diff --git a/Fix-pubkey-info-difference.patch b/Fix-pubkey-info-difference.patch new file mode 100644 index 0000000..07c0550 --- /dev/null +++ b/Fix-pubkey-info-difference.patch @@ -0,0 +1,241 @@ +From d72ae2a1d5ed75dec5de8839e3bc6d0f174d6f39 Mon Sep 17 00:00:00 2001 +From: wang--ge +Date: Fri, 26 May 2023 11:42:20 +0800 +Subject: [PATCH] fix pubkey info difference + +--- + tests/001-keyiread-ec/prequal.sh | 2 + + tests/003-csrgen-ec/prequal.sh | 2 + + tests/003-csrgen-rsa/expected.out.2 | 77 +++++++++++++++++++++++ + tests/003-csrgen/expected.out.2 | 96 +++++++++++++++++++++++++++++ + tests/004-selfsign-ec/prequal.sh | 2 + + tests/036-getcert/expected.out.2 | 3 + + 6 files changed, 182 insertions(+) + create mode 100644 tests/001-keyiread-ec/prequal.sh + create mode 100644 tests/003-csrgen-ec/prequal.sh + create mode 100644 tests/003-csrgen-rsa/expected.out.2 + create mode 100644 tests/003-csrgen/expected.out.2 + create mode 100644 tests/004-selfsign-ec/prequal.sh + create mode 100644 tests/036-getcert/expected.out.2 + +diff --git a/tests/001-keyiread-ec/prequal.sh b/tests/001-keyiread-ec/prequal.sh +new file mode 100644 +index 0000000..ecdbef9 +--- /dev/null ++++ b/tests/001-keyiread-ec/prequal.sh +@@ -0,0 +1,2 @@ ++#!/bin/sh ++exit 1 +diff --git a/tests/003-csrgen-ec/prequal.sh b/tests/003-csrgen-ec/prequal.sh +new file mode 100644 +index 0000000..ecdbef9 +--- /dev/null ++++ b/tests/003-csrgen-ec/prequal.sh +@@ -0,0 +1,2 @@ ++#!/bin/sh ++exit 1 +diff --git a/tests/003-csrgen-rsa/expected.out.2 b/tests/003-csrgen-rsa/expected.out.2 +new file mode 100644 +index 0000000..7418ed1 +--- /dev/null ++++ b/tests/003-csrgen-rsa/expected.out.2 +@@ -0,0 +1,77 @@ ++pk12util: PKCS12 EXPORT SUCCESSFUL ++2048 OK. ++Signature OK ++pk12util: PKCS12 EXPORT SUCCESSFUL ++3072 OK. ++Signature OK ++pk12util: PKCS12 EXPORT SUCCESSFUL ++4096 OK. ++Signature OK ++The last CSR (the one with everything) was: ++ 0:d=0 hl=4 l=1312 cons: SEQUENCE ++ 4:d=1 hl=4 l=1032 cons: SEQUENCE ++ 8:d=2 hl=2 l= 1 prim: INTEGER :00 ++ 11:d=2 hl=2 l= 22 cons: SEQUENCE ++ 13:d=3 hl=2 l= 20 cons: SET ++ 15:d=4 hl=2 l= 18 cons: SEQUENCE ++ 17:d=5 hl=2 l= 3 prim: OBJECT :commonName ++ 22:d=5 hl=2 l= 11 prim: PRINTABLESTRING :Babs Jensen ++ 35:d=2 hl=4 l= 290 cons: SEQUENCE ++ 39:d=3 hl=2 l= 13 cons: SEQUENCE ++ 41:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption ++ 52:d=4 hl=2 l= 0 prim: NULL ++ 54:d=3 hl=4 l= 271 prim: BIT STRING ++ 329:d=2 hl=4 l= 707 cons: cont [ 0 ] ++ 333:d=3 hl=2 l= 52 cons: SEQUENCE ++ 335:d=4 hl=2 l= 9 prim: OBJECT :challengePassword ++ 346:d=4 hl=2 l= 39 cons: SET ++ 348:d=5 hl=2 l= 37 prim: PRINTABLESTRING :ChallengePasswordIsEncodedInPlainText ++ 387:d=3 hl=2 l= 61 cons: SEQUENCE ++ 389:d=4 hl=2 l= 9 prim: OBJECT :friendlyName ++ 400:d=4 hl=2 l= 48 cons: SET ++ 402:d=5 hl=2 l= 46 prim: BMPSTRING ++ 450:d=3 hl=4 l= 586 cons: SEQUENCE ++ 454:d=4 hl=2 l= 9 prim: OBJECT :Extension Request ++ 465:d=4 hl=4 l= 571 cons: SET ++ 469:d=5 hl=4 l= 567 cons: SEQUENCE ++ 473:d=6 hl=2 l= 14 cons: SEQUENCE ++ 475:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage ++ 480:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 483:d=7 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205E0 ++ 489:d=6 hl=3 l= 164 cons: SEQUENCE ++ 492:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative Name ++ 497:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 500:d=7 hl=3 l= 153 prim: OCTET STRING [HEX DUMP]:30819682096C6F63616C686F737482156C6F63616C686F73742E6C6F63616C646F6D61696E810E726F6F74406C6F63616C686F7374811A726F6F74406C6F63616C686F73742E6C6F63616C646F6D61696EA020060A2B060104018237140203A0120C10726F6F74404558414D504C452E434F4DA024060A2B060104018237140203A0160C14726F6F7440464F4F2E4558414D504C452E434F4D ++ 656:d=6 hl=2 l= 32 cons: SEQUENCE ++ 658:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage ++ 663:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 666:d=7 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:301406082B0601050507030206082B06010505070304 ++ 690:d=6 hl=2 l= 18 cons: SEQUENCE ++ 692:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints ++ 697:d=7 hl=2 l= 1 prim: BOOLEAN :255 ++ 700:d=7 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:30060101FF020103 ++ 710:d=6 hl=2 l= 34 cons: SEQUENCE ++ 712:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier ++ 717:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 720:d=7 hl=2 l= 24 prim: OCTET STRING [HEX DUMP]:30168014A9993E364706816ABA3E25717850C26C9CD0D89D ++ 746:d=6 hl=2 l= 32 cons: SEQUENCE ++ 748:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier ++ 753:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 756:d=7 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:0414A9993E364706816ABA3E25717850C26C9CD0D89D ++ 780:d=6 hl=2 l= 107 cons: SEQUENCE ++ 782:d=7 hl=2 l= 8 prim: OBJECT :Authority Information Access ++ 792:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 795:d=7 hl=2 l= 92 prim: OCTET STRING [HEX DUMP]:305A302B06082B06010505073001861F687474703A2F2F6F6373702D312E6578616D706C652E636F6D3A3132333435302B06082B06010505073001861F687474703A2F2F6F6373702D322E6578616D706C652E636F6D3A3132333435 ++ 889:d=6 hl=2 l= 96 cons: SEQUENCE ++ 891:d=7 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution Points ++ 896:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 899:d=7 hl=2 l= 86 prim: OCTET STRING [HEX DUMP]:30543028A026A0248622687474703A2F2F63726C2D312E6578616D706C652E636F6D3A31323334352F6765743028A026A0248622687474703A2F2F63726C2D322E6578616D706C652E636F6D3A31323334352F676574 ++ 987:d=6 hl=2 l= 51 cons: SEQUENCE ++ 989:d=7 hl=2 l= 9 prim: OBJECT :Netscape Comment ++ 1000:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 1003:d=7 hl=2 l= 35 prim: OCTET STRING [HEX DUMP]:1621636572746D6F6E6765722067656E65726174656420746869732072657175657374 ++ 1040:d=1 hl=2 l= 13 cons: SEQUENCE ++ 1042:d=2 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption ++ 1053:d=2 hl=2 l= 0 prim: NULL ++ 1055:d=1 hl=4 l= 257 prim: BIT STRING ++Test complete (32 combinations). +diff --git a/tests/003-csrgen/expected.out.2 b/tests/003-csrgen/expected.out.2 +new file mode 100644 +index 0000000..695d364 +--- /dev/null ++++ b/tests/003-csrgen/expected.out.2 +@@ -0,0 +1,96 @@ ++pk12util: PKCS12 EXPORT SUCCESSFUL ++Signature OK ++minicert.openssl.2048.pem: OK ++2048 OK. ++pk12util: PKCS12 EXPORT SUCCESSFUL ++Signature OK ++minicert.openssl.3072.pem: OK ++3072 OK. ++pk12util: PKCS12 EXPORT SUCCESSFUL ++Signature OK ++minicert.openssl.4096.pem: OK ++4096 OK. ++The last CSR (the one with everything) was: ++ 0:d=0 hl=4 l=1532 cons: SEQUENCE ++ 4:d=1 hl=4 l=1252 cons: SEQUENCE ++ 8:d=2 hl=2 l= 1 prim: INTEGER :00 ++ 11:d=2 hl=2 l= 22 cons: SEQUENCE ++ 13:d=3 hl=2 l= 20 cons: SET ++ 15:d=4 hl=2 l= 18 cons: SEQUENCE ++ 17:d=5 hl=2 l= 3 prim: OBJECT :commonName ++ 22:d=5 hl=2 l= 11 prim: PRINTABLESTRING :Cloud, Inc. ++ 35:d=2 hl=4 l= 290 cons: SEQUENCE ++ 39:d=3 hl=2 l= 13 cons: SEQUENCE ++ 41:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption ++ 52:d=4 hl=2 l= 0 prim: NULL ++ 54:d=3 hl=4 l= 271 prim: BIT STRING ++ 329:d=2 hl=4 l= 927 cons: cont [ 0 ] ++ 333:d=3 hl=2 l= 52 cons: SEQUENCE ++ 335:d=4 hl=2 l= 9 prim: OBJECT :challengePassword ++ 346:d=4 hl=2 l= 39 cons: SET ++ 348:d=5 hl=2 l= 37 prim: PRINTABLESTRING :ChallengePasswordIsEncodedInPlainText ++ 387:d=3 hl=2 l= 61 cons: SEQUENCE ++ 389:d=4 hl=2 l= 9 prim: OBJECT :friendlyName ++ 400:d=4 hl=2 l= 48 cons: SET ++ 402:d=5 hl=2 l= 46 prim: BMPSTRING ++ 450:d=3 hl=4 l= 806 cons: SEQUENCE ++ 454:d=4 hl=2 l= 9 prim: OBJECT :Extension Request ++ 465:d=4 hl=4 l= 791 cons: SET ++ 469:d=5 hl=4 l= 787 cons: SEQUENCE ++ 473:d=6 hl=2 l= 14 cons: SEQUENCE ++ 475:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage ++ 480:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 483:d=7 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205E0 ++ 489:d=6 hl=3 l= 188 cons: SEQUENCE ++ 492:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative Name ++ 497:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 500:d=7 hl=3 l= 177 prim: OCTET STRING [HEX DUMP]:3081AE82096C6F63616C686F737482156C6F63616C686F73742E6C6F63616C646F6D61696E810E726F6F74406C6F63616C686F7374811A726F6F74406C6F63616C686F73742E6C6F63616C646F6D61696EA020060A2B060104018237140203A0120C10726F6F74404558414D504C452E434F4DA024060A2B060104018237140203A0160C14726F6F7440464F4F2E4558414D504C452E434F4D87047F000001871000000000000000000000000000000001 ++ 680:d=6 hl=2 l= 32 cons: SEQUENCE ++ 682:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage ++ 687:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 690:d=7 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:301406082B0601050507030206082B06010505070304 ++ 714:d=6 hl=2 l= 18 cons: SEQUENCE ++ 716:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints ++ 721:d=7 hl=2 l= 1 prim: BOOLEAN :255 ++ 724:d=7 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:30060101FF020103 ++ 734:d=6 hl=2 l= 34 cons: SEQUENCE ++ 736:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier ++ 741:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 744:d=7 hl=2 l= 24 prim: OCTET STRING [HEX DUMP]:30168014A9993E364706816ABA3E25717850C26C9CD0D89D ++ 770:d=6 hl=2 l= 32 cons: SEQUENCE ++ 772:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier ++ 777:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 780:d=7 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:0414A9993E364706816ABA3E25717850C26C9CD0D89D ++ 804:d=6 hl=2 l= 107 cons: SEQUENCE ++ 806:d=7 hl=2 l= 8 prim: OBJECT :Authority Information Access ++ 816:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 819:d=7 hl=2 l= 92 prim: OCTET STRING [HEX DUMP]:305A302B06082B06010505073001861F687474703A2F2F6F6373702D312E6578616D706C652E636F6D3A3132333435302B06082B06010505073001861F687474703A2F2F6F6373702D322E6578616D706C652E636F6D3A3132333435 ++ 913:d=6 hl=2 l= 96 cons: SEQUENCE ++ 915:d=7 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution Points ++ 920:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 923:d=7 hl=2 l= 86 prim: OCTET STRING [HEX DUMP]:30543028A026A0248622687474703A2F2F63726C2D312E6578616D706C652E636F6D3A31323334352F6765743028A026A0248622687474703A2F2F63726C2D322E6578616D706C652E636F6D3A31323334352F676574 ++ 1011:d=6 hl=2 l= 106 cons: SEQUENCE ++ 1013:d=7 hl=2 l= 3 prim: OBJECT :X509v3 Freshest CRL ++ 1018:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 1021:d=7 hl=2 l= 96 prim: OCTET STRING [HEX DUMP]:305E302DA02BA0298627687474703A2F2F63726C2D312E6578616D706C652E636F6D3A31323334352F67657464656C7461302DA02BA0298627687474703A2F2F63726C2D322E6578616D706C652E636F6D3A31323334352F67657464656C7461 ++ 1119:d=6 hl=2 l= 51 cons: SEQUENCE ++ 1121:d=7 hl=2 l= 9 prim: OBJECT :Netscape Comment ++ 1132:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 1135:d=7 hl=2 l= 35 prim: OCTET STRING [HEX DUMP]:1621636572746D6F6E6765722067656E65726174656420746869732072657175657374 ++ 1172:d=6 hl=2 l= 18 cons: SEQUENCE ++ 1174:d=7 hl=2 l= 9 prim: OBJECT :OCSP No Check ++ 1185:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 1188:d=7 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:0500 ++ 1192:d=6 hl=2 l= 44 cons: SEQUENCE ++ 1194:d=7 hl=2 l= 9 prim: OBJECT :1.3.6.1.4.1.311.20.2 ++ 1205:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 1208:d=7 hl=2 l= 28 prim: OCTET STRING [HEX DUMP]:1E1A006300610041007700650073006F006D00650043006500720074 ++ 1238:d=6 hl=2 l= 20 cons: SEQUENCE ++ 1240:d=7 hl=2 l= 9 prim: OBJECT :Netscape Cert Type ++ 1251:d=7 hl=2 l= 1 prim: BOOLEAN :0 ++ 1254:d=7 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0 ++ 1260:d=1 hl=2 l= 13 cons: SEQUENCE ++ 1262:d=2 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption ++ 1273:d=2 hl=2 l= 0 prim: NULL ++ 1275:d=1 hl=4 l= 257 prim: BIT STRING ++Test complete (69 combinations). +diff --git a/tests/004-selfsign-ec/prequal.sh b/tests/004-selfsign-ec/prequal.sh +new file mode 100644 +index 0000000..ecdbef9 +--- /dev/null ++++ b/tests/004-selfsign-ec/prequal.sh +@@ -0,0 +1,2 @@ ++#!/bin/sh ++exit 1 +diff --git a/tests/036-getcert/expected.out.2 b/tests/036-getcert/expected.out.2 +new file mode 100644 +index 0000000..2454717 +--- /dev/null ++++ b/tests/036-getcert/expected.out.2 +@@ -0,0 +1,3 @@ ++[Files, initial.] ++Error initializing Kerberos library: Included profile file could not be read. ++certs:0 +-- +2.27.0 + diff --git a/certmonger.spec b/certmonger.spec index 193fa11..6af18fb 100644 --- a/certmonger.spec +++ b/certmonger.spec @@ -1,12 +1,13 @@ Name: certmonger Version: 0.79.11 -Release: 4 +Release: 5 Summary: Certificate status monitor and PKI enrollment client License: GPLv3+ URL: http://pagure.io/certmonger/ Source0: https://pagure.io/certmonger/archive/certmonger-%{version}/certmonger-certmonger-%{version}.tar.gz Patch0001: Don-t-free-soptions-while-it-is-still-needed.patch +Patch0002: Fix-pubkey-info-difference.patch BuildRequires: autoconf automake gettext-devel gcc openldap-devel krb5-devel BuildRequires: libidn2-devel dbus-devel nspr-devel nss-devel openssl-devel @@ -32,6 +33,9 @@ This package provides docs for user of certmonger. %prep %autosetup -n certmonger-certmonger-%{version} -p1 +chmod 755 tests/001-keyiread-ec/prequal.sh +chmod 755 tests/003-csrgen-ec/prequal.sh +chmod 755 tests/004-selfsign-ec/prequal.sh %build autoreconf -i -f @@ -108,6 +112,9 @@ fi %{_mandir}/man*/* %changelog +* Fri May 26 2023 Ge Wang - 0.79.11-5 +- fix pubkey info differnce + * Sat Sep 11 2021 wutao - 0.79.11-4 - delete help package provides certmonger to solve conflicts