From 404f172af56c3056fde0c406d6695bb51b7ad4f6ed53097ce12f5e53b243fa66 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Mon, 21 Oct 2024 07:04:52 +0000 Subject: [PATCH] - Update to version 0.2.2: + New Features: - Add bt-logindex blob kind. + Bugfixes: - Increase test coverage for ED25519 support. - Save the auto-generated private key with 0600 file permissions. - Switch ED25519 support to not directly using Nettle. OBS-URL: https://build.opensuse.org/package/show/Base:System/libjcat?expand=0&rev=29 --- .gitattributes | 23 +++++++ .gitignore | 1 + libjcat-0.2.1.tar.gz | 3 + libjcat-0.2.2.tar.gz | 3 + libjcat.changes | 147 +++++++++++++++++++++++++++++++++++++++++++ libjcat.spec | 124 ++++++++++++++++++++++++++++++++++++ 6 files changed, 301 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 libjcat-0.2.1.tar.gz create mode 100644 libjcat-0.2.2.tar.gz create mode 100644 libjcat.changes create mode 100644 libjcat.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/libjcat-0.2.1.tar.gz b/libjcat-0.2.1.tar.gz new file mode 100644 index 0000000..d6af464 --- /dev/null +++ b/libjcat-0.2.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f623815ac855471277dc9d1b3b5ada1a9aaad6da67659c751dc3dec899dc2658 +size 76698 diff --git a/libjcat-0.2.2.tar.gz b/libjcat-0.2.2.tar.gz new file mode 100644 index 0000000..546ae74 --- /dev/null +++ b/libjcat-0.2.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:60fb1d30b16ba1a2dbf48998094d366bc94a082846b71decf9d6ac6bb6aa4800 +size 79047 diff --git a/libjcat.changes b/libjcat.changes new file mode 100644 index 0000000..4ebc498 --- /dev/null +++ b/libjcat.changes @@ -0,0 +1,147 @@ +------------------------------------------------------------------- +Mon Oct 14 13:09:54 UTC 2024 - Dominique Leuenberger + +- Update to version 0.2.2: + + New Features: + - Add bt-logindex blob kind. + + Bugfixes: + - Increase test coverage for ED25519 support. + - Save the auto-generated private key with 0600 file + permissions. + - Switch ED25519 support to not directly using Nettle. + +------------------------------------------------------------------- +Mon Jan 22 07:46:55 UTC 2024 - Dominique Leuenberger + +- Update to version 0.2.1: + + Do not dedupe sig and sig-of-checksum when loading. + + Fix the installed tests. + + Show the sig-of-checksum results clearer on the CLI. + +------------------------------------------------------------------- +Wed Jan 10 09:17:52 UTC 2024 - Dominique Leuenberger + +- Do not install test files: pass -Dtest=false to meson instead of + Dtest=true (aids with reproducible build, boo#1218715). +- Add check section and run meson test. + +------------------------------------------------------------------- +Thu Jan 4 16:39:57 UTC 2024 - Dominique Leuenberger + +- Update to version 0.2.0: + + New Features: + - Add support for verifying firmware transparency checkpoints + - Add various bitcounting functions for future use + - Allow creating and validating SHA512 checksums + - Allow verifying the checksum of a payload + + Bugfixes: + - Sprinkle attribute((nonnull)) to give a little more + compile-time safety + +------------------------------------------------------------------- +Tue Jun 27 14:54:31 UTC 2023 - Dirk Müller + +- update to 0.1.14: + * Fix header includes (Daisuke Fujimura) + * Fix prefix of LIBJCAT_CHECK_VERSION (Richard Hughes) + * Use project_source_root to fix building as a subproject + +------------------------------------------------------------------- +Thu Apr 27 22:31:13 UTC 2023 - Dirk Müller + +- update to 0.1.13: + * Add support for SHA512 checksums (Richard Hughes) + * Add the ability to add and remove support for blob types + * Fix header includes for clang-tidy (Richard Hughes) + * Show the expected SHA checksum in the error (Richard + Hughes) + +------------------------------------------------------------------- +Fri Oct 7 12:16:53 UTC 2022 - Dirk Müller + +- update to 0.1.12: + * Correctly export the AliasIds in all cases (Richard Hughes) + * Install installed-test firmware.bin.ed25519 (Jan Tojnar) + * Predate test cert activation date by 1 day (David Bonner) + +------------------------------------------------------------------- +Thu Apr 21 07:25:09 UTC 2022 - Dirk Müller + +- update to 0.1.11: + - Allow the user to get the runtime library version (Richard Hughes) + - Fix incorrect certtool being called on macOS (Richard Hughes) + +------------------------------------------------------------------- +Sun Apr 10 13:27:31 UTC 2022 - Dirk Müller + +- update to 0.1.10: + - Add ED25519 support (Richard Hughes) + - Define three more types used for the firmware transparency log (Richard Hughes) + - Include the pkgconfig variables in the subproject dependency (Richard Hughes) + - Drop the use of setuptools in the test script for regenerating ld version file (Eli Schwartz) + - Use the correct lookup method for the python3 script interpreter (Eli Schwartz) + +------------------------------------------------------------------- +Mon Dec 20 22:03:58 UTC 2021 - Dirk Müller + +- update to 0.1.9: + * Set which backends are supported in the pkgconfig file + * Use -Dcli=false to reduce the install size + * Return an error if we try to self-sign no bytes of data + * Show a more accurate output when not all engines are enabled + +------------------------------------------------------------------- +Sat Nov 13 11:57:00 UTC 2021 - Dirk Müller + +- update to 0.1.8: + * Fix a warning when used in a subproject + * Fix compilation on FreeBSD + * Do not use help2man to build manual pages + * Fall back to the AliasId for validation + * Fix jcat_context_verify_blob() to use self verify for checksums + * Allow verifying expired certificates with an additional argument + * Allow compiling json-glib as a subproject + * Export the old JCatEngine property to preserve internal ABI + * Do not fail verification if compiled without an engine + +------------------------------------------------------------------- +Thu Jul 30 15:30:18 UTC 2020 - dimstar@opensuse.org + +- Update to version 0.1.3: + * Export the JcatBlobKind and JcatBlobMethod on the result + * trivial: source the version header when including + +------------------------------------------------------------------- +Thu Jun 25 09:16:15 UTC 2020 - Bernhard Wiedemann + +- remove unreproducible signature file to make package build reproducible + +------------------------------------------------------------------- +Tue Jun 09 15:08:08 UTC 2020 - dimstar@opensuse.org + +- Update to version 0.1.2+3: + * Validate that gpgme_op_verify_result() returned at least one + signature (CVE-2020-10759). + +------------------------------------------------------------------- +Wed Jun 03 15:43:21 UTC 2020 - dimstar@opensuse.org + +- Update to version 0.1.2: + * Lower the meson dep version + * build: Check for Python modules explicitly +- Update Build dependencies: use pkgconfig(gobject-introspection-1.0) + instead of gobject-introspection plus + gobject-introspection-devel. +- Be more explicit in the files list for the typelib: if the file + name changes, we want to see a failure to ensure the package name + changes too. + +------------------------------------------------------------------- +Wed Apr 22 08:07:20 UTC 2020 - Gary Ching-Pang Lin + +- Add the missing BuildRequires: gobject-introspection-devel + +------------------------------------------------------------------- +Wed Apr 15 07:18:51 UTC 2020 - Gary Ching-Pang Lin + +- Initial import 0.1.1 diff --git a/libjcat.spec b/libjcat.spec new file mode 100644 index 0000000..4810775 --- /dev/null +++ b/libjcat.spec @@ -0,0 +1,124 @@ +# +# spec file for package libjcat +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define sover 1 + +Name: libjcat +Version: 0.2.2 +Release: 0 +Summary: Library for reading and writing gzip-compressed JSON catalog files +License: LGPL-2.1-or-later +Group: System/Libraries +URL: https://github.com/hughsie/libjcat +Source: https://github.com/hughsie/libjcat/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz +# for certtool +BuildRequires: gnutls +BuildRequires: gpgme-devel +BuildRequires: gtk-doc +BuildRequires: help2man +BuildRequires: meson >= 0.47.0 +BuildRequires: python3-setuptools +BuildRequires: vala +BuildRequires: pkgconfig(gio-2.0) >= 2.45.8 +BuildRequires: pkgconfig(gio-unix-2.0) +BuildRequires: pkgconfig(gnutls) +BuildRequires: pkgconfig(gobject-introspection-1.0) +BuildRequires: pkgconfig(json-glib-1.0) >= 1.1.1 + +%description +This library allows reading and writing gzip-compressed JSON +catalog files, which can be used to store GPG, PKCS-7 and +SHA-256 checksums for each file. This provides equivalent +functionality to the catalog files supported in Microsoft Windows. + +%package -n %{name}%{sover} +Summary: Library for reading and writing gzip-compressed JSON catalog files +Group: System/Libraries + +%description -n %{name}%{sover} +This library allows reading and writing gzip-compressed JSON +catalog files, which can be used to store GPG, PKCS-7 and +SHA-256 checksums for each file. This provides equivalent +functionality to the catalog files supported in Microsoft Windows. + +%package -n typelib-1_0-Jcat-1_0 +Summary: Introspection bindings for %{name} +Group: System/Libraries + +%description -n typelib-1_0-Jcat-1_0 +This package provides the GObject Introspection bindings for +%{name}. + +%package -n jcat-tool +Summary: Optional tool for %{name} +Group: Development/Libraries/Other + +%description -n jcat-tool +This package provides the optional jcat-tool for %{name}. + +%package devel +Summary: Development package for %{name} +Group: Development/Libraries/Other +Requires: %{name}%{sover} = %{version} +Requires: jcat-tool = %{version} + +%description devel +Files for development with %{name}. + +%prep +%autosetup -p1 + +%build +%meson \ + -Dgtkdoc=true \ + -Dintrospection=true \ + -Dtests=false \ + %{nil} +%meson_build + +%install +%meson_install + +%check +%meson_test + +%post -n %{name}%{sover} -p /sbin/ldconfig +%postun -n %{name}%{sover} -p /sbin/ldconfig + +%files -n %{name}%{sover} +%license LICENSE +%{_libdir}/%{name}.so.%{sover}* + +%files -n typelib-1_0-Jcat-1_0 +%{_libdir}/girepository-1.0/Jcat-1.0.typelib + +%files -n jcat-tool +%doc NEWS README.md +%{_bindir}/jcat-tool +%{_mandir}/man1/jcat-tool.1.gz + +%files devel +%doc %{_datadir}/gtk-doc/html/%{name} +%{_datadir}/gir-1.0/*.gir +%dir %{_datadir}/vala/vapi/ +%{_datadir}/vala/vapi/jcat.* +%{_includedir}/%{name}-%{sover}/ +%{_libdir}/%{name}.so +%{_libdir}/pkgconfig/jcat.pc + +%changelog