fix(python): make cryptography a required dependency

fixes #4493
2025-02-19 02:52:11 +00:00 · 2025-02-12 13:05:14 +01:00 · 2025-02-12 13:05:14 +01:00 · f1c33e2f06
commit f1c33e2f06
parent 45394f2b26
5 changed files with 5 additions and 31 deletions
--- a/python/requirements-optional.txt
+++ b/python/requirements-optional.txt
@ -2,4 +2,3 @@ hidapi>=0.7.99.post20
 web3>=5
 Pillow>=10
 stellar-sdk>=6
-cryptography>=41
--- a/python/requirements.txt
+++ b/python/requirements.txt
@ -8,3 +8,4 @@ libusb1>=1.6.4
 construct>=2.9,!=2.10.55
 typing_extensions>=4.7.1
 construct-classes>=0.1.2
+cryptography>=41
--- a/python/setup.py
+++ b/python/setup.py
@ -31,7 +31,6 @@ extras_require = {
    "qt-widgets": ["PyQt5"],
    "extra": ["Pillow>=10"],
    "stellar": ["stellar-sdk>=6"],
-    "authentication": ["cryptography>=41"],
 }

 extras_require["full"] = sum(extras_require.values(), [])
--- a/python/src/trezorlib/authentication.py
+++ b/python/src/trezorlib/authentication.py
@ -4,26 +4,14 @@ import io
 import logging
 import secrets
 import typing as t
-from importlib import metadata
-
-from . import device
-from .client import TrezorClient
-
-try:
-    cryptography_version = metadata.version("cryptography")
-    vsplit = [int(x) for x in cryptography_version.split(".")]
-    if vsplit[0] < 41:
-        raise ImportError(
-            "cryptography>=41 is required for this module, "
-            f"found cryptography=={cryptography_version}"
-        )
-except ImportError as e:
-    raise ImportError("cryptography>=41 is required for this module") from e

 from cryptography import exceptions, x509
 from cryptography.hazmat.primitives import hashes, serialization
 from cryptography.hazmat.primitives.asymmetric import ec, utils

+from . import device
+from .client import TrezorClient
+
 LOG = logging.getLogger(__name__)


--- a/python/src/trezorlib/cli/device.py
+++ b/python/src/trezorlib/cli/device.py
@ -23,7 +23,7 @@ import typing as t
 import click
 import requests

-from .. import debuglink, device, exceptions, messages, ui
+from .. import authentication, debuglink, device, exceptions, messages, ui
 from ..tools import format_path
 from . import ChoiceType, with_client

@ -393,10 +393,6 @@ def authenticate(
    authenticity. By default, it will also check the public keys against a whitelist
    downloaded from Trezor servers. You can skip this check with the --skip-whitelist
    option.
-
-    \b
-    When not using --raw, 'cryptography' library is required. You can install it via:
-      pip3 install trezor[authentication]
    """
    if hex_challenge is None:
        hex_challenge = secrets.token_hex(32)
@ -413,15 +409,6 @@ def authenticate(
            click.echo(f"CA certificate: {cert.hex()}")
        return

-    try:
-        from .. import authentication
-    except ImportError as e:
-        click.echo("Failed to import the authentication module.")
-        click.echo(f"Error: {e}")
-        click.echo("Make sure you have the required dependencies:")
-        click.echo("  pip3 install trezor[authentication]")
-        sys.exit(4)
-
    if root is not None:
        root_bytes = root.read()
    else: