Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-pynitrokey for
openSUSE:Factory checked in at 2025-11-19 14:54:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-pynitrokey (Old)
and /work/SRC/openSUSE:Factory/.python-pynitrokey.new.2061 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-pynitrokey"
Wed Nov 19 14:54:36 2025 rev:22 rq:1318461 version:0.11.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-pynitrokey/python-pynitrokey.changes
2025-10-21 11:17:57.486670467 +0200
+++
/work/SRC/openSUSE:Factory/.python-pynitrokey.new.2061/python-pynitrokey.changes
2025-11-19 14:57:37.561501724 +0100
@@ -1,0 +2,13 @@
+Tue Nov 18 14:17:08 UTC 2025 - Johannes Kastl
<[email protected]>
+
+- update to 0.11.2:
+ * Allow cffi v2 dependency by @robin-nitrokey in #695
+ * Allow cryptography v46 by @robin-nitrokey in #697
+ * PIV: Fix 9C key generation by @sosthene-nitrokey in #702
+ * Update pyscard in lock file by @mmerklinger in #704
+ * Add support for unauthenticated NetHSM shutdown by @mmerklinger
+ in #703
+- remove patches allow_cffi_v2_dependency.patch and
+ allow_cryptography_v46.patch
+
+-------------------------------------------------------------------
Old:
----
allow_cffi_v2_dependency.patch
allow_cryptography_v46.patch
pynitrokey-0.11.1.tar.gz
New:
----
pynitrokey-0.11.2.tar.gz
----------(Old B)----------
Old: in #703
- remove patches allow_cffi_v2_dependency.patch and
allow_cryptography_v46.patch
Old:- remove patches allow_cffi_v2_dependency.patch and
allow_cryptography_v46.patch
----------(Old E)----------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-pynitrokey.spec ++++++
--- /var/tmp/diff_new_pack.U0Qw7S/_old 2025-11-19 14:57:40.785638207 +0100
+++ /var/tmp/diff_new_pack.U0Qw7S/_new 2025-11-19 14:57:40.789638377 +0100
@@ -18,7 +18,7 @@
%{?sle15_python_module_pythons}
Name: python-pynitrokey
-Version: 0.11.1
+Version: 0.11.2
Release: 0
Summary: Python Library for Nitrokey devices
License: Apache-2.0 OR MIT
@@ -26,12 +26,6 @@
Source:
https://files.pythonhosted.org/packages/source/p/pynitrokey/pynitrokey-%{version}.tar.gz
Source1: LICENSE-MIT
Source2: LICENSE-APACHE
-# https://github.com/Nitrokey/pynitrokey/issues/694
-# removed the patch content for poetry.lock
-Patch1: allow_cffi_v2_dependency.patch
-# https://github.com/Nitrokey/pynitrokey/issues/696
-# removed the patch content for poetry.lock
-Patch2: allow_cryptography_v46.patch
BuildRequires: %{python_module pip}
BuildRequires: %{python_module poetry-core}
BuildRequires: fdupes
@@ -44,7 +38,7 @@
# https://github.com/Nitrokey/pynitrokey/issues/601
BuildRequires: %{python_module hidapi >= 0.14.0.post1 with %python-hidapi <
0.14.0.post4}
BuildRequires: %{python_module libusb1 >= 3 with %python-libusb1 < 4}
-BuildRequires: %{python_module nethsm >= 2 with %python-nethsm < 3}
+BuildRequires: %{python_module nethsm >= 2.0.1 with %python-nethsm < 3}
BuildRequires: %{python_module nitrokey >= 0.4.0 with %python-nitrokey < 0.5}
BuildRequires: %{python_module nkdfu >= 0.2 with %python-nkdfu < 0.3}
BuildRequires: %{python_module pyusb >= 1.2 with %python-pyusb < 2}
@@ -63,7 +57,7 @@
Requires: (python-fido2 >= 2 with python-fido2 < 3)
Requires: (python-hidapi >= 0.14.0.post1 with python-hidapi <
0.14.0.post4)
Requires: (python-libusb1 >= 3 with python-libusb1 < 4)
-Requires: (python-nethsm >= 2 with python-nethsm < 3)
+Requires: (python-nethsm >= 2.0.1 with python-nethsm < 3)
Requires: (python-nitrokey >= 0.4.0 with python-nitrokey < 0.5)
Requires: (python-nkdfu >= 0.2 with python-nkdfu < 0.3)
Requires: (python-pyusb >= 1.2 with python-pyusb < 2)
++++++ pynitrokey-0.11.1.tar.gz -> pynitrokey-0.11.2.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pynitrokey-0.11.1/PKG-INFO
new/pynitrokey-0.11.2/PKG-INFO
--- old/pynitrokey-0.11.1/PKG-INFO 1970-01-01 01:00:00.000000000 +0100
+++ new/pynitrokey-0.11.2/PKG-INFO 1970-01-01 01:00:00.000000000 +0100
@@ -1,6 +1,6 @@
Metadata-Version: 2.4
Name: pynitrokey
-Version: 0.11.1
+Version: 0.11.2
Summary: Python client for Nitrokey devices
License: Apache-2.0 OR MIT
License-File: LICENSES/Apache-2.0.txt
@@ -19,15 +19,15 @@
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Provides-Extra: pcsc
-Requires-Dist: cffi (>=1.15,<2)
+Requires-Dist: cffi (>=1.15,<3)
Requires-Dist: click (>=8.2,<9)
-Requires-Dist: cryptography (>=43,<46)
+Requires-Dist: cryptography (>=43,<47)
Requires-Dist: fido2 (>=2,<3)
Requires-Dist: hidapi (>=0.14,<0.15)
Requires-Dist: hidapi (>=0.14.0.post1,<0.14.0.post4) ; sys_platform == "linux"
Requires-Dist: intelhex (>=2.3,<3)
Requires-Dist: libusb1 (>=3,<4)
-Requires-Dist: nethsm (>=2,<3)
+Requires-Dist: nethsm (>=2.0.1,<3)
Requires-Dist: nitrokey (>=0.4,<0.5)
Requires-Dist: nkdfu (>=0.2,<0.3)
Requires-Dist: pyscard (>=2,<3) ; extra == "pcsc"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pynitrokey-0.11.1/pynitrokey/cli/nethsm.py
new/pynitrokey-0.11.2/pynitrokey/cli/nethsm.py
--- old/pynitrokey-0.11.1/pynitrokey/cli/nethsm.py 1970-01-01
01:00:00.000000000 +0100
+++ new/pynitrokey-0.11.2/pynitrokey/cli/nethsm.py 1970-01-01
01:00:00.000000000 +0100
@@ -1667,7 +1667,13 @@
This command requires authentication as a user with the Administrator
role."""
- with connect(ctx) as nethsm:
+ require_auth = False
+ with connect(ctx, require_auth=require_auth) as nethsm:
+ state = nethsm.get_state()
+ if state == State.OPERATIONAL:
+ require_auth = True
+
+ with connect(ctx, require_auth=require_auth) as nethsm:
print(f"NetHSM {nethsm.host} will be shutdown.")
shutdown = force or click.confirm("Do you want to continue?")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pynitrokey-0.11.1/pynitrokey/cli/nk3/piv.py
new/pynitrokey-0.11.2/pynitrokey/cli/nk3/piv.py
--- old/pynitrokey-0.11.1/pynitrokey/cli/nk3/piv.py 1970-01-01
01:00:00.000000000 +0100
+++ new/pynitrokey-0.11.2/pynitrokey/cli/nk3/piv.py 1970-01-01
01:00:00.000000000 +0100
@@ -598,16 +598,25 @@
csr_builder = csr_builder.add_extension(crypto_sujbect_alt_name,
False)
if algo == "nistp256":
+ # 9C PIN requires login to be the operation just before
+ if key_ref == 0x9C:
+ device.login(pin)
csr = csr_builder.sign(
P256PivSigner(device, key_ref, public_key_ecc), hashes.SHA256()
)
+ if key_ref == 0x9C:
+ device.login(pin)
certificate = certificate_builder.public_key(public_key_ecc).sign(
P256PivSigner(device, key_ref, public_key_ecc), hashes.SHA256()
)
elif algo == "rsa2048":
+ if key_ref == 0x9C:
+ device.login(pin)
csr = csr_builder.sign(
RsaPivSigner(device, key_ref, public_key_rsa), hashes.SHA256()
)
+ if key_ref == 0x9C:
+ device.login(pin)
certificate = certificate_builder.public_key(public_key_rsa).sign(
RsaPivSigner(device, key_ref, public_key_rsa), hashes.SHA256()
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pynitrokey-0.11.1/pyproject.toml
new/pynitrokey-0.11.2/pyproject.toml
--- old/pynitrokey-0.11.1/pyproject.toml 1970-01-01 01:00:00.000000000
+0100
+++ new/pynitrokey-0.11.2/pyproject.toml 1970-01-01 01:00:00.000000000
+0100
@@ -8,7 +8,7 @@
[project]
name = "pynitrokey"
-version = "0.11.1"
+version = "0.11.2"
description = "Python client for Nitrokey devices"
license = { text = "Apache-2.0 OR MIT" }
authors = [
@@ -18,9 +18,9 @@
requires-python = ">=3.10"
dynamic = ["classifiers"]
dependencies = [
- "cffi >=1.15, <2",
+ "cffi >=1.15, <3",
"click >=8.2, <9",
- "cryptography >=43, <46",
+ "cryptography >=43, <47",
"fido2 >=2, <3",
"hidapi >=0.14, <0.15",
# Limit hidapi on Linux to versions using the hidraw backend, see
@@ -28,7 +28,7 @@
"hidapi >=0.14.0.post1, <0.14.0.post4 ; sys_platform == 'linux'",
"intelhex >=2.3, <3",
"libusb1 >=3, <4",
- "nethsm >=2, <3",
+ "nethsm >=2.0.1, <3",
"nitrokey >=0.4, <0.5",
"nkdfu >=0.2, <0.3",
"pyusb >=1.2, <2",
@@ -93,7 +93,7 @@
ipython = "*"
isort = "*"
mypy = ">=1.4, <1.5"
-types-cffi = ">=1.15, <2"
+types-cffi = ">=1.15, <3"
types-requests = ">=2.16, <3"
types-tqdm = ">=4.64, <5"
pytest = ">=8, <9"
