Date: Monday, November 16, 2020 @ 18:43:50 Author: diabonas Revision: 755511
Add package python-python-pkcs11 (new checkdepends of tpm2-pkcs11) Added: python-python-pkcs11/ python-python-pkcs11/repos/ python-python-pkcs11/trunk/ python-python-pkcs11/trunk/PKGBUILD python-python-pkcs11/trunk/python-pkcs11_mark-tests-as-xfail.patch -----------------------------------------+ PKGBUILD | 47 ++++++++++++++++ python-pkcs11_mark-tests-as-xfail.patch | 88 ++++++++++++++++++++++++++++++ 2 files changed, 135 insertions(+) Added: python-python-pkcs11/trunk/PKGBUILD =================================================================== --- python-python-pkcs11/trunk/PKGBUILD (rev 0) +++ python-python-pkcs11/trunk/PKGBUILD 2020-11-16 18:43:50 UTC (rev 755511) @@ -0,0 +1,47 @@ +# Maintainer: Jonas Witschel <[email protected]> +pkgname=python-python-pkcs11 +_name=${pkgname#python-} +pkgver=0.7.0 +pkgrel=2 +pkgdesc='PKCS#11/Cryptoki support for Python' +arch=('x86_64') +url='https://github.com/danni/python-pkcs11' +license=('MIT') +depends=('python' 'python-asn1crypto' 'python-cached-property') +makedepends=('cython' 'python-setuptools' 'python-setuptools-scm') +checkdepends=('python-cryptography' 'python-oscrypto' 'softhsm') +source=("https://files.pythonhosted.org/packages/source/${_name::1}/$_name/$_name-$pkgver.tar.gz"; + 'python-pkcs11_mark-tests-as-xfail.patch') +sha256sums=('9737e0c24cabb8bc9d48bf8c57c3df2a70f8cdd96b70c50290803286f9e46bf7' + '28a5ce996fe6cb455b55c98e8a46fcd0539dc0b3a70677a390f4dddbe1b55d65') + +prepare() { + cd "$_name-$pkgver" + + sed -n '/^Copyright/,$p' README.rst > LICENSE + + # test_sign_eddsa and test_self_sign_certificate always fail in our build environment + # (https://github.com/danni/python-pkcs11/issues/63#issuecomment-526812900) + patch --forward --strip=1 --input="$srcdir/python-pkcs11_mark-tests-as-xfail.patch" +} + +build() { + cd "$_name-$pkgver" + python setup.py build +} + +check() { + cd "$_name-$pkgver" + softhsm2-util --init-token --free --label TEST --pin 1234 --so-pin 5678 + export PKCS11_MODULE=/usr/lib/libsofthsm2.so + export PKCS11_TOKEN_LABEL=TEST + export PKCS11_TOKEN_PIN=1234 + export PKCS11_TOKEN_SO_PIN=5678 + python setup.py test +} + +package() { + cd "$_name-$pkgver" + python setup.py install --root="$pkgdir" --optimize=1 --skip-build + install -Dm644 LICENSE -t "$pkgdir/usr/share/licenses/$pkgname" +} Added: python-python-pkcs11/trunk/python-pkcs11_mark-tests-as-xfail.patch =================================================================== --- python-python-pkcs11/trunk/python-pkcs11_mark-tests-as-xfail.patch (rev 0) +++ python-python-pkcs11/trunk/python-pkcs11_mark-tests-as-xfail.patch 2020-11-16 18:43:50 UTC (rev 755511) @@ -0,0 +1,88 @@ +From 12e7408bdf77d2a5af3a93c175d7ebd364b9e22d Mon Sep 17 00:00:00 2001 +From: Jonas Witschel <[email protected]> +Date: Sat, 17 Oct 2020 17:16:37 +0200 +Subject: [PATCH] tests: mark test_sign_eddsa and test_self_sign_certificate as + xfail + +These two tests consistently fail with the following output: + +====================================================================== +ERROR: test_sign_eddsa (tests.test_ecc.ECCTests) +---------------------------------------------------------------------- +Traceback (most recent call last): + File "/build/python-pkcs11/src/python-pkcs11-0.7.0/tests/__init__.py", line 95, in wrapper + return func(self, *args, **kwargs) + File "/build/python-pkcs11/src/python-pkcs11-0.7.0/tests/test_ecc.py", line 158, in test_sign_eddsa + pub, priv = parameters.generate_keypair() + File "pkcs11/_pkcs11.pyx", line 855, in pkcs11._pkcs11.DomainParameters.generate_keypair + assertRV(_funclist.C_GenerateKeyPair(handle, mech_data, + File "pkcs11/_errors.pyx", line 88, in pkcs11._pkcs11.assertRV + raise ERROR_MAP.get(rv, +pkcs11.exceptions.GeneralError + +====================================================================== +FAIL: test_self_sign_certificate (tests.test_x509.X509Tests) +---------------------------------------------------------------------- +Traceback (most recent call last): + File "/build/python-pkcs11/src/python-pkcs11-0.7.0/tests/__init__.py", line 95, in wrapper + return func(self, *args, **kwargs) + File "/build/python-pkcs11/src/python-pkcs11-0.7.0/tests/test_x509.py", line 222, in test_self_sign_certificate + self.assertEqual(proc.wait(), 0) +AssertionError: 2 != 0 + +---------------------------------------------------------------------- + +According to +https://github.com/danni/python-pkcs11/issues/63#issuecomment-526812900 +these failures are due to the OpenSSL and PKCS11_MODULE configuration and +therefore not indicative of an issue with the Python module itself. +--- + tests/test_ecc.py | 3 +++ + tests/test_x509.py | 3 +++ + 2 files changed, 6 insertions(+) + +diff --git a/tests/test_ecc.py b/tests/test_ecc.py +index 30f685b..03ff592 100644 +--- a/tests/test_ecc.py ++++ b/tests/test_ecc.py +@@ -2,6 +2,8 @@ + PKCS#11 Elliptic Curve Cryptography. + """ + ++import unittest ++ + import base64 + + import pkcs11 +@@ -148,6 +150,7 @@ class ECCTests(TestCase): + mechanism=Mechanism.ECDSA)) + + @requires(Mechanism.EC_EDWARDS_KEY_PAIR_GEN, Mechanism.EDDSA) ++ @unittest.expectedFailure + def test_sign_eddsa(self): + parameters = self.session.create_domain_parameters(KeyType.EC, { + # use "Ed25519" once https://github.com/wbond/asn1crypto/pull/134 +diff --git a/tests/test_x509.py b/tests/test_x509.py +index 796ae45..6f9c1da 100644 +--- a/tests/test_x509.py ++++ b/tests/test_x509.py +@@ -2,6 +2,8 @@ + X.509 Certificate Tests + """ + ++import unittest ++ + import base64 + import subprocess + import datetime +@@ -165,6 +167,7 @@ class X509Tests(TestCase): + + @Only.openssl + @requires(Mechanism.RSA_PKCS_KEY_PAIR_GEN, Mechanism.SHA1_RSA_PKCS) ++ @unittest.expectedFailure + def test_self_sign_certificate(self): + # Warning: proof of concept code only! + pub, priv = self.session.generate_keypair(KeyType.RSA, 1024) +-- +2.28.0 +
