Hello community, here is the log from the commit of package cjose for openSUSE:Factory checked in at 2019-10-31 22:39:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cjose (Old) and /work/SRC/openSUSE:Factory/.cjose.new.2990 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "cjose" Thu Oct 31 22:39:44 2019 rev:3 rq:744472 version:0.6.1 Changes: -------- --- /work/SRC/openSUSE:Factory/cjose/cjose.changes 2019-09-16 10:53:15.639150019 +0200 +++ /work/SRC/openSUSE:Factory/.cjose.new.2990/cjose.changes 2019-10-31 22:39:46.525436033 +0100 @@ -1,0 +2,7 @@ +Wed Oct 30 13:57:50 UTC 2019 - Kristyna Streitova <kstreitova@suse.com> + +- add cjose-0.6.1-concatkdf.patch to fix concatkdf failures on big + endian architectures [bsc#1149887] +- re-enable tests on s390 + +------------------------------------------------------------------- New: ---- cjose-0.6.1-concatkdf.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cjose.spec ++++++ --- /var/tmp/diff_new_pack.Hqe56u/_old 2019-10-31 22:39:47.477437216 +0100 +++ /var/tmp/diff_new_pack.Hqe56u/_new 2019-10-31 22:39:47.497437241 +0100 @@ -25,6 +25,7 @@ URL: https://github.com/cisco/cjose Source: https://github.com/cisco/cjose/archive/%{version}.tar.gz Patch0: cjose-ck_assert_bin_eq.patch +Patch1: cjose-0.6.1-concatkdf.patch BuildRequires: libtool BuildRequires: pkgconfig BuildRequires: pkgconfig(check) >= 0.9.4 @@ -63,10 +64,7 @@ find %{buildroot} -type f -name "*.la" -delete -print %check -# the tests fail on s390 -%ifnarch s390 s390x make %{?_smp_mflags} check -%endif %post -n libcjose0 -p /sbin/ldconfig %postun -n libcjose0 -p /sbin/ldconfig ++++++ cjose-0.6.1-concatkdf.patch ++++++

From 234509d22a2fcebcf2dfada33966ec7b49bf5c1a Mon Sep 17 00:00:00 2001 From: John Dennis <jdennis@redhat.com> Date: Thu, 2 Aug 2018 16:21:33 -0400 Subject: [PATCH] fix concatkdf failures on big endian architectures

Several of the elements used to compute the digest in ECDH-ES key agreement computation are represented in binary form as a 32-bit integer length followed by that number of octets. The 32-bit length integer is represented in big endian format (the 8 most significant bits are in the first octet.). The conversion to a 4 byte big endian integer was being computed in a manner that only worked on little endian architectures. The function htonl() returns a 32-bit integer whose octet sequence given the address of the integer is big endian. There is no need for any further manipulation. The existing code used bit shifting on a 32-bit value. In C bit shifting is endian agnostic for multi-octet values, a right shift moves most significant bits toward least significant bits. The result of a bit shift of a multi-octet value on either big or little archictures will always be the same provided you "view" it as the same data type (e.g. 32-bit integer). But indexing the octets of that mulit-octet value will be different depending on endianness, hence the assembled octets differed depending on endianness. Issue: #77 Signed-off-by: John Dennis <jdennis@redhat.com> --- src/concatkdf.c | 10 ++-------- test/check_concatkdf.c | 11 +++-------- 2 files changed, 5 insertions(+), 16 deletions(-) Index: cjose-0.6.1/src/concatkdf.c =================================================================== --- cjose-0.6.1.orig/src/concatkdf.c +++ cjose-0.6.1/src/concatkdf.c @@ -16,14 +16,9 @@ //////////////////////////////////////////////////////////////////////////////// static uint8_t *_apply_uint32(const uint32_t value, uint8_t *buffer) { - const uint32_t formatted = htonl(value); - const uint8_t data[4] = { - (formatted >> 0) & 0xff, - (formatted >> 8) & 0xff, - (formatted >> 16) & 0xff, - (formatted >> 24) & 0xff - }; - memcpy(buffer, data, 4); + const uint32_t big_endian_int32 = htonl(value); + + memcpy(buffer, &big_endian_int32, 4); return buffer + 4; } Index: cjose-0.6.1/test/check_concatkdf.c =================================================================== --- cjose-0.6.1.orig/test/check_concatkdf.c +++ cjose-0.6.1/test/check_concatkdf.c @@ -60,14 +60,9 @@ _create_otherinfo_header_finish: static bool _cmp_uint32(uint8_t **actual, uint32_t expected) { - uint32_t value = htonl(expected); - uint8_t expectedData[] = { - (value >> 0) & 0xff, - (value >> 8) & 0xff, - (value >> 16) & 0xff, - (value >> 24) & 0xff - }; - bool result = (0 == memcmp(*actual, expectedData, 4)); + uint32_t big_endian_int32 = htonl(expected); + + bool result = (0 == memcmp(*actual, &big_endian_int32, 4)); (*actual) += 4; return result; }