import cjose-0.6.1-12.el9

.cjose.metadata

@@ -0,0 +1 @@
+0dd6efca729f1190f66855523c3920c3f7ddd482 SOURCES/cjose-0.6.1.tar.gz

.gitignore

@@ -0,0 +1 @@
+SOURCES/cjose-0.6.1.tar.gz

SOURCES/0001-Define-OPENSSL_API_COMPAT-to-0x10101000L.patch

@@ -0,0 +1,53 @@
+From b339a18aa06c78d64ac33d891d400eac7b86fff3 Mon Sep 17 00:00:00 2001
+From: Jakub Hrozek <jhrozek@redhat.com>
+Date: Mon, 17 May 2021 13:30:24 +0200
+Subject: [PATCH] Define OPENSSL_API_COMPAT to 0x10101000L
+
+---
+ src/jwe.c | 2 ++
+ src/jwk.c | 2 ++
+ src/jws.c | 2 ++
+ 3 files changed, 6 insertions(+)
+
+diff --git a/src/jwe.c b/src/jwe.c
+index 822d408..d6f3149 100644
+--- a/src/jwe.c
++++ b/src/jwe.c
+@@ -5,6 +5,8 @@
+  * Copyright (c) 2014-2016 Cisco Systems, Inc.  All Rights Reserved.
+  */
+ 
++#define OPENSSL_API_COMPAT 0x10101000L
++
+ #include <cjose/base64.h>
+ #include <cjose/header.h>
+ #include <cjose/jwe.h>
+diff --git a/src/jwk.c b/src/jwk.c
+index 860f0e7..87408e9 100644
+--- a/src/jwk.c
++++ b/src/jwk.c
+@@ -5,6 +5,8 @@
+  * Copyright (c) 2014-2016 Cisco Systems, Inc.  All Rights Reserved.
+  */
+ 
++#define OPENSSL_API_COMPAT 0x10101000L
++
+ #include "include/jwk_int.h"
+ #include "include/util_int.h"
+ 
+diff --git a/src/jws.c b/src/jws.c
+index 4e03554..9d682a0 100644
+--- a/src/jws.c
++++ b/src/jws.c
+@@ -5,6 +5,8 @@
+  * Copyright (c) 2014-2016 Cisco Systems, Inc.  All Rights Reserved.
+  */
+ 
++#define OPENSSL_API_COMPAT 0x10101000L
++
+ #include <cjose/base64.h>
+ #include <cjose/header.h>
+ #include <cjose/jws.h>
+-- 
+2.31.1
+

SOURCES/concatkdf.patch

@@ -0,0 +1,74 @@
+commit 0238eb8f3612515f4374381b593dd79116169330
+Author: John Dennis <jdennis@redhat.com>
+Date:   Thu Aug 2 16:21:33 2018 -0400
+
+    fix concatkdf failures on big endian architectures
+    
+    Several of the elements used to compute the digest in ECDH-ES key
+    agreement computation are represented in binary form as a 32-bit
+    integer length followed by that number of octets.  the length
+    field. The 32-bit length integer is represented in big endian
+    format (the 8 most significant bits are in the first octet.).
+    
+    The conversion to a 4 byte big endian integer was being computed
+    in a manner that only worked on little endian architectures. The
+    function htonl() returns a 32-bit integer whose octet sequence given
+    the address of the integer is big endian. There is no need for any
+    further manipulation.
+    
+    The existing code used bit shifting on a 32-bit value. In C bit
+    shifting is endian agnostic for multi-octet values, a right shift
+    moves most significant bits toward least significant bits. The result
+    of a bit shift of a multi-octet value on either big or little
+    archictures will always be the same provided you "view" it as the same
+    data type (e.g. 32-bit integer). But indexing the octets of that
+    mulit-octet value will be different depending on endianness, hence the
+    assembled octets differed depending on endianness.
+    
+    Issue: #77
+    Signed-off-by: John Dennis <jdennis@redhat.com>
+
+diff --git a/src/concatkdf.c b/src/concatkdf.c
+index ec064ab..59b845a 100644
+--- a/src/concatkdf.c
++++ b/src/concatkdf.c
+@@ -29,15 +29,9 @@
+ ////////////////////////////////////////////////////////////////////////////////
+ static uint8_t *_apply_uint32(const uint32_t value, uint8_t *buffer)
+ {
+-    const uint32_t formatted = htonl(value);
+-    const uint8_t data[4] = {
+-        (formatted >> 0) & 0xff,
+-        (formatted >> 8) & 0xff,
+-        (formatted >> 16) & 0xff,
+-        (formatted >> 24) & 0xff
+-    };
+-    memcpy(buffer, data, 4);
++    const uint32_t big_endian_int32 = htonl(value);
+ 
++    memcpy(buffer, &big_endian_int32, 4);
+     return buffer + 4;
+ }
+ 
+diff --git a/test/check_concatkdf.c b/test/check_concatkdf.c
+index e4325fc..41d0f1c 100644
+--- a/test/check_concatkdf.c
++++ b/test/check_concatkdf.c
+@@ -60,14 +60,9 @@ _create_otherinfo_header_finish:
+ 
+ static bool _cmp_uint32(uint8_t **actual, uint32_t expected)
+ {
+-    uint32_t value = htonl(expected);
+-    uint8_t expectedData[] = {
+-        (value >> 0) & 0xff,
+-        (value >> 8) & 0xff,
+-        (value >> 16) & 0xff,
+-        (value >> 24) & 0xff
+-    };
+-    bool result = (0 == memcmp(*actual, expectedData, 4));
++    uint32_t big_endian_int32 = htonl(expected);
++
++    bool result = (0 == memcmp(*actual, &big_endian_int32, 4));
+     (*actual) += 4;
+     return result;
+ }

SPECS/cjose.spec

@@ -0,0 +1,114 @@
+Name:           cjose
+Version:        0.6.1
+Release:        12%{?dist}
+Summary:        C library implementing the Javascript Object Signing and Encryption (JOSE)
+
+License:        MIT
+URL:            https://github.com/cisco/cjose
+Source0:  	https://github.com/cisco/%{name}/archive/%{version}/%{name}-%{version}.tar.gz
+
+Patch1: concatkdf.patch
+Patch2: 0001-Define-OPENSSL_API_COMPAT-to-0x10101000L.patch
+
+BuildRequires:  gcc
+BuildRequires:  doxygen
+BuildRequires:  openssl-devel
+BuildRequires:  jansson-devel
+BuildRequires:  check-devel
+BuildRequires: make
+
+%description
+Implementation of JOSE for C/C++
+
+
+%package        devel
+Summary:        Development files for %{name}
+Requires:       %{name}%{?_isa} = %{version}-%{release}
+
+%description    devel
+The %{name}-devel package contains libraries and header files for
+developing applications that use %{name}.
+
+
+%prep
+%autosetup -n %{name}-%{version} -p1
+
+%build
+%configure
+%make_build
+
+
+%install
+%make_install
+find %{buildroot} -name '*.a' -exec rm -f {} ';'
+find %{buildroot} -name '*.la' -exec rm -f {} ';'
+
+
+%ldconfig_scriptlets
+
+
+%check
+make check || (cat test/test-suite.log; exit 1)
+
+%files
+%license LICENSE
+%doc CHANGELOG.md README.md
+%doc /usr/share/doc/cjose
+%{_libdir}/*.so.*
+
+
+%files devel
+%{_includedir}/*
+%{_libdir}/*.so
+%{_libdir}/pkgconfig/cjose.pc
+
+
+%changelog
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.1-12
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Wed Jul 28 2021 Florian Weimer <fweimer@redhat.com> - 0.6.1-11
+- Rebuild to pick up OpenSSL 3.0 Beta ABI (#1984097)
+
+* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.1-10
+- Rebuilt for RHEL 9 BETA for openssl 3.0
+  Related: rhbz#1971065
+
+* Mon May 17 2021 Jakub Hrozek <jhrozek@redhat.com> - 0.6.1-9
+- enable build with openssl 3.0
+- Resolves: rhbz#1958026
+
+* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.1-8
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Thu Aug  2 2018  <jdennis@redhat.com> - 0.6.1-2
+- fix concatkdf big endian architecture problem.
+  Upstream issue #77.
+
+* Wed Aug  1 2018  <jdennis@redhat.com> - 0.6.1-1
+- upgrade to latest upstream 0.6.1
+
+* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Fri Jan 26 2018 Patrick Uiterwijk <patrick@puiterwijk.org> - 0.5.1-1
+- Initial packaging