From f9317d7e382b0318d32cf424a237f5a642967c9233b80114a67304f54630aac3 Mon Sep 17 00:00:00 2001 From: OBS User smolsheep Date: Sat, 1 Feb 2025 11:21:40 +0000 Subject: [PATCH 1/2] Accepting request 1242098 from home:smolsheep:upgrades - Update to version 0.12 * Libsodium is now an optional dependency. When using the Zig toolchain to compile Minisign, you can specify the -Dwithout-libsodium flag to build and run without libsodium. * Key identifiers are now zero-padded when printed. OBS-URL: https://build.opensuse.org/request/show/1242098 OBS-URL: https://build.opensuse.org/package/show/security/minisign?expand=0&rev=6 --- 0.11.tar.gz | 3 --- 0.12.tar.gz | 3 +++ minisign.changes | 9 +++++++++ minisign.spec | 9 +++++---- 4 files changed, 17 insertions(+), 7 deletions(-) delete mode 100644 0.11.tar.gz create mode 100644 0.12.tar.gz diff --git a/0.11.tar.gz b/0.11.tar.gz deleted file mode 100644 index 82114e5..0000000 --- a/0.11.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:74c2c78a1cd51a43a6c98f46a4eabefbc8668074ca9aa14115544276b663fc55 -size 18410 diff --git a/0.12.tar.gz b/0.12.tar.gz new file mode 100644 index 0000000..cca0425 --- /dev/null +++ b/0.12.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:796dce1376f9bcb1a19ece729c075c47054364355fe0c0c1ebe5104d508c7db0 +size 20663 diff --git a/minisign.changes b/minisign.changes index f98ac74..c34ad34 100644 --- a/minisign.changes +++ b/minisign.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Sat Feb 1 11:18:41 UTC 2025 - Joshua Smith + +- Update to version 0.12 + * Libsodium is now an optional dependency. When using the Zig + toolchain to compile Minisign, you can specify the + -Dwithout-libsodium flag to build and run without libsodium. + * Key identifiers are now zero-padded when printed. + ------------------------------------------------------------------- Mon Jul 22 16:21:52 UTC 2024 - Joshua Smith diff --git a/minisign.spec b/minisign.spec index 763a578..c183f41 100644 --- a/minisign.spec +++ b/minisign.spec @@ -1,7 +1,7 @@ # # spec file for package minisign # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,13 +15,14 @@ # Please submit bugfixes or comments via https://bugs.opensuse.org/ # + Name: minisign -Version: 0.11 +Version: 0.12 Release: 0 License: ISC Summary: A dead simple tool to sign files and verify signatures -Url: https://jedisct1.github.io/minisign/ -Group: Productivity/Networking/Security +URL: https://jedisct1.github.io/minisign/ +Group: Productivity/Networking/Security Source0: https://github.com/jedisct1/minisign/archive/%{version}.tar.gz BuildRequires: cmake BuildRequires: pkgconfig(libsodium) -- 2.51.1 From 11aa379e352fd55a3ca55cf6102dd7be389809cbceea6b8134be6a85100c548e Mon Sep 17 00:00:00 2001 From: Jonathan Brielmaier Date: Mon, 12 Jan 2026 11:19:12 +0000 Subject: [PATCH 2/2] - Bugfix: * bugfix: duplicate command-line arguments [7dfdb3c] * Add minisign-dup-command-line-args.patch - Security fix: [gpg.fail/trustcomment] * Trusted comment injection (minisign) [6c59875] * trim(): only trim trailing \r\n, reject straight \r characters * Add minisign-gpg.fail-trustcomment.patch - Security fix: [gpg.fail/minisign] * Trusted comment injection (minisign) [a10dc92] * Bail out if the signature file contains unprintable characters * Add minisign-gpg.fail-minisign.patch OBS-URL: https://build.opensuse.org/package/show/security/minisign?expand=0&rev=8 --- .gitattributes | 23 +++++++ .gitignore | 1 + 0.12.tar.gz | 3 + minisign-0.12.tar.gz | 3 + minisign-dup-command-line-args.patch | 23 +++++++ minisign-gpg.fail-minisign.patch | 84 ++++++++++++++++++++++++++ minisign-gpg.fail-trustcomment.patch | 47 +++++++++++++++ minisign.changes | 90 ++++++++++++++++++++++++++++ minisign.spec | 57 ++++++++++++++++++ 9 files changed, 331 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 0.12.tar.gz create mode 100644 minisign-0.12.tar.gz create mode 100644 minisign-dup-command-line-args.patch create mode 100644 minisign-gpg.fail-minisign.patch create mode 100644 minisign-gpg.fail-trustcomment.patch create mode 100644 minisign.changes create mode 100644 minisign.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/0.12.tar.gz b/0.12.tar.gz new file mode 100644 index 0000000..cca0425 --- /dev/null +++ b/0.12.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:796dce1376f9bcb1a19ece729c075c47054364355fe0c0c1ebe5104d508c7db0 +size 20663 diff --git a/minisign-0.12.tar.gz b/minisign-0.12.tar.gz new file mode 100644 index 0000000..cca0425 --- /dev/null +++ b/minisign-0.12.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:796dce1376f9bcb1a19ece729c075c47054364355fe0c0c1ebe5104d508c7db0 +size 20663 diff --git a/minisign-dup-command-line-args.patch b/minisign-dup-command-line-args.patch new file mode 100644 index 0000000..3b51794 --- /dev/null +++ b/minisign-dup-command-line-args.patch @@ -0,0 +1,23 @@ +From 7dfdb3c7bd4cc10e7e3bd52aec38a2052407fbc2 Mon Sep 17 00:00:00 2001 +From: Frank Denis +Date: Mon, 29 Dec 2025 23:06:30 +0100 +Subject: [PATCH] bugfix: duplicate command-line arguments + +Spotted by @two-heart, thanks! +--- + src/minisign.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/minisign.c b/src/minisign.c +index 8f82304..df2160c 100644 +--- a/src/minisign.c ++++ b/src/minisign.c +@@ -1002,7 +1002,7 @@ main(int argc, char **argv) + case '?': + usage(); + } +- if (opt_flag > 0 && opt_flag <= (int) sizeof opt_seen / 8) { ++ if (opt_flag > 0 && opt_flag < (int) sizeof opt_seen * 8) { + if ((opt_seen[opt_flag / 8] & (1U << (opt_flag & 7))) != 0) { + fprintf(stderr, "Duplicate option: -- %c\n\n", opt_flag); + usage(); diff --git a/minisign-gpg.fail-minisign.patch b/minisign-gpg.fail-minisign.patch new file mode 100644 index 0000000..2141d71 --- /dev/null +++ b/minisign-gpg.fail-minisign.patch @@ -0,0 +1,84 @@ +From 6c5987575002b7b636f35120fa819fa990248898 Mon Sep 17 00:00:00 2001 +From: Frank Denis +Date: Mon, 29 Dec 2025 23:03:30 +0100 +Subject: [PATCH] Bail out if the signature file contains unprintable + characters + +Spotted by @two-heart, thanks! +--- + src/minisign.c | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 55 insertions(+) + +diff --git a/src/minisign.c b/src/minisign.c +index 0444716..8f82304 100644 +--- a/src/minisign.c ++++ b/src/minisign.c +@@ -72,6 +72,58 @@ usage(void) + exit(2); + } + ++static int ++is_printable(const char *str) ++{ ++ const unsigned char *p = (const unsigned char *) (const void *) str; ++ ++ while (*p != 0U) { ++ const unsigned char c = *p++; ++ ++ if (c == '\t') { ++ continue; ++ } else if (c >= 0x20U && c <= 0x7eU) { ++ continue; ++ } else if (c < 0x20U || c == 0x7fU) { ++ return 0; ++ } else { ++ size_t need; ++ size_t i; ++ uint32_t cp; ++ ++ if (c >= 0xc2U && c <= 0xdfU) { ++ need = 1U; ++ } else if (c >= 0xe0U && c <= 0xefU) { ++ need = 2U; ++ } else if (c >= 0xf0U && c <= 0xf4U) { ++ need = 3U; ++ } else { ++ return 0; ++ } ++ for (i = 1U; i <= need; i++) { ++ const unsigned char cc = p[i - 1U]; ++ ++ if (cc == 0U || (cc & 0xc0U) != 0x80U) { ++ return 0; ++ } ++ } ++ if ((c == 0xe0U && p[0] < 0xa0U) || (c == 0xedU && p[0] > 0x9fU) || ++ (c == 0xf0U && p[0] < 0x90U) || (c == 0xf4U && p[0] > 0x8fU)) { ++ return 0; ++ } ++ cp = (uint32_t) (c & (need == 1U ? 0x1fU : need == 2U ? 0x0fU : 0x07U)); ++ for (i = 1U; i <= need; i++) { ++ cp = (cp << 6) | (uint32_t) (p[i - 1U] & 0x3fU); ++ } ++ if (cp <= 0x1fU || (cp >= 0x7fU && cp <= 0x9fU)) { ++ return 0; ++ } ++ p += need; ++ } ++ } ++ return 1; ++} ++ + static unsigned char * + message_load_hashed(size_t *message_len, const char *message_file) + { +@@ -201,6 +253,9 @@ sig_load(const char *sig_file, unsigned char global_sig[crypto_sign_BYTES], int + if (trim(trusted_comment) == 0) { + exit_msg("Trusted comment too long"); + } ++ if (is_printable(trusted_comment) == 0) { ++ exit_msg("Signature file contains unprintable characters"); ++ } + global_sig_s_size = B64_MAX_LEN_FROM_BIN_LEN(crypto_sign_BYTES) + 2U; + global_sig_s = xmalloc(global_sig_s_size); + if (fgets(global_sig_s, (int) global_sig_s_size, fp) == NULL) { diff --git a/minisign-gpg.fail-trustcomment.patch b/minisign-gpg.fail-trustcomment.patch new file mode 100644 index 0000000..afbaf8f --- /dev/null +++ b/minisign-gpg.fail-trustcomment.patch @@ -0,0 +1,47 @@ +From a10dc92b69cd549de8b691fdc32df866de9bd739 Mon Sep 17 00:00:00 2001 +From: Frank Denis +Date: Mon, 29 Dec 2025 23:00:30 +0100 +Subject: [PATCH] trim(): only trim trailing \r\n, reject straight \r + characters + +Spotted by @two-heart, thanks! +--- + src/helpers.c | 25 +++++++++++++++---------- + 1 file changed, 15 insertions(+), 10 deletions(-) + +diff --git a/src/helpers.c b/src/helpers.c +index 9598b4e..4b8994f 100644 +--- a/src/helpers.c ++++ b/src/helpers.c +@@ -158,16 +158,21 @@ xfclose(FILE *fp) + int + trim(char *str) + { +- size_t i = strlen(str); +- int t = 0; +- +- while (i-- > (size_t) 0U) { +- if (str[i] == '\n') { +- str[i] = 0; +- t = 1; +- } else if (str[i] == '\r') { +- str[i] = 0; +- } ++ size_t len = strlen(str); ++ int t = 0; ++ ++ if (len == 0U) { ++ return 0; ++ } ++ if (str[len - 1U] == '\n') { ++ str[--len] = 0; ++ t = 1; ++ } ++ if (len > 0U && str[len - 1U] == '\r') { ++ str[--len] = 0; ++ } ++ if (memchr(str, '\r', len) != NULL) { ++ return 0; + } + return t; + } diff --git a/minisign.changes b/minisign.changes new file mode 100644 index 0000000..64ca204 --- /dev/null +++ b/minisign.changes @@ -0,0 +1,90 @@ +------------------------------------------------------------------- +Mon Jan 12 09:24:25 UTC 2026 - Pedro Monreal + +- Bugfix: + * bugfix: duplicate command-line arguments [7dfdb3c] + * Add minisign-dup-command-line-args.patch + +------------------------------------------------------------------- +Mon Jan 12 09:15:13 UTC 2026 - Pedro Monreal + +- Security fix: [gpg.fail/trustcomment] + * Trusted comment injection (minisign) [6c59875] + * trim(): only trim trailing \r\n, reject straight \r characters + * Add minisign-gpg.fail-trustcomment.patch + +------------------------------------------------------------------- +Mon Jan 12 09:05:55 UTC 2026 - Pedro Monreal + +- Security fix: [gpg.fail/minisign] + * Trusted comment injection (minisign) [a10dc92] + * Bail out if the signature file contains unprintable characters + * Add minisign-gpg.fail-minisign.patch + +------------------------------------------------------------------- +Sat Feb 1 11:18:41 UTC 2025 - Joshua Smith + +- Update to version 0.12 + * Libsodium is now an optional dependency. When using the Zig + toolchain to compile Minisign, you can specify the + -Dwithout-libsodium flag to build and run without libsodium. + * Key identifiers are now zero-padded when printed. + +------------------------------------------------------------------- +Mon Jul 22 16:21:52 UTC 2024 - Joshua Smith + +- Cleanup spec file + * Add missing %license to packaging + * Remove %debug_package + +------------------------------------------------------------------- +Sat Jul 20 14:25:55 UTC 2024 - Joshua Smith + +- Switch from deprecated %setup to %autosetup +- Use %cmake_build +- Update to version 0.11 + * For non-interactive usage (CI/CD, etc), encryption of private + keys can be disabled with the -W switch. + * A new command, -C was added to change passwords, or remove them + (when combined with -W). +- Updates from version 0.10 + * Prehashing is now enabled by default, regardless of the input + size. Support for non-prehashed signatures will eventually be + removed + * Legacy signatures can be rejected with the addition of the -H + flag + +------------------------------------------------------------------- +Mon Sep 21 19:16:51 UTC 2020 - Cristian Rodríguez + +- Fix debuginfo generation (set CMAKE_STRIP to false) +- Update to version 0.9 + * New option: -R to recover the public key from a secret key. + * Error messages have been improved. + * Key derivation is now possible on devices with limited memory. + +------------------------------------------------------------------- +Fri Jul 19 10:39:33 UTC 2019 - Jonathan Brielmaier + +- clean up spec file + +------------------------------------------------------------------- +Sat Jun 1 22:45:05 UTC 2019 - AxelKoellhofer@web.de - 0.8 + +- added upstream.patch + * Add the "-R" option (re-create pubkey from secret key) + +------------------------------------------------------------------- +Sat Feb 3 18:12:36 UTC 2018 - AxelKoellhofer@web.de - 0.8 + +- updated to 0.8 + * Multiple files can now be signed at once + * Support for HaikuOS was added + * The command-line switch to use custom file names when generating + key pairs didn't work properly; this has been fixed + +------------------------------------------------------------------- +Sat Apr 1 13:29:31 UTC 2017 - AxelKoellhofer@web.de - 0.7 + +- initial package, version 0.7 + diff --git a/minisign.spec b/minisign.spec new file mode 100644 index 0000000..2466f2e --- /dev/null +++ b/minisign.spec @@ -0,0 +1,57 @@ +# +# spec file for package minisign +# +# Copyright (c) 2026 SUSE LLC and contributors +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: minisign +Version: 0.12 +Release: 0 +License: ISC +Summary: A dead simple tool to sign files and verify signatures +URL: https://jedisct1.github.io/minisign/ +Group: Productivity/Networking/Security +Source0: https://github.com/jedisct1/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz +#PATCH-FIX-UPSTREAM gpg.fail/minisign Trusted comment injection +Patch1: minisign-gpg.fail-minisign.patch +#PATCH-FIX-UPSTREAM gpg.fail/trustcomment Trusted comment Injection +Patch2: minisign-gpg.fail-trustcomment.patch +#PATCH-FIX-UPSTREAM duplicate command-line arguments +Patch3: minisign-dup-command-line-args.patch +BuildRequires: cmake +BuildRequires: pkgconfig(libsodium) + +%description +Minisign is a dead simple tool to sign files and verify signatures. + +It is portable, lightweight, and uses the highly secure Ed25519 public-key signature system. + +%prep +%autosetup -p1 + +%build +%cmake -DCMAKE_STRIP:BOOL=OFF +%cmake_build + +%install +%cmake_install + +%files +%doc README.md +%license LICENSE +%{_bindir}/%{name} +%{_mandir}/man1/%{name}.1.* + +%changelog -- 2.51.1