HTCONDOR-1290: Update Scitokens-cpp to openssl 3.0

-PR changes
   -Fixed Openssl 3.0 code to store public ec key correctly thus
    passing Unit tests
   -Set cmake option warnings equal errors to ON thus reverting
    to old behavior of failing to compile when a warning occurs
   -Implemented JWT-CPP patch into JWT v0.6.0 library included
    within vendor to allow for rpm building with older gcc versions
   -Reverted attempted fix for rpm building in .spec file due to
    compatability update added to JWT-CPP. No longer requires
    gcc v5.1 or greater

Author: ColeBollig

CMakeLists.txt

@@ -8,7 +8,7 @@ project( scitokens-cpp
 
 option( SCITOKENS_BUILD_UNITTESTS "Build the scitokens-cpp unit tests" OFF )
 option( SCITOKENS_EXTERNAL_GTEST "Use an external/pre-installed copy of GTest" OFF )
-option( SCITOKENS_WARNINGS_ARE_ERRORS "Turn compiler warnings into build errors" OFF)
+option( SCITOKENS_WARNINGS_ARE_ERRORS "Turn compiler warnings into build errors" ON)
 
 set( CMAKE_MODULE_PATH "${PROJECT_SOURCE_DIR}/cmake;${CMAKE_MODULE_PATH}" )
 

rpm/scitokens-cpp.spec

@@ -18,7 +18,7 @@ Source0: https://github.com/scitokens/scitokens-cpp/releases/download/v%{version
 # inappropriate to include a "Provides", as jwt-cpp is not provided
 # by this package.
 
-BuildRequires: gcc-c++ >= 5.1
+BuildRequires: gcc-c++
 BuildRequires: make
 BuildRequires: cmake3
 BuildRequires: sqlite-devel

src/scitokens_internal.cpp

@@ -623,14 +623,29 @@ scitokens::Validator::store_public_ec_key(const std::string &issuer, const std::
         throw UnsupportedKeyException("Unable to get OpenSSL EC group");
     }
 
-    std::unique_ptr<EC_POINT, decltype(&EC_POINT_free)> Q_point(EC_POINT_new(ec_group.get()), EC_POINT_free);
-    if (!Q_point.get()) {
+    std::unique_ptr<EC_POINT, decltype(&EC_POINT_free)> q_point(EC_POINT_new(ec_group.get()), EC_POINT_free);
+    if (!q_point.get()) {
         throw UnsupportedKeyException("Unable to get OpenSSL EC point");
     }
 
-    if (!EC_POINT_get_affine_coordinates(ec_group.get(), Q_point.get(), x_bignum.get(), y_bignum.get(), NULL)) {
+    OSSL_PARAM *params;
+    if (!EVP_PKEY_todata(pkey.get(), EVP_PKEY_PUBLIC_KEY, &params)) {
+        throw UnsupportedKeyException("Unable to get OpenSSL public key parameters");
+    }
+
+    void* buf = NULL;
+    size_t buf_len, max_len = 256;
+    OSSL_PARAM *p = OSSL_PARAM_locate(params,"pub");
+    if (!p || !OSSL_PARAM_get_octet_string(p, &buf, max_len, &buf_len)
+           || !EC_POINT_oct2point(ec_group.get(), q_point.get(), static_cast<unsigned char*>(buf), buf_len, nullptr)) {
+        throw UnsupportedKeyException("Failed to to set OpenSSL EC point with public key information");
+    }
+
+    if (!EC_POINT_get_affine_coordinates(ec_group.get(), q_point.get(), x_bignum.get(), y_bignum.get(), NULL)) {
         throw UnsupportedKeyException("Unable to get OpenSSL affine coordinates");
     }
+
+    OSSL_PARAM_free(params);
 #else
     std::unique_ptr<EC_KEY, decltype(&EC_KEY_free)> pkey
         (PEM_read_bio_EC_PUBKEY(pubkey_bio.get(), nullptr, nullptr, nullptr), EC_KEY_free);

vendor/jwt-cpp/include/jwt-cpp/jwt.h

@@ -22,7 +22,6 @@
 
 #include <algorithm>
 #include <chrono>
-#include <codecvt>
 #include <functional>
 #include <iterator>
 #include <locale>
@@ -34,6 +33,10 @@
 #include <utility>
 #include <vector>
 
+#if __cplusplus > 201103L
+#include <codecvt>
+#endif
+
 #if __cplusplus >= 201402L
 #ifdef __has_include
 #if __has_include(<experimental/type_traits>)
@@ -3053,11 +3056,18 @@ namespace jwt {
 			}
 
 			static std::string to_lower_unicode(const std::string& str, const std::locale& loc) {
+#if __cplusplus > 201103L
 				std::wstring_convert<std::codecvt_utf8<wchar_t>, wchar_t> conv;
 				auto wide = conv.from_bytes(str);
 				auto& f = std::use_facet<std::ctype<wchar_t>>(loc);
 				f.tolower(&wide[0], &wide[0] + wide.size());
 				return conv.to_bytes(wide);
+#else
+				std::string result;
+				std::transform(str.begin(), str.end(), std::back_inserter(result),
+							   [&loc](unsigned char c) { return std::tolower(c, loc); });
+				return result;
+#endif
 			}
 		};
 	} // namespace verify_ops