Sync from SUSE:SLFO:Main cjose revision bd0630b57f1121eb3a8707c194b2b8b6

2024-12-18 16:26:17 +01:00 · 2024-12-18 16:26:17 +01:00 · 62c7d0aa42
commit 62c7d0aa42
4 changed files with 192 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
--- a/cjose-0.6.2.3.tar.gz
+++ b/cjose-0.6.2.3.tar.gz
--- a/cjose.changes
+++ b/cjose.changes
@ -0,0 +1,86 @@
+-------------------------------------------------------------------
+Fri Jul 26 15:38:40 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>
+
+- Update to 0.6.2.3:
+  * disable RSA PKCS 1.5 by default
+  * avoid using empty prototypes; support Clang 15 and XCode 14.3
+  * build shared library on Cygwin by adding -no-undefined to LDFLAGS
+  * reformat using clang-format-18.1.3
+  * regenerate autoconf files using autoconf 2.72
+  * update github actions to avoid warnings
+
+-------------------------------------------------------------------
+Tue Jul 18 08:40:48 UTC 2023 - Danilo Spinella <danilo.spinella@suse.com>
+
+- Switch to OpenIDC fork of cjose
+- Update to 0.6.2.2:
+  * use fixed authentication tag length of 16 octets in AES GCM decryption
+  * avoid use of assert
+  * fix make on srcdir != builddir
+- Update to 0.6.2.1:
+  * preserve key order in cjose_header_get_raw as well
+  * fix a memory leak in cjose_jws_import() for invalid JWS
+  * don't use STACK_ALLOC in cjose_concatkdf_derive
+- Update to 0.6.2.0:
+  * add support for A128GCM and A192GCM encryption
+  * extract cjose_jwe_encrypt_iv to allow explicit IV
+  * allow compilation against OpenSSL 3 with #define OPENSSL_API_COMPAT 0x10000000L
+  * cleanup some warnings about \param lines in header files
+  * preserve key order in order to be able to compare serialized JWTs
+  * minor updates for conformance
+  * check that JWE object has any CEK at all, return error if it doesn't
+  * fix double free on decrypt ek rsa padding failure
+  * replace calls to free() with cjose_get_dealloc() in _cjose_jws_build_hdr
+  * fix buffer overflow in test_cjose_jwe_multiple_recipients
+  * use fixed size of IV size of 16 bytes for AES-CBC
+  * fix memory leak already addressed in cjose_jws_build_dig_sha when a JWS is reused for validation
+  * compile against older versions of check
+  * rename free() to free_func() in struct key_fntable for memory leak detectors
+  * check result of cek = cjose_get_alloc()(cek_len) in jwe.c
+- Fix CVE-2023-37464, AES GCM decryption routine incorrectly uses the Tag
+  length from the actual Authentication Tag, bsc#1213385
+- Remove unneeded patches:
+  * cjose-0.6.1-concatkdf.patch
+  * cjose-ck_assert_bin_eq.patch
+
+-------------------------------------------------------------------
+Mon Feb  6 11:26:40 UTC 2023 - Marcus Meissner <meissner@suse.com>
+
+- disable depreacted declarations warnings for openssl 3 for now.
+
+-------------------------------------------------------------------
+Wed Oct 30 13:57:50 UTC 2019 - Kristyna Streitova <kstreitova@suse.com>
+
+- add cjose-0.6.1-concatkdf.patch to fix concatkdf failures on big
+  endian architectures [bsc#1149887]
+- re-enable tests on s390
+
+-------------------------------------------------------------------
+Mon Sep  9 14:41:41 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
+
+- Fix a bug in an assert message macro
+  * add cjose-ck_assert_bin_eq.patch
+
+-------------------------------------------------------------------
+Sun Sep  8 19:01:22 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
+
+- Temporarily disable tests on s390 as they are broken there
+  (bsc#1149887)
+
+-------------------------------------------------------------------
+Fri Apr 27 13:54:00 UTC 2018 - vcizek@suse.com
+
+- update to 0.6.1
+- packaged as a dependency for apache2-mod_auth_openidc which was
+  requested in fate#323817
+
+-------------------------------------------------------------------
+Wed Dec 13 10:25:46 UTC 2017 - christof.hanke@mpcdf.mpg.de
+
+- update to version 0.5.1
+
+-------------------------------------------------------------------
+Wed Nov  2 01:08:42 UTC 2016 - crrodriguez@opensuse.org
+
+- Initial version
+
--- a/cjose.spec
+++ b/cjose.spec
@ -0,0 +1,80 @@
+#
+# spec file for package cjose
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+Name:           cjose
+Version:        0.6.2.3
+Release:        0
+Summary:        C library implementing the Javascript Object Signing and Encryption (JOSE)
+License:        MIT
+Group:          Development/Libraries/C and C++
+URL:            https://github.com/OpenIDC/cjose
+Source:         https://github.com/OpenIDC/cjose/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
+BuildRequires:  libtool
+BuildRequires:  pkgconfig
+BuildRequires:  pkgconfig(check) >= 0.9.4
+BuildRequires:  pkgconfig(jansson) >= 2.3
+BuildRequires:  pkgconfig(openssl) >= 1.0.1h
+
+%description
+
+C library implementing the Javascript Object Signing and Encryption (JOSE)
+
+%package -n libcjose0
+Summary:        C library implementing the Javascript Object Signing and Encryption (JOSE)
+Group:          System/Libraries
+
+%description -n libcjose0
+C library implementing the Javascript Object Signing and Encryption (JOSE)
+
+%package -n     libcjose-devel
+Summary:        C library implementing the Javascript Object Signing and Encryption (JOSE)
+Group:          Development/Libraries/C and C++
+Requires:       libcjose0 = %{version}
+
+%description -n libcjose-devel
+C library implementing the Javascript Object Signing and Encryption (JOSE)
+
+%prep
+%setup -q
+%autopatch -p1
+
+%build
+CFLAGS="%optflags -Wno-deprecated-declarations"
+%configure --disable-static
+make %{?_smp_mflags}
+
+%install
+%make_install
+find %{buildroot} -type f -name "*.la" -delete -print
+
+%check
+make %{?_smp_mflags} check
+
+%post -n libcjose0 -p /sbin/ldconfig
+%postun -n libcjose0 -p /sbin/ldconfig
+
+%files -n libcjose0
+%{_libdir}/libcjose.so.*
+
+%files -n libcjose-devel
+%dir %{_includedir}/%{name}
+%{_includedir}/%{name}/*.h
+%{_libdir}/libcjose.so
+%{_libdir}/pkgconfig/cjose.pc
+
+%changelog