%if 0%{?rhel} >= 7 %global __python %{__python2} %global python python %else %global __python %{__python3} %global python python3 %endif # Use symlinks instead of the EASY entry scripts %bcond_with symlinks Summary: Key fingerprinting tools for CVE-2017-15361 Name: roca-detect Version: 1.2.12 Release: 4%{?dist} License: MIT Url: https://crocs.fi.muni.cz/public/papers/rsa_ccs17 Source0: https://github.com/crocs-muni/roca/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz # Remove coloredlogs dependency as it is not in Fedora as of f28 Patch0: roca-detect-color.patch BuildRequires: %{python}-future %{python}-cryptography %{python}-pgpdump BuildRequires: %{python}-setuptools %{python}-devel BuildRequires: /usr/bin/pathfix.py # Manual dependencies - in case auto dependency doesn't work %if 0%{?rhel} >= 7 Requires: %{python}-future %{python}-cryptography %{python}-pgpdump Requires: %{python}-six # el7 conflicts with python2-dateutil and doesn't work with python3 Requires: python-dateutil #Requires: %%{python}-dateutil %endif BuildArch: noarch %{?python_enable_dependency_generator} %description This tool is related to the ACM CCS 2017 conference paper #124 Return of the Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli. https://crocs.fi.muni.cz/public/papers/rsa_ccs17 Install this to test public RSA keys for the presence of the vulnerability described by CVE-2017-15361. %prep %setup -q -n roca-%{version} %patch0 -p0 -b .color # remove leftover version control from upstream find . -name .gitignore -delete # fix env shbang in CLI scripts pathfix.py -pni "%{__python} %{py_shbang_opts}" roca %build %py_build %install %py_install # make all CLI scripts executable to keep rpmlint happy, even though # we are using EASY introducers instead. chmod a+x `find %{buildroot}%{python_sitelib}/roca -name "*.py" | \ xargs grep -l '^#!.*python'` # Replace complex "EASY" universal wrapper with symlinks to cli scripts. %if %{with symlinks} ln -sf %{python_sitelib}/roca/detect.py %{buildroot}%{_bindir}/roca-detect ln -sf %{python_sitelib}/roca/detect_tls.py %{buildroot}%{_bindir}/roca-detect-tls %endif %check %{__python} -m unittest discover %files %doc README.md docs %license LICENSE %{_bindir}/roca-detect* %{python_sitelib}/roca %{python_sitelib}/roca_detect-%{version}* %changelog * Tue Sep 11 2018 Stuart D. Gathman 1.2.12-4 - Mark manual dependencies as needed for el7 * Tue Sep 11 2018 Stuart D. Gathman 1.2.12-3 - Use pathfix.py to fix shebangs - Use python dependency generator * Mon Sep 10 2018 Stuart D. Gathman 1.2.12-2 - Fix broken rhel condition typo - Fix unused (except in devel) env python shebangs to keep rpmlint happy * Mon Sep 10 2018 Stuart D. Gathman 1.2.12-1 - Use latest upstream unreleased tag for 1.2.12 * Mon Sep 10 2018 Stuart D. Gathman 1.2.1-7 - Make global option to use symlinks instead of EASY introducer * Sat Sep 8 2018 Stuart D. Gathman 1.2.1-6 - Patch cli scripts and symlink to them directly. - Add additional help to roca-detect-tls * Fri Sep 7 2018 Stuart D. Gathman 1.2.1-5 - Format SPEC with tabs and double space between sections - Split wrapper import into 2 lines * Tue Sep 4 2018 Stuart D. Gathman 1.2.1-4 - More changes from package review: - Keep upstream introducer name and symlink to it - Specify an additional directory level after sitelib in files * Mon Sep 3 2018 Stuart D. Gathman 1.2.1-3 - More suggestions from package review * Mon Sep 3 2018 Stuart D. Gathman 1.2.1-2 - Change more nits from Fedora package review * Mon Sep 3 2018 Stuart D. Gathman 1.2.1-1 - py3 support - New upstream release * Thu Oct 19 2017 Stuart D. Gathman 1.0.7-3 - SPEC file nits from Fedora package review * Wed Oct 18 2017 Stuart D. Gathman 1.0.7-2 - Ditch the "EASY" introducer that requires setuptools >= 1.0 * Wed Oct 18 2017 Stuart D. Gathman 1.0.7-1 - Initial rpm