diff --git a/.cjose.metadata b/.cjose.metadata new file mode 100644 index 0000000..8a1ae75 --- /dev/null +++ b/.cjose.metadata @@ -0,0 +1 @@ +0dd6efca729f1190f66855523c3920c3f7ddd482 SOURCES/cjose-0.6.1.tar.gz diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8b3f913 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/cjose-0.6.1.tar.gz diff --git a/SOURCES/concatkdf.patch b/SOURCES/concatkdf.patch new file mode 100644 index 0000000..abeccaf --- /dev/null +++ b/SOURCES/concatkdf.patch @@ -0,0 +1,74 @@ +commit 0238eb8f3612515f4374381b593dd79116169330 +Author: John Dennis +Date: Thu Aug 2 16:21:33 2018 -0400 + + fix concatkdf failures on big endian architectures + + Several of the elements used to compute the digest in ECDH-ES key + agreement computation are represented in binary form as a 32-bit + integer length followed by that number of octets. the length + field. The 32-bit length integer is represented in big endian + format (the 8 most significant bits are in the first octet.). + + The conversion to a 4 byte big endian integer was being computed + in a manner that only worked on little endian architectures. The + function htonl() returns a 32-bit integer whose octet sequence given + the address of the integer is big endian. There is no need for any + further manipulation. + + The existing code used bit shifting on a 32-bit value. In C bit + shifting is endian agnostic for multi-octet values, a right shift + moves most significant bits toward least significant bits. The result + of a bit shift of a multi-octet value on either big or little + archictures will always be the same provided you "view" it as the same + data type (e.g. 32-bit integer). But indexing the octets of that + mulit-octet value will be different depending on endianness, hence the + assembled octets differed depending on endianness. + + Issue: #77 + Signed-off-by: John Dennis + +diff --git a/src/concatkdf.c b/src/concatkdf.c +index ec064ab..59b845a 100644 +--- a/src/concatkdf.c ++++ b/src/concatkdf.c +@@ -29,15 +29,9 @@ + //////////////////////////////////////////////////////////////////////////////// + static uint8_t *_apply_uint32(const uint32_t value, uint8_t *buffer) + { +- const uint32_t formatted = htonl(value); +- const uint8_t data[4] = { +- (formatted >> 0) & 0xff, +- (formatted >> 8) & 0xff, +- (formatted >> 16) & 0xff, +- (formatted >> 24) & 0xff +- }; +- memcpy(buffer, data, 4); ++ const uint32_t big_endian_int32 = htonl(value); + ++ memcpy(buffer, &big_endian_int32, 4); + return buffer + 4; + } + +diff --git a/test/check_concatkdf.c b/test/check_concatkdf.c +index e4325fc..41d0f1c 100644 +--- a/test/check_concatkdf.c ++++ b/test/check_concatkdf.c +@@ -60,14 +60,9 @@ _create_otherinfo_header_finish: + + static bool _cmp_uint32(uint8_t **actual, uint32_t expected) + { +- uint32_t value = htonl(expected); +- uint8_t expectedData[] = { +- (value >> 0) & 0xff, +- (value >> 8) & 0xff, +- (value >> 16) & 0xff, +- (value >> 24) & 0xff +- }; +- bool result = (0 == memcmp(*actual, expectedData, 4)); ++ uint32_t big_endian_int32 = htonl(expected); ++ ++ bool result = (0 == memcmp(*actual, &big_endian_int32, 4)); + (*actual) += 4; + return result; + } diff --git a/SPECS/cjose.spec b/SPECS/cjose.spec new file mode 100644 index 0000000..876dad7 --- /dev/null +++ b/SPECS/cjose.spec @@ -0,0 +1,81 @@ +Name: cjose +Version: 0.6.1 +Release: 2%{?dist} +Summary: C library implementing the Javascript Object Signing and Encryption (JOSE) + +License: MIT +URL: https://github.com/cisco/cjose +Source0: https://github.com/cisco/%{name}/archive/%{version}/%{name}-%{version}.tar.gz + +Patch1: concatkdf.patch + +BuildRequires: gcc +BuildRequires: doxygen +BuildRequires: openssl-devel +BuildRequires: jansson-devel +BuildRequires: check-devel + +%description +Implementation of JOSE for C/C++ + + +%package devel +Summary: Development files for %{name} +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +The %{name}-devel package contains libraries and header files for +developing applications that use %{name}. + + +%prep +%autosetup -n %{name}-%{version} -p1 + +%build +%configure +%make_build + + +%install +%make_install +find %{buildroot} -name '*.a' -exec rm -f {} ';' +find %{buildroot} -name '*.la' -exec rm -f {} ';' + + +%post -p /sbin/ldconfig + +%postun -p /sbin/ldconfig + + +%check +make check || (cat test/test-suite.log; exit 1) + +%files +%license LICENSE +%doc CHANGELOG.md README.md +%doc /usr/share/doc/cjose +%{_libdir}/*.so.* + + +%files devel +%{_includedir}/* +%{_libdir}/*.so +%{_libdir}/pkgconfig/cjose.pc + + +%changelog +* Thu Aug 2 2018 - 0.6.1-2 +- fix concatkdf big endian architecture problem. + Upstream issue #77. + +* Wed Aug 1 2018 - 0.6.1-1 +- upgrade to latest upstream 0.6.1 + +* Thu Jul 12 2018 Fedora Release Engineering - 0.5.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Feb 07 2018 Fedora Release Engineering - 0.5.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Fri Jan 26 2018 Patrick Uiterwijk - 0.5.1-1 +- Initial packaging