2ba5a158937e9460ee325d8ccba09734b8fdebb171")
KEK = bytes([0xAA] * 32)
UUID_LEN = 4
FILENAME_PATTERN =
re.compile("(firmware|alpha)-nk3..-lpc55-(?P<version>.*)\\.sb2$")
@@ -33,7 +35,7 @@
class Nitrokey3BootloaderLpc55(Nitrokey3Bootloader):
"""A Nitrokey 3 device running the LPC55 bootloader."""
- def __init__(self, device: RawHid):
+ def __init__(self, device: UsbDevice):
from .. import PID_NITROKEY3_LPC55_BOOTLOADER, VID_NITROKEY
if (device.vid, device.pid) != (VID_NITROKEY,
PID_NITROKEY3_LPC55_BOOTLOADER):
@@ -43,7 +45,7 @@ def __init__(self, device: RawHid):
f"got {device.vid:x}:{device.pid:x}"
)
self._path = device.path
- self.device = McuBoot(device)
+ self.device = McuBoot(MbootUSBInterface(device))
def __enter__(self) -> "Nitrokey3BootloaderLpc55":
self.device.open()
@@ -122,7 +124,7 @@ def list() -> List["Nitrokey3BootloaderLpc55"]:
f"0x{VID_NITROKEY:x}:0x{PID_NITROKEY3_LPC55_BOOTLOADER:x}"
)
devices = []
- for device in RawHid.enumerate(device_filter):
+ for device in UsbDevice.enumerate(device_filter):
try:
devices.append(Nitrokey3BootloaderLpc55(device))
except ValueError:
@@ -134,7 +136,7 @@ def list() -> List["Nitrokey3BootloaderLpc55"]:
@staticmethod
def open(path: str) -> Optional["Nitrokey3BootloaderLpc55"]:
device_filter = USBDeviceFilter(path)
- devices = RawHid.enumerate(device_filter)
+ devices = UsbDevice.enumerate(device_filter)
if len(devices) == 0:
logger.warn(f"No HID device at {path}")
return None
@@ -156,9 +158,9 @@ def parse_firmware_image(data: bytes) -> FirmwareMetadata:
version = Version.from_bcd_version(image.header.product_version)
metadata = FirmwareMetadata(version=version)
if image.cert_block:
- if image.cert_block.rkht == RKHT:
+ if image.cert_block.rkth == RKTH:
metadata.signed_by = "Nitrokey"
metadata.signed_by_nitrokey = True
else:
- metadata.signed_by = f"unknown issuer (RKHT:
{image.cert_block.rkht.hex()})"
+ metadata.signed_by = f"unknown issuer (RKTH:
{image.cert_block.rkth.hex()})"
return metadata
diff --git a/pyproject.toml b/pyproject.toml
index 6400ca81..6a747606 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -31,7 +31,7 @@ dependencies = [
"python-dateutil ~= 2.7.0",
"pyusb",
"requests",
- "spsdk >=1.11.0,<1.12.0",
+ "spsdk >=2.0,<2.1",
"tqdm",
"tlv8",
"typing_extensions ~= 4.3.0",
