From 9de1d175812659bca86b36f6f07ea6b3301785d3 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Fri, 22 Sep 2023 16:04:10 +0300 Subject: [PATCH] import cjose-0.6.1-16.el9 --- .cjose.metadata | 1 + .gitignore | 1 + ...ne-OPENSSL_API_COMPAT-to-0x10101000L.patch | 53 +++++++ SOURCES/0002-check-cjose_get_alloc.patch | 25 ++++ SOURCES/0003-CVE-2023-37464.patch | 91 ++++++++++++ SOURCES/concatkdf.patch | 74 ++++++++++ SPECS/cjose.spec | 133 ++++++++++++++++++ 7 files changed, 378 insertions(+) create mode 100644 .cjose.metadata create mode 100644 .gitignore create mode 100644 SOURCES/0001-Define-OPENSSL_API_COMPAT-to-0x10101000L.patch create mode 100644 SOURCES/0002-check-cjose_get_alloc.patch create mode 100644 SOURCES/0003-CVE-2023-37464.patch create mode 100644 SOURCES/concatkdf.patch create mode 100644 SPECS/cjose.spec diff --git a/.cjose.metadata b/.cjose.metadata new file mode 100644 index 0000000..8a1ae75 --- /dev/null +++ b/.cjose.metadata @@ -0,0 +1 @@ +0dd6efca729f1190f66855523c3920c3f7ddd482 SOURCES/cjose-0.6.1.tar.gz diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8b3f913 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/cjose-0.6.1.tar.gz diff --git a/SOURCES/0001-Define-OPENSSL_API_COMPAT-to-0x10101000L.patch b/SOURCES/0001-Define-OPENSSL_API_COMPAT-to-0x10101000L.patch new file mode 100644 index 0000000..5a6278d --- /dev/null +++ b/SOURCES/0001-Define-OPENSSL_API_COMPAT-to-0x10101000L.patch @@ -0,0 +1,53 @@ +From b339a18aa06c78d64ac33d891d400eac7b86fff3 Mon Sep 17 00:00:00 2001 +From: Jakub Hrozek +Date: Mon, 17 May 2021 13:30:24 +0200 +Subject: [PATCH] Define OPENSSL_API_COMPAT to 0x10101000L + +--- + src/jwe.c | 2 ++ + src/jwk.c | 2 ++ + src/jws.c | 2 ++ + 3 files changed, 6 insertions(+) + +diff --git a/src/jwe.c b/src/jwe.c +index 822d408..d6f3149 100644 +--- a/src/jwe.c ++++ b/src/jwe.c +@@ -5,6 +5,8 @@ + * Copyright (c) 2014-2016 Cisco Systems, Inc. All Rights Reserved. + */ + ++#define OPENSSL_API_COMPAT 0x10101000L ++ + #include + #include + #include +diff --git a/src/jwk.c b/src/jwk.c +index 860f0e7..87408e9 100644 +--- a/src/jwk.c ++++ b/src/jwk.c +@@ -5,6 +5,8 @@ + * Copyright (c) 2014-2016 Cisco Systems, Inc. All Rights Reserved. + */ + ++#define OPENSSL_API_COMPAT 0x10101000L ++ + #include "include/jwk_int.h" + #include "include/util_int.h" + +diff --git a/src/jws.c b/src/jws.c +index 4e03554..9d682a0 100644 +--- a/src/jws.c ++++ b/src/jws.c +@@ -5,6 +5,8 @@ + * Copyright (c) 2014-2016 Cisco Systems, Inc. All Rights Reserved. + */ + ++#define OPENSSL_API_COMPAT 0x10101000L ++ + #include + #include + #include +-- +2.31.1 + diff --git a/SOURCES/0002-check-cjose_get_alloc.patch b/SOURCES/0002-check-cjose_get_alloc.patch new file mode 100644 index 0000000..bcf02f5 --- /dev/null +++ b/SOURCES/0002-check-cjose_get_alloc.patch @@ -0,0 +1,25 @@ +commit 54d449473b21e93805070264791e80f84f601b4d +Author: Hans Zandbelt +Date: Tue Apr 5 20:51:20 2022 +0200 + + check result of cek = cjose_get_alloc()(cek_len) in jwe.c + + see: https://github.com/cisco/cjose/issues/110 + + Signed-off-by: Hans Zandbelt + +diff --git a/src/jwe.c b/src/jwe.c +index 4285097..157ddec 100644 +--- a/src/jwe.c ++++ b/src/jwe.c +@@ -2064,6 +2064,10 @@ uint8_t *cjose_jwe_decrypt_multi(cjose_jwe_t *jwe, cjose_key_locator key_locator + { + cek_len = jwe->cek_len; + cek = cjose_get_alloc()(cek_len); ++ if (!cek) { ++ CJOSE_ERROR(err, CJOSE_ERR_NO_MEMORY); ++ return NULL; ++ } + memcpy(cek, jwe->cek, cek_len); + } + else diff --git a/SOURCES/0003-CVE-2023-37464.patch b/SOURCES/0003-CVE-2023-37464.patch new file mode 100644 index 0000000..0b77cba --- /dev/null +++ b/SOURCES/0003-CVE-2023-37464.patch @@ -0,0 +1,91 @@ +diff -up cjose-0.6.1/src/jwe.c.orig cjose-0.6.1/src/jwe.c +--- cjose-0.6.1/src/jwe.c.orig 2023-07-19 16:23:44.658712950 +0200 ++++ cjose-0.6.1/src/jwe.c 2023-07-19 16:55:02.173914437 +0200 +@@ -1227,6 +1227,12 @@ static bool _cjose_jwe_decrypt_dat_a256g + goto _cjose_jwe_decrypt_dat_a256gcm_fail; + } + ++ if (jwe->enc_auth_tag.raw_len != 16) ++ { ++ CJOSE_ERROR(err, CJOSE_ERR_CRYPTO); ++ goto _cjose_jwe_decrypt_dat_a256gcm_fail; ++ } ++ + // set the expected GCM-mode authentication tag + if (EVP_CIPHER_CTX_ctrl(ctx, CJOSE_EVP_CTRL_GCM_SET_TAG, jwe->enc_auth_tag.raw_len, jwe->enc_auth_tag.raw) != 1) + { +diff -up cjose-0.6.1/test/check_jwe.c.orig cjose-0.6.1/test/check_jwe.c +--- cjose-0.6.1/test/check_jwe.c.orig 2018-04-12 00:39:58.000000000 +0200 ++++ cjose-0.6.1/test/check_jwe.c 2023-07-19 16:38:45.412336742 +0200 +@@ -809,6 +809,63 @@ START_TEST(test_cjose_jwe_decrypt_aes) + } + END_TEST + ++START_TEST(test_cjose_jwe_decrypt_aes_gcm) ++{ ++ cjose_err err; ++ ++ const char *key = JWK_OCT_32; ++ const char *plain1 = "Live long and prosper."; ++ char *compact1 = "eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..Du_9fxxV-zrReaWC.aS_rpokeuxkaPc2sykcQDCQuJCYoww.GpeKGEqd8KQ0v6JNea5aSA"; ++ char *compact2 = "eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..Du_9fxxV-zrReaWC.aS_rpokeuxkaPc2sykcQDCQuJCYoww.Gp"; ++ ++ cjose_jwk_t *jwk = cjose_jwk_import(key, strlen(key), &err); ++ ck_assert_msg(NULL != jwk, ++ "cjose_jwk_import failed: " ++ "%s, file: %s, function: %s, line: %ld", ++ err.message, err.file, err.function, err.line); ++ ++ cjose_jwe_t *jwe1 = cjose_jwe_import(compact1, strlen(compact1), &err); ++ ck_assert_msg(NULL != jwe1, ++ "cjose_jwe_import failed: " ++ "%s, file: %s, function: %s, line: %ld", ++ err.message, err.file, err.function, err.line); ++ ++ uint8_t *plain2 = NULL; ++ size_t plain2_len = 0; ++ plain2 = cjose_jwe_decrypt(jwe1, jwk, &plain2_len, &err); ++ ck_assert_msg(NULL != plain2, ++ "cjose_jwe_decrypt failed: " ++ "%s, file: %s, function: %s, line: %ld", ++ err.message, err.file, err.function, err.line); ++ ++ ck_assert_msg(plain2_len == strlen(plain1), ++ "length of decrypted plaintext does not match length of original, " ++ "expected: %lu, found: %lu", ++ strlen(plain1), plain2_len); ++ ck_assert_msg(strncmp(plain1, plain2, plain2_len) == 0, "decrypted plaintext does not match encrypted plaintext"); ++ ++ cjose_get_dealloc()(plain2); ++ cjose_jwe_release(jwe1); ++ ++ cjose_jwe_t *jwe2 = cjose_jwe_import(compact2, strlen(compact2), &err); ++ ck_assert_msg(NULL != jwe2, ++ "cjose_jwe_import failed: " ++ "%s, file: %s, function: %s, line: %ld", ++ err.message, err.file, err.function, err.line); ++ ++ uint8_t *plain3 = NULL; ++ size_t plain3_len = 0; ++ plain3 = cjose_jwe_decrypt(jwe2, jwk, &plain3_len, &err); ++ ck_assert_msg(NULL == plain3, ++ "cjose_jwe_decrypt succeeded where it should have failed: " ++ "%s, file: %s, function: %s, line: %ld", ++ err.message, err.file, err.function, err.line); ++ ++ cjose_jwe_release(jwe2); ++ cjose_jwk_release(jwk); ++} ++END_TEST ++ + START_TEST(test_cjose_jwe_decrypt_rsa) + { + struct cjose_jwe_decrypt_rsa +@@ -1210,6 +1267,7 @@ Suite *cjose_jwe_suite() + tcase_add_test(tc_jwe, test_cjose_jwe_self_encrypt_self_decrypt_large); + tcase_add_test(tc_jwe, test_cjose_jwe_self_encrypt_self_decrypt_many); + tcase_add_test(tc_jwe, test_cjose_jwe_decrypt_aes); ++ tcase_add_test(tc_jwe, test_cjose_jwe_decrypt_aes_gcm); + tcase_add_test(tc_jwe, test_cjose_jwe_decrypt_rsa); + tcase_add_test(tc_jwe, test_cjose_jwe_encrypt_with_bad_header); + tcase_add_test(tc_jwe, test_cjose_jwe_encrypt_with_bad_key); diff --git a/SOURCES/concatkdf.patch b/SOURCES/concatkdf.patch new file mode 100644 index 0000000..abeccaf --- /dev/null +++ b/SOURCES/concatkdf.patch @@ -0,0 +1,74 @@ +commit 0238eb8f3612515f4374381b593dd79116169330 +Author: John Dennis +Date: Thu Aug 2 16:21:33 2018 -0400 + + fix concatkdf failures on big endian architectures + + Several of the elements used to compute the digest in ECDH-ES key + agreement computation are represented in binary form as a 32-bit + integer length followed by that number of octets. the length + field. The 32-bit length integer is represented in big endian + format (the 8 most significant bits are in the first octet.). + + The conversion to a 4 byte big endian integer was being computed + in a manner that only worked on little endian architectures. The + function htonl() returns a 32-bit integer whose octet sequence given + the address of the integer is big endian. There is no need for any + further manipulation. + + The existing code used bit shifting on a 32-bit value. In C bit + shifting is endian agnostic for multi-octet values, a right shift + moves most significant bits toward least significant bits. The result + of a bit shift of a multi-octet value on either big or little + archictures will always be the same provided you "view" it as the same + data type (e.g. 32-bit integer). But indexing the octets of that + mulit-octet value will be different depending on endianness, hence the + assembled octets differed depending on endianness. + + Issue: #77 + Signed-off-by: John Dennis + +diff --git a/src/concatkdf.c b/src/concatkdf.c +index ec064ab..59b845a 100644 +--- a/src/concatkdf.c ++++ b/src/concatkdf.c +@@ -29,15 +29,9 @@ + //////////////////////////////////////////////////////////////////////////////// + static uint8_t *_apply_uint32(const uint32_t value, uint8_t *buffer) + { +- const uint32_t formatted = htonl(value); +- const uint8_t data[4] = { +- (formatted >> 0) & 0xff, +- (formatted >> 8) & 0xff, +- (formatted >> 16) & 0xff, +- (formatted >> 24) & 0xff +- }; +- memcpy(buffer, data, 4); ++ const uint32_t big_endian_int32 = htonl(value); + ++ memcpy(buffer, &big_endian_int32, 4); + return buffer + 4; + } + +diff --git a/test/check_concatkdf.c b/test/check_concatkdf.c +index e4325fc..41d0f1c 100644 +--- a/test/check_concatkdf.c ++++ b/test/check_concatkdf.c +@@ -60,14 +60,9 @@ _create_otherinfo_header_finish: + + static bool _cmp_uint32(uint8_t **actual, uint32_t expected) + { +- uint32_t value = htonl(expected); +- uint8_t expectedData[] = { +- (value >> 0) & 0xff, +- (value >> 8) & 0xff, +- (value >> 16) & 0xff, +- (value >> 24) & 0xff +- }; +- bool result = (0 == memcmp(*actual, expectedData, 4)); ++ uint32_t big_endian_int32 = htonl(expected); ++ ++ bool result = (0 == memcmp(*actual, &big_endian_int32, 4)); + (*actual) += 4; + return result; + } diff --git a/SPECS/cjose.spec b/SPECS/cjose.spec new file mode 100644 index 0000000..c0ed64c --- /dev/null +++ b/SPECS/cjose.spec @@ -0,0 +1,133 @@ +Name: cjose +Version: 0.6.1 +Release: 16%{?dist} +Summary: C library implementing the Javascript Object Signing and Encryption (JOSE) + +License: MIT +URL: https://github.com/cisco/cjose +Source0: https://github.com/cisco/%{name}/archive/%{version}/%{name}-%{version}.tar.gz + +Patch1: concatkdf.patch +Patch2: 0001-Define-OPENSSL_API_COMPAT-to-0x10101000L.patch +Patch3: 0002-check-cjose_get_alloc.patch +Patch4: 0003-CVE-2023-37464.patch + +BuildRequires: gcc +BuildRequires: doxygen +BuildRequires: openssl-devel +BuildRequires: jansson-devel +BuildRequires: check-devel +BuildRequires: make + +%description +Implementation of JOSE for C/C++ + + +%package devel +Summary: Development files for %{name} +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +The %{name}-devel package contains libraries and header files for +developing applications that use %{name}. + + +%prep +%autosetup -n %{name}-%{version} -p1 + +%build +%configure +%make_build + + +%install +%make_install +find %{buildroot} -name '*.a' -exec rm -f {} ';' +find %{buildroot} -name '*.la' -exec rm -f {} ';' + + +%ldconfig_scriptlets + + +%check +make check || (cat test/test-suite.log; exit 1) + +%files +%license LICENSE +%doc CHANGELOG.md README.md +%doc /usr/share/doc/cjose +%{_libdir}/*.so.* + + +%files devel +%{_includedir}/* +%{_libdir}/*.so +%{_libdir}/pkgconfig/cjose.pc + + +%changelog +* Wed Jul 19 2023 - 0.6.1-16 +- CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual + Authentication Tag provided in the JWE + Resolves: rhbz#2223308 + +* Wed May 3 2023 - 0.6.1-15 +- Rebuilt for gating + Related: rhbz#2180445 + +* Tue May 2 2023 - 0.6.1-14 +- Rebuilt for gating + Related: rhbz#2180445 + +* Tue Mar 21 2023 - 0.6.1-13 +- Random memory override + Resolves: rhbz#2180445 + +* Mon Aug 09 2021 Mohan Boddu - 0.6.1-12 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Wed Jul 28 2021 Florian Weimer - 0.6.1-11 +- Rebuild to pick up OpenSSL 3.0 Beta ABI (#1984097) + +* Wed Jun 16 2021 Mohan Boddu - 0.6.1-10 +- Rebuilt for RHEL 9 BETA for openssl 3.0 + Related: rhbz#1971065 + +* Mon May 17 2021 Jakub Hrozek - 0.6.1-9 +- enable build with openssl 3.0 +- Resolves: rhbz#1958026 + +* Thu Apr 15 2021 Mohan Boddu - 0.6.1-8 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Tue Jan 26 2021 Fedora Release Engineering - 0.6.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Mon Jul 27 2020 Fedora Release Engineering - 0.6.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jan 28 2020 Fedora Release Engineering - 0.6.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Wed Jul 24 2019 Fedora Release Engineering - 0.6.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu Jan 31 2019 Fedora Release Engineering - 0.6.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Thu Aug 2 2018 - 0.6.1-2 +- fix concatkdf big endian architecture problem. + Upstream issue #77. + +* Wed Aug 1 2018 - 0.6.1-1 +- upgrade to latest upstream 0.6.1 + +* Thu Jul 12 2018 Fedora Release Engineering - 0.5.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Feb 07 2018 Fedora Release Engineering - 0.5.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Fri Jan 26 2018 Patrick Uiterwijk - 0.5.1-1 +- Initial packaging