diff options
author | riastradh <riastradh@pkgsrc.org> | 2020-08-17 07:01:33 +0000 |
---|---|---|
committer | riastradh <riastradh@pkgsrc.org> | 2020-08-17 07:01:33 +0000 |
commit | 664e308049137d43aebe8318a46a5c07104e522a (patch) | |
tree | 22f85bd2aad62a25bfa14c72bdba04b2a5d5a0e2 | |
parent | 038fc6438794857b0fa49c85439ab8ae49008a28 (diff) | |
download | pkgsrc-664e308049137d43aebe8318a46a5c07104e522a.tar.gz |
Import Yubico python-fido2-0.8.1 as security/py-fido2
Python library for FIDO2 authenticator token access.
-rw-r--r-- | security/Makefile | 3 | ||||
-rw-r--r-- | security/py-fido2/DESCR | 7 | ||||
-rw-r--r-- | security/py-fido2/Makefile | 19 | ||||
-rw-r--r-- | security/py-fido2/PLIST | 85 | ||||
-rw-r--r-- | security/py-fido2/distinfo | 8 | ||||
-rw-r--r-- | security/py-fido2/patches/patch-fido2___pyu2f_____init____.py | 16 | ||||
-rw-r--r-- | security/py-fido2/patches/patch-fido2___pyu2f_netbsd.py | 121 |
7 files changed, 258 insertions, 1 deletions
diff --git a/security/Makefile b/security/Makefile index 5f5854c6804..7093f2feaaf 100644 --- a/security/Makefile +++ b/security/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.774 2020/07/17 06:10:34 wiz Exp $ +# $NetBSD: Makefile,v 1.775 2020/08/17 07:01:33 riastradh Exp $ # COMMENT= Security tools @@ -454,6 +454,7 @@ SUBDIR+= py-cybox SUBDIR+= py-denyhosts SUBDIR+= py-ecdsa SUBDIR+= py-ezPyCrypto +SUBDIR+= py-fido2 SUBDIR+= py-gnupg SUBDIR+= py-google-auth SUBDIR+= py-google-auth-httplib2 diff --git a/security/py-fido2/DESCR b/security/py-fido2/DESCR new file mode 100644 index 00000000000..c9443825505 --- /dev/null +++ b/security/py-fido2/DESCR @@ -0,0 +1,7 @@ +This library aims to support the FIDO U2F and FIDO 2.0 protocols for +communicating with a USB authenticator via the Client-to-Authenticator +Protocol (CTAP 1 and 2). In addition to this low-level device access, +classes defined in the fido2.client and fido2.server modules implement +higher level operations which are useful when interfacing with an +Authenticator, or when implementing WebAuthn support for a Relying +Party. diff --git a/security/py-fido2/Makefile b/security/py-fido2/Makefile new file mode 100644 index 00000000000..19991b99259 --- /dev/null +++ b/security/py-fido2/Makefile @@ -0,0 +1,19 @@ +# $NetBSD: Makefile,v 1.1 2020/08/17 07:01:33 riastradh Exp $ + +DISTNAME= fido2-0.8.1 +PKGNAME= ${PYPKGPREFIX}-${DISTNAME} +CATEGORIES= security +MASTER_SITES= ${MASTER_SITE_GITHUB:=Yubico/} +GITHUB_PROJECT= python-fido2 +GITHUB_TAG= ${PKGVERSION_NOREV} + +MAINTAINER= pkgsrc-users@NetBSD.org +HOMEPAGE= https://developers.yubico.com/python-fido2/ +COMMENT= Yubico FIDO U2F and FIDO 2.0 USB Python library +LICENSE= 2-clause-bsd AND apache-2.0 AND mpl-2.0 + +DEPENDS+= ${PYPKGPREFIX}-cryptography>=1.5:../../security/py-cryptography +DEPENDS+= ${PYPKGPREFIX}-six>=0:../../lang/py-six + +.include "../../lang/python/egg.mk" +.include "../../mk/bsd.pkg.mk" diff --git a/security/py-fido2/PLIST b/security/py-fido2/PLIST new file mode 100644 index 00000000000..5c97b45b52f --- /dev/null +++ b/security/py-fido2/PLIST @@ -0,0 +1,85 @@ +@comment $NetBSD: PLIST,v 1.1 2020/08/17 07:01:33 riastradh Exp $ +${PYSITELIB}/${EGG_INFODIR}/PKG-INFO +${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt +${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt +${PYSITELIB}/${EGG_INFODIR}/requires.txt +${PYSITELIB}/${EGG_INFODIR}/top_level.txt +${PYSITELIB}/fido2/__init__.py +${PYSITELIB}/fido2/__init__.pyc +${PYSITELIB}/fido2/__init__.pyo +${PYSITELIB}/fido2/_pyu2f/__init__.py +${PYSITELIB}/fido2/_pyu2f/__init__.pyc +${PYSITELIB}/fido2/_pyu2f/__init__.pyo +${PYSITELIB}/fido2/_pyu2f/base.py +${PYSITELIB}/fido2/_pyu2f/base.pyc +${PYSITELIB}/fido2/_pyu2f/base.pyo +${PYSITELIB}/fido2/_pyu2f/freebsd.py +${PYSITELIB}/fido2/_pyu2f/freebsd.pyc +${PYSITELIB}/fido2/_pyu2f/freebsd.pyo +${PYSITELIB}/fido2/_pyu2f/hidtransport.py +${PYSITELIB}/fido2/_pyu2f/hidtransport.pyc +${PYSITELIB}/fido2/_pyu2f/hidtransport.pyo +${PYSITELIB}/fido2/_pyu2f/linux.py +${PYSITELIB}/fido2/_pyu2f/linux.pyc +${PYSITELIB}/fido2/_pyu2f/linux.pyo +${PYSITELIB}/fido2/_pyu2f/macos.py +${PYSITELIB}/fido2/_pyu2f/macos.pyc +${PYSITELIB}/fido2/_pyu2f/macos.pyo +${PYSITELIB}/fido2/_pyu2f/netbsd.py +${PYSITELIB}/fido2/_pyu2f/netbsd.pyc +${PYSITELIB}/fido2/_pyu2f/netbsd.pyo +${PYSITELIB}/fido2/_pyu2f/windows.py +${PYSITELIB}/fido2/_pyu2f/windows.pyc +${PYSITELIB}/fido2/_pyu2f/windows.pyo +${PYSITELIB}/fido2/_tpm.py +${PYSITELIB}/fido2/_tpm.pyc +${PYSITELIB}/fido2/_tpm.pyo +${PYSITELIB}/fido2/attestation.py +${PYSITELIB}/fido2/attestation.pyc +${PYSITELIB}/fido2/attestation.pyo +${PYSITELIB}/fido2/cbor.py +${PYSITELIB}/fido2/cbor.pyc +${PYSITELIB}/fido2/cbor.pyo +${PYSITELIB}/fido2/client.py +${PYSITELIB}/fido2/client.pyc +${PYSITELIB}/fido2/client.pyo +${PYSITELIB}/fido2/cose.py +${PYSITELIB}/fido2/cose.pyc +${PYSITELIB}/fido2/cose.pyo +${PYSITELIB}/fido2/ctap.py +${PYSITELIB}/fido2/ctap.pyc +${PYSITELIB}/fido2/ctap.pyo +${PYSITELIB}/fido2/ctap1.py +${PYSITELIB}/fido2/ctap1.pyc +${PYSITELIB}/fido2/ctap1.pyo +${PYSITELIB}/fido2/ctap2.py +${PYSITELIB}/fido2/ctap2.pyc +${PYSITELIB}/fido2/ctap2.pyo +${PYSITELIB}/fido2/extensions.py +${PYSITELIB}/fido2/extensions.pyc +${PYSITELIB}/fido2/extensions.pyo +${PYSITELIB}/fido2/hid.py +${PYSITELIB}/fido2/hid.pyc +${PYSITELIB}/fido2/hid.pyo +${PYSITELIB}/fido2/nfc.py +${PYSITELIB}/fido2/nfc.pyc +${PYSITELIB}/fido2/nfc.pyo +${PYSITELIB}/fido2/pcsc.py +${PYSITELIB}/fido2/pcsc.pyc +${PYSITELIB}/fido2/pcsc.pyo +${PYSITELIB}/fido2/public_suffix_list.dat +${PYSITELIB}/fido2/rpid.py +${PYSITELIB}/fido2/rpid.pyc +${PYSITELIB}/fido2/rpid.pyo +${PYSITELIB}/fido2/server.py +${PYSITELIB}/fido2/server.pyc +${PYSITELIB}/fido2/server.pyo +${PYSITELIB}/fido2/utils.py +${PYSITELIB}/fido2/utils.pyc +${PYSITELIB}/fido2/utils.pyo +${PYSITELIB}/fido2/webauthn.py +${PYSITELIB}/fido2/webauthn.pyc +${PYSITELIB}/fido2/webauthn.pyo +${PYSITELIB}/fido2/win_api.py +${PYSITELIB}/fido2/win_api.pyc +${PYSITELIB}/fido2/win_api.pyo diff --git a/security/py-fido2/distinfo b/security/py-fido2/distinfo new file mode 100644 index 00000000000..2f2df53a0f6 --- /dev/null +++ b/security/py-fido2/distinfo @@ -0,0 +1,8 @@ +$NetBSD: distinfo,v 1.1 2020/08/17 07:01:33 riastradh Exp $ + +SHA1 (fido2-0.8.1.tar.gz) = a0987a49e9d2e5daedcd2f3278b5763cd09eeaf3 +RMD160 (fido2-0.8.1.tar.gz) = 0d7e1ed6269364eea4749bdb3fdce395bd03d724 +SHA512 (fido2-0.8.1.tar.gz) = 510c4fa11ff4f431d88171156fbbaf4326c7b7a24586eb1c566e075bb673adf542d07c7b1e2163fb3972d59799ca7d4ddc22f3e79a8f05e2ea1f8bcfe63cc5bc +Size (fido2-0.8.1.tar.gz) = 208300 bytes +SHA1 (patch-fido2___pyu2f_____init____.py) = 1a42c219a20a1b98f78c9ca73d419f782d77ff8a +SHA1 (patch-fido2___pyu2f_netbsd.py) = c336a941a0c03d18685919d1fa26d902b5982298 diff --git a/security/py-fido2/patches/patch-fido2___pyu2f_____init____.py b/security/py-fido2/patches/patch-fido2___pyu2f_____init____.py new file mode 100644 index 00000000000..6234a4b5ac4 --- /dev/null +++ b/security/py-fido2/patches/patch-fido2___pyu2f_____init____.py @@ -0,0 +1,16 @@ +$NetBSD: patch-fido2___pyu2f_____init____.py,v 1.1 2020/08/17 07:01:34 riastradh Exp $ + +Add NetBSD support. + +--- fido2/_pyu2f/__init__.py.orig 2020-08-17 04:00:49.612333166 +0000 ++++ fido2/_pyu2f/__init__.py +@@ -50,6 +50,9 @@ def InternalPlatformSwitch(funcname, *ar + elif sys.platform.startswith('freebsd'): + from . import freebsd + clz = freebsd.FreeBSDHidDevice ++ elif sys.platform.startswith('netbsd'): ++ from . import netbsd ++ clz = netbsd.NetBSDHidDevice + + if not clz: + raise Exception('Unsupported platform: ' + sys.platform) diff --git a/security/py-fido2/patches/patch-fido2___pyu2f_netbsd.py b/security/py-fido2/patches/patch-fido2___pyu2f_netbsd.py new file mode 100644 index 00000000000..44c873ac093 --- /dev/null +++ b/security/py-fido2/patches/patch-fido2___pyu2f_netbsd.py @@ -0,0 +1,121 @@ +$NetBSD: patch-fido2___pyu2f_netbsd.py,v 1.1 2020/08/17 07:01:34 riastradh Exp $ + +Add NetBSD support. + +--- fido2/_pyu2f/netbsd.py.orig 2020-08-17 06:25:22.347087325 +0000 ++++ fido2/_pyu2f/netbsd.py +@@ -0,0 +1,114 @@ ++# Copyright 2016 Google Inc. All Rights Reserved. ++# ++# Licensed under the Apache License, Version 2.0 (the "License"); ++# you may not use this file except in compliance with the License. ++# You may obtain a copy of the License at ++# ++# http://www.apache.org/licenses/LICENSE-2.0 ++# ++# Unless required by applicable law or agreed to in writing, software ++# distributed under the License is distributed on an "AS IS" BASIS, ++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++# See the License for the specific language governing permissions and ++# limitations under the License. ++ ++"""Implements raw HID interface on NetBSD.""" ++ ++from __future__ import absolute_import ++ ++import errno ++import os ++import select ++import struct ++import sys ++ ++from fcntl import ioctl ++ ++from . import base ++from . import linux ++ ++ ++# struct usb_ctl_report_desc { ++# int ucrd_size; ++# unsigned char ucrd_data[1024]; ++# }; ++ ++SIZEOF_USB_CTL_REPORT_DESC = 4 + 1024 ++USB_GET_REPORT_DESC = 0x44045515 # _IOR('U', 21, struct usb_ctl_report_desc) ++ ++SIZEOF_USB_DEVICE_INFO = 1268 ++USB_DEVICE_INFO_PRODUCT = 1168 ++USB_DEVICE_INFO_VENDOR = 1170 ++USB_GET_DEVICE_INFO = 0x44f45570 # _IOR('U', 112, struct usb_device_info) ++ ++USB_HID_SET_RAW = 0x80046802 # _IOW('h', 2, int) ++ ++ ++FIDO_USAGE_PAGE = 0xf1d0 ++FIDO_USAGE_U2FHID = 0x01 ++ ++ ++class NetBSDHidDevice(linux.LinuxHidDevice): ++ """Implementation of HID device for NetBSD. ++ """ ++ ++ @classmethod ++ def _setup(cls, fd, path): ++ devinfo = bytearray([0] * SIZEOF_USB_DEVICE_INFO) ++ ioctl(fd, USB_GET_DEVICE_INFO, devinfo, True) ++ vendor = devinfo[USB_DEVICE_INFO_VENDOR:USB_DEVICE_INFO_VENDOR + 2] ++ product = devinfo[USB_DEVICE_INFO_PRODUCT:USB_DEVICE_INFO_PRODUCT + 2] ++ descbuf = bytearray([0] * SIZEOF_USB_CTL_REPORT_DESC) ++ ioctl(fd, USB_GET_REPORT_DESC, descbuf, True) ++ descsize = struct.unpack('@i', descbuf[0:4])[0] ++ descdata = descbuf[4:4 + descsize] ++ desc = base.DeviceDescriptor() ++ desc.path = path ++ desc.vendor_id = struct.unpack('@H', vendor)[0] ++ desc.product_id = struct.unpack('@H', product)[0] ++ linux.ParseReportDescriptor(descdata, desc) ++ if desc.usage_page != FIDO_USAGE_PAGE: ++ raise Exception('usage page != fido') ++ if desc.usage != FIDO_USAGE_U2FHID: ++ raise Exception('fido usage != u2fhid') ++ ioctl(fd, USB_HID_SET_RAW, struct.pack('@i', 1)) ++ ping = bytearray([0] * 64) ++ ping[0:7] = bytearray([0xff,0xff,0xff,0xff,0x81,0,1]) ++ for i in range(10): ++ os.write(fd, ping) ++ poll = select.poll() ++ poll.register(fd, select.POLLIN) ++ if poll.poll(100): ++ os.read(fd, 64 + 1) ++ break ++ else: ++ raise Exception('u2f ping timeout') ++ return desc ++ ++ @classmethod ++ def Enumerate(cls): ++ for i in range(100): ++ path = '/dev/uhid{}'.format(i) ++ fd = None ++ try: ++ fd = os.open(path, os.O_RDWR|os.O_CLOEXEC) ++ desc = cls._setup(fd, path) ++ except OSError as e: ++ if e.errno == errno.ENOENT: ++ break ++ continue ++ finally: ++ if fd is not None: ++ os.close(fd) ++ yield desc.ToPublicDict() ++ ++ def __init__(self, path): ++ base.HidDevice.__init__(self, path) ++ self.dev = os.open(path, os.O_RDWR) ++ self.desc = self._setup(self.dev, path) ++ ++ def __del__(self): ++ os.close(self.dev) ++ ++ def Write(self, packet): ++ os.write(self.dev, bytearray(packet)) |