From fd57c75d45501b91f5757484f2b19eb00b45b7179f7d4467b4dc5dbe18228d62 Mon Sep 17 00:00:00 2001
From: Ruediger Oertel <ro@suse.de>
Date: Thu, 12 Mar 2020 12:07:53 +0000
Subject: [PATCH] Accepting request 784304 from home:oertel:branches:hardware

- add patch crda-python3.patch to build using python3
  it is actually only used for a small helper script splitting
  pem files to individual keys

OBS-URL: https://build.opensuse.org/request/show/784304
OBS-URL: https://build.opensuse.org/package/show/hardware/crda?expand=0&rev=33
---
 crda-python3.patch | 259 +++++++++++++++++++++++++++++++++++++++++++++
 crda.changes       |   7 ++
 crda.spec          |  14 +--
 3 files changed, 274 insertions(+), 6 deletions(-)
 create mode 100644 crda-python3.patch

diff --git a/crda-python3.patch b/crda-python3.patch
new file mode 100644
index 0000000..c93569c
--- /dev/null
+++ b/crda-python3.patch
@@ -0,0 +1,259 @@
+From: Taahir Ahmed <ahmed.taahir@xxxxxxxxx>
+
+utils/key2pub.py can now be run under either python 2.7 or python 3.x.
+This required some minor syntactical changes as well as switching from
+M2Crypto to pycrypto, since M2Crypto doesn't support python 3.x.
+
+In addition, some errors in the generated source file keys-ssl.h are
+fixed:
+
+  * The correct OpenSSL header for BN_ULONG is included.
+
+  * The generated constants are given the 'ull' suffix to prevent
+    warnings about constants that are too large.
+---
+ Makefile         |   2 +-
+ utils/key2pub.py | 146 ++++++++++++++++++++++++++++---------------------------
+ 2 files changed, 75 insertions(+), 73 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index a3ead30..65fc780 100644
+--- a/Makefile
++++ b/Makefile
+@@ -112,7 +112,7 @@ $(REG_BIN):
+ keys-%.c: utils/key2pub.py $(wildcard $(PUBKEY_DIR)/*.pem)
+ 	$(NQ) '  GEN ' $@
+ 	$(NQ) '  Trusted pubkeys:' $(wildcard $(PUBKEY_DIR)/*.pem)
+-	$(Q)./utils/key2pub.py --$* $(wildcard $(PUBKEY_DIR)/*.pem) $@
++	$(Q) python3 ./utils/key2pub.py --$* $(wildcard $(PUBKEY_DIR)/*.pem) $@
+ 
+ $(LIBREG): regdb.h reglib.h reglib.c
+ 	$(NQ) '  CC  ' $@
+diff --git a/utils/key2pub.py b/utils/key2pub.py
+index 3e84cd2..ff92748 100755
+--- a/utils/key2pub.py
++++ b/utils/key2pub.py
+@@ -1,126 +1,128 @@
+ #!/usr/bin/env python
+ 
++import io
+ import sys
+ try:
+-       from M2Crypto import RSA
+-except ImportError, e:
+-       sys.stderr.write('ERROR: Failed to import the "M2Crypto" module: %s\n' % e.message)
+-       sys.stderr.write('Please install the "M2Crypto" Python module.\n')
+-       sys.stderr.write('On Debian GNU/Linux the package is called "python-m2crypto".\n')
+-       sys.exit(1)
++    from Crypto.PublicKey import RSA
++except ImportError as e:
++    sys.stderr.write('ERROR: Failed to import the "Crypto.PublicKey" module: %s\n' % e.message)
++    sys.stderr.write('Please install the "Crypto.PublicKey" Python module.\n')
++    sys.stderr.write('On Debian GNU/Linux the package is called "python-crypto".\n')
++    sys.exit(1)
++
++def bitwise_collect(value, radix_bits):
++    words = []
++    radix_mask = (1 << radix_bits) - 1
++    while value != 0:
++        words.append(value & radix_mask)
++        value >>= radix_bits
++    return words
+ 
+ def print_ssl_64(output, name, val):
+-    while val[0] == '\0':
+-        val = val[1:]
+-    while len(val) % 8:
+-        val = '\0' + val
+-    vnew = []
+-    while len(val):
+-        vnew.append((val[0], val[1], val[2], val[3], val[4], val[5], val[6], val[7]))
+-        val = val[8:]
+-    vnew.reverse()
+-    output.write('static BN_ULONG %s[%d] = {\n' % (name, len(vnew)))
++    # OpenSSL expects 64-bit words given least-significant-word first.
++    vwords = bitwise_collect(val, 64)
++
++    output.write(u'static BN_ULONG {}[] = {{\n'.format(name))
+     idx = 0
+-    for v1, v2, v3, v4, v5, v6, v7, v8 in vnew:
++    for vword in vwords:
+         if not idx:
+-            output.write('\t')
+-        output.write('0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x, ' % (ord(v1), ord(v2), ord(v3), ord(v4), ord(v5), ord(v6), ord(v7), ord(v8)))
++            output.write(u'\t')
++        output.write(u'0x{:016x}ULL, '.format(vword))
+         idx += 1
+         if idx == 2:
+             idx = 0
+-            output.write('\n')
++            output.write(u'\n')
+     if idx:
+-        output.write('\n')
+-    output.write('};\n\n')
++        output.write(u'\n')
++    output.write(u'};\n\n')
+ 
+ def print_ssl_32(output, name, val):
+-    while val[0] == '\0':
+-        val = val[1:]
+-    while len(val) % 4:
+-        val = '\0' + val
+-    vnew = []
+-    while len(val):
+-        vnew.append((val[0], val[1], val[2], val[3], ))
+-        val = val[4:]
+-    vnew.reverse()
+-    output.write('static BN_ULONG %s[%d] = {\n' % (name, len(vnew)))
++    # OpenSSL expects 32-bit words given least-significant-word first.
++    vwords = bitwise_collect(val, 32)
++
++    output.write(u'static BN_ULONG {}[] = {{\n'.format(name))
+     idx = 0
+-    for v1, v2, v3, v4 in vnew:
++    for vword in vwords:
+         if not idx:
+-            output.write('\t')
+-        output.write('0x%.2x%.2x%.2x%.2x, ' % (ord(v1), ord(v2), ord(v3), ord(v4)))
++            output.write(u'\t')
++        output.write(u'0x{:08x}, '.format(vword))
+         idx += 1
+         if idx == 4:
+             idx = 0
+-            output.write('\n')
++            output.write(u'\n')
+     if idx:
+-        output.write('\n')
+-    output.write('};\n\n')
++        output.write(u'\n')
++    output.write(u'};\n\n')
+ 
+ def print_ssl(output, name, val):
++
++    output.write(u'#include <stdint.h>\n')
++    output.write(u'#include <openssl/bn.h>\n')
++
+     import struct
+-    output.write('#include <stdint.h>\n')
+     if len(struct.pack('@L', 0)) == 8:
+         return print_ssl_64(output, name, val)
+     else:
+         return print_ssl_32(output, name, val)
+ 
+ def print_ssl_keys(output, n):
+-    output.write(r'''
++    output.write(u'''
+ struct pubkey {
+ 	struct bignum_st e, n;
+ };
+ 
+-#define KEY(data) {				\
+-	.d = data,				\
+-	.top = sizeof(data)/sizeof(data[0]),	\
++#define KEY(data) {                          \\
++	.d = data,                           \\
++	.top = sizeof(data)/sizeof(data[0]), \\
+ }
+ 
+-#define KEYS(e,n)	{ KEY(e), KEY(n), }
++#define KEYS(e,n)    { KEY(e), KEY(n), }
+ 
+ static struct pubkey keys[] = {
+ ''')
+     for n in xrange(n + 1):
+-        output.write('	KEYS(e_%d, n_%d),\n' % (n, n))
+-    output.write('};\n')
++        output.write(u'	KEYS(e_{0}, n_{0}),\n'.format(n))
++    output.write(u'};\n')
+     pass
+ 
+ def print_gcrypt(output, name, val):
+-    output.write('#include <stdint.h>\n')
+-    while val[0] == '\0':
+-        val = val[1:]
+-    output.write('static const uint8_t %s[%d] = {\n' % (name, len(val)))
++    # gcrypt expects 8-bit words most-significant-word first
++    vwords = bitwise_collect(val, 8)
++    vwords.reverse()
++    
++    output.write(u'#include <stdint.h>\n')
++    output.write(u'static const uint8_t %s[%d] = {\n' % (name, len(vwords)))
+     idx = 0
+-    for v in val:
++    for vword in vwords:
+         if not idx:
+-            output.write('\t')
+-        output.write('0x%.2x, ' % ord(v))
++            output.write(u'\t')
++        output.write(u'0x{:02x}, '.format(vword))
+         idx += 1
+         if idx == 8:
+             idx = 0
+-            output.write('\n')
++            output.write(u'\n')
+     if idx:
+-        output.write('\n')
+-    output.write('};\n\n')
++        output.write(u'\n')
++    output.write(u'};\n\n')
+ 
+ def print_gcrypt_keys(output, n):
+-    output.write(r'''
++    output.write(u'''
+ struct key_params {
+ 	const uint8_t *e, *n;
+ 	uint32_t len_e, len_n;
+ };
+ 
+-#define KEYS(_e, _n) {			\
+-	.e = _e, .len_e = sizeof(_e),	\
+-	.n = _n, .len_n = sizeof(_n),	\
++#define KEYS(_e, _n) {                \\
++	.e = _e, .len_e = sizeof(_e), \\
++	.n = _n, .len_n = sizeof(_n), \\
+ }
+ 
+ static const struct key_params keys[] = {
+ ''')
+-    for n in xrange(n + 1):
+-        output.write('	KEYS(e_%d, n_%d),\n' % (n, n))
+-    output.write('};\n')
+-    
++    for n in range(n + 1):
++        output.write(u'	KEYS(e_{0}, n_{0}),\n'.format(n))
++    output.write(u'};\n')
++
+ 
+ modes = {
+     '--ssl': (print_ssl, print_ssl_keys),
+@@ -135,21 +137,21 @@ except IndexError:
+     mode = None
+ 
+ if not mode in modes:
+-    print 'Usage: %s [%s] input-file... output-file' % (sys.argv[0], '|'.join(modes.keys()))
++    print('Usage: {} [{}] input-file... output-file'.format(sys.argv[0], '|'.join(modes.keys())))
+     sys.exit(2)
+ 
+-output = open(outfile, 'w')
++output = io.open(outfile, 'w')
+ 
+ # load key
+ idx = 0
+ for f in files:
+-    try:
+-        key = RSA.load_pub_key(f)
+-    except RSA.RSAError:
+-        key = RSA.load_key(f)
+ 
+-    modes[mode][0](output, 'e_%d' % idx, key.e[4:])
+-    modes[mode][0](output, 'n_%d' % idx, key.n[4:])
++    key_contents = io.open(f, 'rb').read()
++    key = RSA.importKey(key_contents)
++
++    modes[mode][0](output, 'e_{}'.format(idx), key.e)
++    modes[mode][0](output, 'n_{}'.format(idx), key.n)
++
+     idx += 1
+ 
+ modes[mode][1](output, idx - 1)
+
diff --git a/crda.changes b/crda.changes
index 5099051..1d601c4 100644
--- a/crda.changes
+++ b/crda.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Mar 12 11:34:19 CET 2020 - ro@suse.de
+
+- add patch crda-python3.patch to build using python3
+  it is actually only used for a small helper script splitting
+  pem files to individual keys 
+
 -------------------------------------------------------------------
 Sat Jun  3 09:30:42 UTC 2017 - meissner@suse.com
 
diff --git a/crda.spec b/crda.spec
index 8e94921..76ffdd7 100644
--- a/crda.spec
+++ b/crda.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package crda
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -12,26 +12,26 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
 %{!?_udevrulesdir: %global _udevrulesdir %(pkg-config --variable=udevdir udev)/rules.d }
-
-Url:            http://linuxwireless.org/en/developers/Regulatory/CRDA
+%define skip_python2 1
 
 Name:           crda
 Summary:        802.11 central regulatory domain agent
 License:        SUSE-Copyleft-Next-0.3.0
 Group:          Hardware/Wifi
+URL:            http://linuxwireless.org/en/developers/Regulatory/CRDA
 Version:        3.18
 Release:        0
 Source:         http://kernel.org/pub/software/network/crda/crda-%{version}.tar.xz
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  libgcrypt-devel
 BuildRequires:  pkg-config
-BuildRequires:  python
-BuildRequires:  python-m2crypto
+BuildRequires:  python3
+BuildRequires:  python3-pycrypto
 BuildRequires:  wireless-regdb
 BuildRequires:  pkgconfig(libnl-3.0)
 BuildRequires:  pkgconfig(udev)
@@ -39,6 +39,7 @@ Requires:       wireless-regdb
 Supplements:    kernel >= 2.6.29
 # PATCH-FIX-OPENSUSE gcc6-fix-errors.patch -- Fix errors seen by GCC6.
 Patch0:         gcc6-fix-errors.patch
+Patch1:         crda-python3.patch
 
 %description
 The crda binary provides access to the wireless-regdb to the kernel
@@ -47,6 +48,7 @@ through udev.
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
 # make install calls 'ldconfig' and fails if it cannot run it...
 ln -s /bin/true ldconfig