Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Alon Bar-Lev <alonbl@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: app-crypt/tpm-tools/, app-crypt/tpm-tools/files/
Date: Sat, 08 Dec 2018 21:42:37
Message-Id: 1544305276.46685dd4934db31ab2c732f28a1a7909750e4c59.alonbl@gentoo
1 commit: 46685dd4934db31ab2c732f28a1a7909750e4c59
2 Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
3 AuthorDate: Sat Dec 8 21:40:59 2018 +0000
4 Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org>
5 CommitDate: Sat Dec 8 21:41:16 2018 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=46685dd4
7
8 app-crypt/tpm-tools: support openssl-1.1
9
10 Closes: https://bugs.gentoo.org/show_bug.cgi?id=672756
11 Signed-off-by: Alon Bar-Lev <alonbl <AT> gentoo.org>
12 Package-Manager: Portage-2.3.51, Repoman-2.3.11
13
14 .../files/tpm-tools-1.3.9.1-openssl-1.1.patch | 241 +++++++++++++++++++++
15 app-crypt/tpm-tools/tpm-tools-1.3.9.1-r1.ebuild | 51 +++++
16 2 files changed, 292 insertions(+)
17
18 diff --git a/app-crypt/tpm-tools/files/tpm-tools-1.3.9.1-openssl-1.1.patch b/app-crypt/tpm-tools/files/tpm-tools-1.3.9.1-openssl-1.1.patch
19 new file mode 100644
20 index 00000000000..a5747dbca70
21 --- /dev/null
22 +++ b/app-crypt/tpm-tools/files/tpm-tools-1.3.9.1-openssl-1.1.patch
23 @@ -0,0 +1,241 @@
24 +From 31d9cebc43833de939a0e13be0110ed830b66cbd Mon Sep 17 00:00:00 2001
25 +From: Alon Bar-Lev <alon.barlev@×××××.com>
26 +Date: Sat, 8 Dec 2018 23:28:54 +0200
27 +Subject: [PATCH] data_import.c: support openssl-1.1
28 +
29 +Signed-off-by: Alon Bar-Lev <alon.barlev@×××××.com>
30 +Bug: https://sourceforge.net/p/trousers/bugs/227/
31 +---
32 + src/data_mgmt/data_import.c | 159 +++++++++++++++++++++++++-----------
33 + 1 file changed, 112 insertions(+), 47 deletions(-)
34 +
35 +diff --git a/src/data_mgmt/data_import.c b/src/data_mgmt/data_import.c
36 +index f534717..33c76e7 100644
37 +--- a/src/data_mgmt/data_import.c
38 ++++ b/src/data_mgmt/data_import.c
39 +@@ -39,6 +39,30 @@
40 + #include <openssl/evp.h>
41 + #include <openssl/err.h>
42 +
43 ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L)
44 ++static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) {
45 ++ if ( n )
46 ++ *n = r->n;
47 ++ if ( e )
48 ++ *e = r->e;
49 ++ if ( d )
50 ++ *d = r->d;
51 ++}
52 ++static void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) {
53 ++ if ( p )
54 ++ *p = r->p;
55 ++ if ( q )
56 ++ *q = r->q;
57 ++}
58 ++static void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp) {
59 ++ if ( dmp1 )
60 ++ *dmp1 = r->dmp1;
61 ++ if ( dmq1 )
62 ++ *dmq1 = r->dmq1;
63 ++ if ( iqmp )
64 ++ *iqmp = r->iqmp;
65 ++}
66 ++#endif
67 +
68 + /*
69 + * Global variables
70 +@@ -372,7 +396,7 @@ readX509Cert( const char *a_pszFile,
71 + goto out;
72 + }
73 +
74 +- if ( EVP_PKEY_type( pKey->type ) != EVP_PKEY_RSA ) {
75 ++ if ( EVP_PKEY_base_id( pKey ) != EVP_PKEY_RSA ) {
76 + logError( TOKEN_RSA_KEY_ERROR );
77 +
78 + X509_free( pX509 );
79 +@@ -691,17 +715,35 @@ createRsaPubKeyObject( RSA *a_pRsa,
80 +
81 + int rc = -1;
82 +
83 +- int nLen = BN_num_bytes( a_pRsa->n );
84 +- int eLen = BN_num_bytes( a_pRsa->e );
85 ++ const BIGNUM *bn;
86 ++ const BIGNUM *be;
87 ++ int nLen;
88 ++ int eLen;
89 ++ CK_BYTE *n = NULL;
90 ++ CK_BYTE *e = NULL;
91 ++
92 ++ RSA_get0_key( a_pRsa, &bn, &be, NULL );
93 ++
94 ++ nLen = BN_num_bytes( bn );
95 ++ eLen = BN_num_bytes( be );
96 ++ n = malloc( nLen );
97 ++ e = malloc( eLen );
98 ++
99 ++ if ( !n || !e ) {
100 ++ logError( TOKEN_MEMORY_ERROR );
101 ++ goto out;
102 ++ }
103 ++
104 ++ // Get binary representations of the RSA key information
105 ++ BN_bn2bin( bn, n );
106 ++ BN_bn2bin( be, e );
107 +
108 ++ {
109 + CK_RV rv;
110 +
111 + CK_BBOOL bTrue = TRUE;
112 + CK_BBOOL bFalse = FALSE;
113 +
114 +- CK_BYTE *n = malloc( nLen );
115 +- CK_BYTE *e = malloc( eLen );
116 +-
117 + CK_OBJECT_CLASS clPubClass = CKO_PUBLIC_KEY;
118 + CK_KEY_TYPE tKeyType = CKK_RSA;
119 + CK_BBOOL bPrivate = ( !g_bPublic ) ? TRUE : FALSE;
120 +@@ -726,21 +768,13 @@ createRsaPubKeyObject( RSA *a_pRsa,
121 +
122 + *a_hObject = 0;
123 +
124 +- if ( !n || !e ) {
125 +- logError( TOKEN_MEMORY_ERROR );
126 +- goto out;
127 +- }
128 +-
129 +- // Get binary representations of the RSA key information
130 +- BN_bn2bin( a_pRsa->n, n );
131 +- BN_bn2bin( a_pRsa->e, e );
132 +-
133 + // Create the RSA public key object
134 + rv = createObject( a_hSession, tAttr, ulAttrCount, a_hObject );
135 + if ( rv != CKR_OK )
136 + goto out;
137 +
138 + rc = 0;
139 ++ }
140 +
141 + out:
142 + free( n );
143 +@@ -760,29 +794,74 @@ createRsaPrivKeyObject( RSA *a_pRsa,
144 +
145 + int rc = -1;
146 +
147 +- int nLen = BN_num_bytes( a_pRsa->n );
148 +- int eLen = BN_num_bytes( a_pRsa->e );
149 +- int dLen = BN_num_bytes( a_pRsa->d );
150 +- int pLen = BN_num_bytes( a_pRsa->p );
151 +- int qLen = BN_num_bytes( a_pRsa->q );
152 +- int dmp1Len = BN_num_bytes( a_pRsa->dmp1 );
153 +- int dmq1Len = BN_num_bytes( a_pRsa->dmq1 );
154 +- int iqmpLen = BN_num_bytes( a_pRsa->iqmp );
155 ++ const BIGNUM *bn;
156 ++ const BIGNUM *be;
157 ++ const BIGNUM *bd;
158 ++ const BIGNUM *bp;
159 ++ const BIGNUM *bq;
160 ++ const BIGNUM *bdmp1;
161 ++ const BIGNUM *bdmq1;
162 ++ const BIGNUM *biqmp;
163 ++ int nLen;
164 ++ int eLen;
165 ++ int dLen;
166 ++ int pLen;
167 ++ int qLen;
168 ++ int dmp1Len;
169 ++ int dmq1Len;
170 ++ int iqmpLen;
171 ++ CK_BYTE *n = NULL;
172 ++ CK_BYTE *e = NULL;
173 ++ CK_BYTE *d = NULL;
174 ++ CK_BYTE *p = NULL;
175 ++ CK_BYTE *q = NULL;
176 ++ CK_BYTE *dmp1 = NULL;
177 ++ CK_BYTE *dmq1 = NULL;
178 ++ CK_BYTE *iqmp = NULL;
179 ++
180 ++ RSA_get0_key( a_pRsa, &bn, &be, &bd);
181 ++ RSA_get0_factors( a_pRsa, &bp, &bq);
182 ++ RSA_get0_crt_params( a_pRsa, &bdmp1, &bdmq1, &biqmp );
183 ++
184 ++ nLen = BN_num_bytes( bn );
185 ++ eLen = BN_num_bytes( be );
186 ++ dLen = BN_num_bytes( bd );
187 ++ pLen = BN_num_bytes( bp );
188 ++ qLen = BN_num_bytes( bq );
189 ++ dmp1Len = BN_num_bytes( bdmp1 );
190 ++ dmq1Len = BN_num_bytes( bdmq1 );
191 ++ iqmpLen = BN_num_bytes( biqmp );
192 ++
193 ++ n = malloc( nLen );
194 ++ e = malloc( eLen );
195 ++ d = malloc( dLen );
196 ++ p = malloc( pLen );
197 ++ q = malloc( qLen );
198 ++ dmp1 = malloc( dmp1Len );
199 ++ dmq1 = malloc( dmq1Len );
200 ++ iqmp = malloc( iqmpLen );
201 +
202 ++ if ( !n || !e || !d || !p || !q || !dmp1 || !dmq1 || !iqmp ) {
203 ++ logError( TOKEN_MEMORY_ERROR );
204 ++ goto out;
205 ++ }
206 ++
207 ++ // Get binary representations of the RSA key information
208 ++ BN_bn2bin( bn, n );
209 ++ BN_bn2bin( be, e );
210 ++ BN_bn2bin( bd, d );
211 ++ BN_bn2bin( bp, p );
212 ++ BN_bn2bin( bq, q );
213 ++ BN_bn2bin( bdmp1, dmp1 );
214 ++ BN_bn2bin( bdmq1, dmq1 );
215 ++ BN_bn2bin( biqmp, iqmp );
216 ++
217 ++ {
218 + CK_RV rv;
219 +
220 + CK_BBOOL bTrue = TRUE;
221 + CK_BBOOL bFalse = FALSE;
222 +
223 +- CK_BYTE *n = malloc( nLen );
224 +- CK_BYTE *e = malloc( eLen );
225 +- CK_BYTE *d = malloc( dLen );
226 +- CK_BYTE *p = malloc( pLen );
227 +- CK_BYTE *q = malloc( qLen );
228 +- CK_BYTE *dmp1 = malloc( dmp1Len );
229 +- CK_BYTE *dmq1 = malloc( dmq1Len );
230 +- CK_BYTE *iqmp = malloc( iqmpLen );
231 +-
232 + CK_OBJECT_CLASS clPrivClass = CKO_PRIVATE_KEY;
233 + CK_KEY_TYPE tKeyType = CKK_RSA;
234 + CK_BBOOL bPrivate = ( !g_bPublic ) ? TRUE : FALSE;
235 +@@ -815,25 +894,11 @@ createRsaPrivKeyObject( RSA *a_pRsa,
236 +
237 + *a_hObject = 0;
238 +
239 +- if ( !n || !e || !d || !p || !q || !dmp1 || !dmq1 || !iqmp ) {
240 +- logError( TOKEN_MEMORY_ERROR );
241 +- goto out;
242 +- }
243 +-
244 +- // Get binary representations of the RSA key information
245 +- BN_bn2bin( a_pRsa->n, n );
246 +- BN_bn2bin( a_pRsa->e, e );
247 +- BN_bn2bin( a_pRsa->d, d );
248 +- BN_bn2bin( a_pRsa->p, p );
249 +- BN_bn2bin( a_pRsa->q, q );
250 +- BN_bn2bin( a_pRsa->dmp1, dmp1 );
251 +- BN_bn2bin( a_pRsa->dmq1, dmq1 );
252 +- BN_bn2bin( a_pRsa->iqmp, iqmp );
253 +-
254 + // Create the RSA private key object
255 + rv = createObject( a_hSession, tAttr, ulAttrCount, a_hObject );
256 + if ( rv != CKR_OK )
257 + goto out;
258 ++ }
259 +
260 + rc = 0;
261 +
262 +--
263 +2.19.2
264 +
265
266 diff --git a/app-crypt/tpm-tools/tpm-tools-1.3.9.1-r1.ebuild b/app-crypt/tpm-tools/tpm-tools-1.3.9.1-r1.ebuild
267 new file mode 100644
268 index 00000000000..e59af9e38d9
269 --- /dev/null
270 +++ b/app-crypt/tpm-tools/tpm-tools-1.3.9.1-r1.ebuild
271 @@ -0,0 +1,51 @@
272 +# Copyright 1999-2018 Gentoo Authors
273 +# Distributed under the terms of the GNU General Public License v2
274 +
275 +EAPI=7
276 +
277 +inherit autotools flag-o-matic
278 +
279 +DESCRIPTION="TrouSerS' support tools for the Trusted Platform Modules"
280 +HOMEPAGE="http://trousers.sourceforge.net"
281 +SRC_URI="mirror://sourceforge/trousers/${PN}/${P}.tar.gz"
282 +
283 +LICENSE="CPL-1.0"
284 +SLOT="0"
285 +KEYWORDS="~amd64 ~arm ~arm64 ~m68k ~s390 ~sh ~x86"
286 +IUSE="libressl nls pkcs11 debug"
287 +
288 +DEPEND=">=app-crypt/trousers-0.3.0
289 + !libressl? ( dev-libs/openssl:0= )
290 + libressl? ( dev-libs/libressl:0= )
291 + pkcs11? ( dev-libs/opencryptoki )"
292 +RDEPEND="${DEPEND}"
293 +BDEPEND="nls? ( sys-devel/gettext )"
294 +
295 +S="${WORKDIR}"
296 +
297 +PATCHES=(
298 + "${FILESDIR}/${P}-openssl-1.1.patch"
299 +)
300 +
301 +src_prepare() {
302 + default
303 +
304 + sed -i -r \
305 + -e '/CFLAGS/s/ -m64//' \
306 + configure.ac || die
307 +
308 + eautoreconf
309 +}
310 +
311 +src_configure() {
312 + append-cppflags $(usex debug -DDEBUG -DNDEBUG)
313 +
314 + econf \
315 + $(use_enable nls) \
316 + $(use pkcs11 || echo --disable-pkcs11-support)
317 +}
318 +
319 +src_install() {
320 + default
321 + find "${D}" -name '*.la' -delete || die
322 +}
Report Message
Find on MARC Find on Google Groups