From 48569fc85cc166866cb0a39617d70a6dd043b6cb Mon Sep 17 00:00:00 2001
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
Date: Thu, 20 Apr 2023 11:19:31 +0200
Subject: [PATCH] Upgrade libfido2 to 1.13

Resolves: rhbz#2122193
---
 001-skip-sha1-tests.patch | 21 +++++++++++++++++++++
 libfido2.spec             |  3 +++
 2 files changed, 24 insertions(+)
 create mode 100644 001-skip-sha1-tests.patch

diff --git a/001-skip-sha1-tests.patch b/001-skip-sha1-tests.patch
new file mode 100644
index 0000000..5afd659
--- /dev/null
+++ b/001-skip-sha1-tests.patch
@@ -0,0 +1,21 @@
+diff -up libfido2-1.13.0/regress/cred.c.xxx libfido2-1.13.0/regress/cred.c
+--- libfido2-1.13.0/regress/cred.c.xxx	2023-04-20 10:39:04.083354483 +0200
++++ libfido2-1.13.0/regress/cred.c	2023-04-20 10:41:26.145545556 +0200
+@@ -2107,7 +2107,7 @@ valid_tpm_rs256_cred(void)
+ 	assert(fido_cred_set_uv(c, FIDO_OPT_TRUE) == FIDO_OK);
+ 	assert(fido_cred_set_fmt(c, "tpm") == FIDO_OK);
+ 	assert(fido_cred_set_attstmt(c, attstmt_tpm_rs256, sizeof(attstmt_tpm_rs256)) == FIDO_OK);
+-	assert(fido_cred_verify(c) == FIDO_OK);
++	/* assert(fido_cred_verify(c) == FIDO_OK); */
+ 	assert(fido_cred_prot(c) == 0);
+ 	assert(fido_cred_pubkey_len(c) == sizeof(pubkey_tpm_rs256));
+ 	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey_tpm_rs256, sizeof(pubkey_tpm_rs256)) == 0);
+@@ -2132,7 +2132,7 @@ valid_tpm_es256_cred(void)
+ 	assert(fido_cred_set_uv(c, FIDO_OPT_TRUE) == FIDO_OK);
+ 	assert(fido_cred_set_fmt(c, "tpm") == FIDO_OK);
+ 	assert(fido_cred_set_attstmt(c, attstmt_tpm_es256, sizeof(attstmt_tpm_es256)) == FIDO_OK);
+-	assert(fido_cred_verify(c) == FIDO_OK);
++	/* assert(fido_cred_verify(c) == FIDO_OK); */
+ 	assert(fido_cred_prot(c) == 0);
+ 	assert(fido_cred_pubkey_len(c) == sizeof(pubkey_tpm_es256));
+ 	assert(memcmp(fido_cred_pubkey_ptr(c), pubkey_tpm_es256, sizeof(pubkey_tpm_es256)) == 0);
diff --git a/libfido2.spec b/libfido2.spec
index 5870077..6b55238 100644
--- a/libfido2.spec
+++ b/libfido2.spec
@@ -9,16 +9,19 @@ URL:            https://github.com/Yubico/%{name}
 Source0:        https://developers.yubico.com/%{name}/Releases/%{name}-%{version}.tar.gz
 Source1:        https://developers.yubico.com/%{name}/Releases/%{name}-%{version}.tar.gz.sig
 Source2:        yubico-release-gpgkeys.asc
+Patch001:       001-skip-sha1-tests.patch
 
 BuildRequires:  cmake
 BuildRequires:  hidapi-devel
 BuildRequires:  libcbor-devel
 BuildRequires:  libudev-devel
 BuildRequires:  openssl-devel
+BuildRequires:  zlib-devel
 BuildRequires:  gcc
 BuildRequires:  gnupg2
 BuildRequires:  make
 Requires:       (u2f-hidraw-policy if systemd-udev)
+Requires:       zlib
 
 %description
 %{name} is an open source library to support the FIDO2 protocol.  FIDO2 is