Bug 1464671 - cjdns-20 is available
cjdns-20 is available
Status: NEW
Product: Fedora
Classification: Fedora
Component: cjdns (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Stuart D Gathman
Fedora Extras Quality Assurance
: FutureFeature, Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-24 08:10 EDT by Upstream Release Monitoring
Modified: 2017-09-25 20:31 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Upstream Release Monitoring 2017-06-24 08:10:51 EDT
Latest upstream release: 20
Current version/release in rawhide: 19.1-4.fc27
URL: https://github.com/cjdelisle/cjdns

Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy

More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring

Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream.

Based on the information from anitya:  https://release-monitoring.org/project/10117/
Comment 1 Stuart D Gathman 2017-09-24 22:40:36 EDT
The difficulty with cjdns-20 is the new function in crypto/Sign.c:

void Sign_signingKeyPairFromCurve25519(uint8_t keypairOut[64], uint8_t secretCryptoKey[32]);

It is implemented using private functions in the embedded nacl source.  There is no equivalent in libsodium, or in the public nacl interface (so I can't just switch to Fedora supplied nacl package).

The only way to get cjdns-20 up quickly is to switch to the embedded nacl library, which I am reluctant to do.

One idea I had is to copy just enough of the embedded nacl to implement the above function.  

    Bits_memcpy(keypairOut, secretCryptoKey, 32);
    keypairOut[0] &= 248;
    keypairOut[31] &= 63;
    keypairOut[31] |= 64;
    ge_p3 A;
    ge_scalarmult_base(&A, keypairOut);
    ge_p3_tobytes(&keypairOut[32], &A);

There are only the last two functions to copy.  I don't know how many internal dependencies they will have.
Comment 2 Stuart D Gathman 2017-09-25 20:31:39 EDT
It turns out that the Fedora nacl package exports the ge25519 scalar functions - even though they are not defined in the public headers.  I tested copying the definitions from nacl private headers and linking against nacl after sodium.  It works.  That's kind of funky (and would break horribly if the internal API changes).  But I could link against the Fedora nacl lib (only) and get v20 out there.

There is a feature request on libsodium for exporting the scalar operations: 

https://github.com/jedisct1/libsodium/issues/236

That would also resolve the issue.  That issue mentions that TweetNaCl exports ed25519 scalar operations.

Note You need to log in before you can comment on or make changes to this bug.