1 |
commit: 6c496650e61379f8abdd9f9c90db38bfabd8b7fd |
2 |
Author: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Oct 23 16:45:34 2021 +0000 |
4 |
Commit: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Oct 23 16:45:34 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6c496650 |
7 |
|
8 |
dev-perl/Crypt-OpenSSL-RSA: Add patch for openssl-3 support |
9 |
|
10 |
Closes: https://bugs.gentoo.org/805029 |
11 |
Package-Manager: Portage-3.0.28, Repoman-3.0.3 |
12 |
Signed-off-by: Andreas K. Hüttel <dilfridge <AT> gentoo.org> |
13 |
|
14 |
.../Crypt-OpenSSL-RSA-0.320.0.ebuild | 4 + |
15 |
.../Crypt-OpenSSL-RSA-0.280.0-openssl-1.1.0.patch | 256 --------------------- |
16 |
.../Crypt-OpenSSL-RSA-0.320.0-openssl-3.0.0.patch | 89 +++++++ |
17 |
3 files changed, 93 insertions(+), 256 deletions(-) |
18 |
|
19 |
diff --git a/dev-perl/Crypt-OpenSSL-RSA/Crypt-OpenSSL-RSA-0.320.0.ebuild b/dev-perl/Crypt-OpenSSL-RSA/Crypt-OpenSSL-RSA-0.320.0.ebuild |
20 |
index d466a0ecb24..150179661de 100644 |
21 |
--- a/dev-perl/Crypt-OpenSSL-RSA/Crypt-OpenSSL-RSA-0.320.0.ebuild |
22 |
+++ b/dev-perl/Crypt-OpenSSL-RSA/Crypt-OpenSSL-RSA-0.320.0.ebuild |
23 |
@@ -28,6 +28,10 @@ BDEPEND="${RDEPEND} |
24 |
) |
25 |
" |
26 |
|
27 |
+PATCHES=( |
28 |
+ "${FILESDIR}/${P}-openssl-3.0.0.patch" |
29 |
+) |
30 |
+ |
31 |
PERL_RM_FILES=( |
32 |
t/z_kwalitee.t |
33 |
t/z_perl_minimum_version.t |
34 |
|
35 |
diff --git a/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.280.0-openssl-1.1.0.patch b/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.280.0-openssl-1.1.0.patch |
36 |
deleted file mode 100644 |
37 |
index 463bcdfc83c..00000000000 |
38 |
--- a/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.280.0-openssl-1.1.0.patch |
39 |
+++ /dev/null |
40 |
@@ -1,256 +0,0 @@ |
41 |
-From fdbda9585f5c99670912e5c0517dbc7a9d92c74b Mon Sep 17 00:00:00 2001 |
42 |
-From: Sebastian Andrzej Siewior <sebastian@××××××××××.cc> |
43 |
-Date: Sat, 1 Oct 2016 19:52:44 +0000 |
44 |
-Subject: [PATCH] libcrypt-openssl-rsa-perl: get it compiled with openssl 1.1.0 |
45 |
- |
46 |
-Signed-off-by: Sebastian Andrzej Siewior <sebastian@××××××××××.cc> |
47 |
- |
48 |
-Bug: https://rt.cpan.org/Public/Bug/Display.html?id=117481 |
49 |
-Bug-Debian: https://bugs.debian.org/828387 |
50 |
- |
51 |
---- |
52 |
- RSA.xs | 173 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------- |
53 |
- 1 file changed, 150 insertions(+), 23 deletions(-) |
54 |
- |
55 |
-diff --git a/RSA.xs b/RSA.xs |
56 |
-index de512e7822d0..b384cb0e23a2 100644 |
57 |
---- a/RSA.xs |
58 |
-+++ b/RSA.xs |
59 |
-@@ -47,9 +47,119 @@ void croakSsl(char* p_file, int p_line) |
60 |
- |
61 |
- #define THROW(p_result) if (!(p_result)) { error = 1; goto err; } |
62 |
- |
63 |
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ |
64 |
-+ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL) |
65 |
-+static void RSA_get0_key(const RSA *r, |
66 |
-+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) |
67 |
-+{ |
68 |
-+ if (n != NULL) |
69 |
-+ *n = r->n; |
70 |
-+ if (e != NULL) |
71 |
-+ *e = r->e; |
72 |
-+ if (d != NULL) |
73 |
-+ *d = r->d; |
74 |
-+} |
75 |
-+ |
76 |
-+static int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) |
77 |
-+{ |
78 |
-+ /* If the fields n and e in r are NULL, the corresponding input |
79 |
-+ * parameters MUST be non-NULL for n and e. d may be |
80 |
-+ * left NULL (in case only the public key is used). |
81 |
-+ */ |
82 |
-+ if ((r->n == NULL && n == NULL) |
83 |
-+ || (r->e == NULL && e == NULL)) |
84 |
-+ return 0; |
85 |
-+ |
86 |
-+ if (n != NULL) { |
87 |
-+ BN_free(r->n); |
88 |
-+ r->n = n; |
89 |
-+ } |
90 |
-+ if (e != NULL) { |
91 |
-+ BN_free(r->e); |
92 |
-+ r->e = e; |
93 |
-+ } |
94 |
-+ if (d != NULL) { |
95 |
-+ BN_free(r->d); |
96 |
-+ r->d = d; |
97 |
-+ } |
98 |
-+ |
99 |
-+ return 1; |
100 |
-+} |
101 |
-+ |
102 |
-+static int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) |
103 |
-+{ |
104 |
-+ /* If the fields p and q in r are NULL, the corresponding input |
105 |
-+ * parameters MUST be non-NULL. |
106 |
-+ */ |
107 |
-+ if ((r->p == NULL && p == NULL) |
108 |
-+ || (r->q == NULL && q == NULL)) |
109 |
-+ return 0; |
110 |
-+ |
111 |
-+ if (p != NULL) { |
112 |
-+ BN_free(r->p); |
113 |
-+ r->p = p; |
114 |
-+ } |
115 |
-+ if (q != NULL) { |
116 |
-+ BN_free(r->q); |
117 |
-+ r->q = q; |
118 |
-+ } |
119 |
-+ |
120 |
-+ return 1; |
121 |
-+} |
122 |
-+ |
123 |
-+static void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) |
124 |
-+{ |
125 |
-+ if (p != NULL) |
126 |
-+ *p = r->p; |
127 |
-+ if (q != NULL) |
128 |
-+ *q = r->q; |
129 |
-+} |
130 |
-+ |
131 |
-+static int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) |
132 |
-+{ |
133 |
-+ /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input |
134 |
-+ * parameters MUST be non-NULL. |
135 |
-+ */ |
136 |
-+ if ((r->dmp1 == NULL && dmp1 == NULL) |
137 |
-+ || (r->dmq1 == NULL && dmq1 == NULL) |
138 |
-+ || (r->iqmp == NULL && iqmp == NULL)) |
139 |
-+ return 0; |
140 |
-+ |
141 |
-+ if (dmp1 != NULL) { |
142 |
-+ BN_free(r->dmp1); |
143 |
-+ r->dmp1 = dmp1; |
144 |
-+ } |
145 |
-+ if (dmq1 != NULL) { |
146 |
-+ BN_free(r->dmq1); |
147 |
-+ r->dmq1 = dmq1; |
148 |
-+ } |
149 |
-+ if (iqmp != NULL) { |
150 |
-+ BN_free(r->iqmp); |
151 |
-+ r->iqmp = iqmp; |
152 |
-+ } |
153 |
-+ |
154 |
-+ return 1; |
155 |
-+} |
156 |
-+ |
157 |
-+static void RSA_get0_crt_params(const RSA *r, |
158 |
-+ const BIGNUM **dmp1, const BIGNUM **dmq1, |
159 |
-+ const BIGNUM **iqmp) |
160 |
-+{ |
161 |
-+ if (dmp1 != NULL) |
162 |
-+ *dmp1 = r->dmp1; |
163 |
-+ if (dmq1 != NULL) |
164 |
-+ *dmq1 = r->dmq1; |
165 |
-+ if (iqmp != NULL) |
166 |
-+ *iqmp = r->iqmp; |
167 |
-+} |
168 |
-+#endif |
169 |
-+ |
170 |
- char _is_private(rsaData* p_rsa) |
171 |
- { |
172 |
-- return(p_rsa->rsa->d != NULL); |
173 |
-+ const BIGNUM *d; |
174 |
-+ |
175 |
-+ RSA_get0_key(p_rsa->rsa, NULL, NULL, &d); |
176 |
-+ return(d != NULL); |
177 |
- } |
178 |
- |
179 |
- SV* make_rsa_obj(SV* p_proto, RSA* p_rsa) |
180 |
-@@ -136,7 +246,7 @@ unsigned char* get_message_digest(SV* text_SV, int hash_method) |
181 |
- } |
182 |
- } |
183 |
- |
184 |
--SV* bn2sv(BIGNUM* p_bn) |
185 |
-+SV* bn2sv(const BIGNUM* p_bn) |
186 |
- { |
187 |
- return p_bn != NULL |
188 |
- ? sv_2mortal(newSViv((IV) BN_dup(p_bn))) |
189 |
-@@ -297,8 +407,15 @@ generate_key(proto, bitsSV, exponent = 65537) |
190 |
- unsigned long exponent; |
191 |
- PREINIT: |
192 |
- RSA* rsa; |
193 |
-+ BIGNUM *e; |
194 |
- CODE: |
195 |
-- CHECK_OPEN_SSL(rsa = RSA_generate_key(SvIV(bitsSV), exponent, NULL, NULL)); |
196 |
-+ e = BN_new(); |
197 |
-+ CHECK_OPEN_SSL(e); |
198 |
-+ rsa = RSA_new(); |
199 |
-+ CHECK_OPEN_SSL(rsa); |
200 |
-+ BN_set_word(e, exponent); |
201 |
-+ CHECK_OPEN_SSL(RSA_generate_key_ex(rsa, SvIV(bitsSV), e, NULL)); |
202 |
-+ BN_free(e); |
203 |
- RETVAL = make_rsa_obj(proto, rsa); |
204 |
- OUTPUT: |
205 |
- RETVAL |
206 |
-@@ -325,10 +442,11 @@ _new_key_from_parameters(proto, n, e, d, p, q) |
207 |
- croak("At least a modulous and public key must be provided"); |
208 |
- } |
209 |
- CHECK_OPEN_SSL(rsa = RSA_new()); |
210 |
-- rsa->n = n; |
211 |
-- rsa->e = e; |
212 |
-+ CHECK_OPEN_SSL(RSA_set0_key(rsa, n, e, NULL)); |
213 |
- if (p || q) |
214 |
- { |
215 |
-+ BIGNUM *dmp1, *dmq1, *iqmp; |
216 |
-+ |
217 |
- error = 0; |
218 |
- THROW(ctx = BN_CTX_new()); |
219 |
- if (!p) |
220 |
-@@ -341,8 +459,7 @@ _new_key_from_parameters(proto, n, e, d, p, q) |
221 |
- q = BN_new(); |
222 |
- THROW(BN_div(q, NULL, n, p, ctx)); |
223 |
- } |
224 |
-- rsa->p = p; |
225 |
-- rsa->q = q; |
226 |
-+ CHECK_OPEN_SSL(RSA_set0_factors(rsa, p, q)); |
227 |
- THROW(p_minus_1 = BN_new()); |
228 |
- THROW(BN_sub(p_minus_1, p, BN_value_one())); |
229 |
- THROW(q_minus_1 = BN_new()); |
230 |
-@@ -353,13 +470,17 @@ _new_key_from_parameters(proto, n, e, d, p, q) |
231 |
- THROW(BN_mul(d, p_minus_1, q_minus_1, ctx)); |
232 |
- THROW(BN_mod_inverse(d, e, d, ctx)); |
233 |
- } |
234 |
-- rsa->d = d; |
235 |
-- THROW(rsa->dmp1 = BN_new()); |
236 |
-- THROW(BN_mod(rsa->dmp1, d, p_minus_1, ctx)); |
237 |
-- THROW(rsa->dmq1 = BN_new()); |
238 |
-- THROW(BN_mod(rsa->dmq1, d, q_minus_1, ctx)); |
239 |
-- THROW(rsa->iqmp = BN_new()); |
240 |
-- THROW(BN_mod_inverse(rsa->iqmp, q, p, ctx)); |
241 |
-+ CHECK_OPEN_SSL(RSA_set0_key(rsa, NULL, NULL, d)); |
242 |
-+ |
243 |
-+ THROW(dmp1 = BN_new()); |
244 |
-+ THROW(dmq1 = BN_new()); |
245 |
-+ THROW(iqmp = BN_new()); |
246 |
-+ |
247 |
-+ THROW(BN_mod(dmp1, d, p_minus_1, ctx)); |
248 |
-+ THROW(BN_mod(dmq1, d, q_minus_1, ctx)); |
249 |
-+ THROW(BN_mod_inverse(iqmp, q, p, ctx)); |
250 |
-+ |
251 |
-+ CHECK_OPEN_SSL(RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp)); |
252 |
- THROW(RSA_check_key(rsa) == 1); |
253 |
- err: |
254 |
- if (p_minus_1) BN_clear_free(p_minus_1); |
255 |
-@@ -373,7 +494,7 @@ _new_key_from_parameters(proto, n, e, d, p, q) |
256 |
- } |
257 |
- else |
258 |
- { |
259 |
-- rsa->d = d; |
260 |
-+ CHECK_OPEN_SSL(RSA_set0_key(rsa, NULL, NULL, d)); |
261 |
- } |
262 |
- RETVAL = make_rsa_obj(proto, rsa); |
263 |
- } |
264 |
-@@ -386,15 +507,21 @@ _get_key_parameters(p_rsa) |
265 |
- PPCODE: |
266 |
- { |
267 |
- RSA* rsa; |
268 |
-+ const BIGNUM *n, *e, *d, *p, *q; |
269 |
-+ const BIGNUM *dmp1, *dmq1, *iqmp; |
270 |
-+ |
271 |
- rsa = p_rsa->rsa; |
272 |
-- XPUSHs(bn2sv(rsa->n)); |
273 |
-- XPUSHs(bn2sv(rsa->e)); |
274 |
-- XPUSHs(bn2sv(rsa->d)); |
275 |
-- XPUSHs(bn2sv(rsa->p)); |
276 |
-- XPUSHs(bn2sv(rsa->q)); |
277 |
-- XPUSHs(bn2sv(rsa->dmp1)); |
278 |
-- XPUSHs(bn2sv(rsa->dmq1)); |
279 |
-- XPUSHs(bn2sv(rsa->iqmp)); |
280 |
-+ RSA_get0_key(rsa, &n, &e, &d); |
281 |
-+ RSA_get0_factors(rsa, &p, &q); |
282 |
-+ RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); |
283 |
-+ XPUSHs(bn2sv(n)); |
284 |
-+ XPUSHs(bn2sv(e)); |
285 |
-+ XPUSHs(bn2sv(d)); |
286 |
-+ XPUSHs(bn2sv(p)); |
287 |
-+ XPUSHs(bn2sv(q)); |
288 |
-+ XPUSHs(bn2sv(dmp1)); |
289 |
-+ XPUSHs(bn2sv(dmq1)); |
290 |
-+ XPUSHs(bn2sv(iqmp)); |
291 |
- } |
292 |
- |
293 |
- SV* |
294 |
--- |
295 |
-2.1.4 |
296 |
- |
297 |
|
298 |
diff --git a/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.320.0-openssl-3.0.0.patch b/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.320.0-openssl-3.0.0.patch |
299 |
new file mode 100644 |
300 |
index 00000000000..970562beb70 |
301 |
--- /dev/null |
302 |
+++ b/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.320.0-openssl-3.0.0.patch |
303 |
@@ -0,0 +1,89 @@ |
304 |
+ |
305 |
+Source: |
306 |
+https://gitlab.com/redhat/centos-stream/rpms/perl-Crypt-OpenSSL-RSA/-/blob/c9s/perl-Crypt-OpenSSL-RSA-openssl30.patch |
307 |
+ |
308 |
+ |
309 |
+diff --git a/README b/README |
310 |
+index c7d4bb7..3da6d1d 100644 |
311 |
+--- a/README |
312 |
++++ b/README |
313 |
+@@ -10,7 +10,6 @@ SYNOPSIS |
314 |
+ Crypt::OpenSSL::Random::random_seed($good_entropy); |
315 |
+ Crypt::OpenSSL::RSA->import_random_seed(); |
316 |
+ $rsa_pub = Crypt::OpenSSL::RSA->new_public_key($key_string); |
317 |
+- $rsa_pub->use_sslv23_padding(); # use_pkcs1_oaep_padding is the default |
318 |
+ $ciphertext = $rsa->encrypt($plaintext); |
319 |
+ |
320 |
+ $rsa_priv = Crypt::OpenSSL::RSA->new_private_key($key_string); |
321 |
+@@ -140,10 +139,6 @@ Instance Methods |
322 |
+ all new applications. It is the default mode used by |
323 |
+ "Crypt::OpenSSL::RSA". |
324 |
+ |
325 |
+- use_sslv23_padding |
326 |
+- Use PKCS #1 v1.5 padding with an SSL-specific modification that |
327 |
+- denotes that the server is SSL3 capable. |
328 |
+- |
329 |
+ use_md5_hash |
330 |
+ Use the RFC 1321 MD5 hashing algorithm by Ron Rivest when signing |
331 |
+ and verifying messages. |
332 |
+@@ -168,7 +163,7 @@ Instance Methods |
333 |
+ pkcs1_oaep_padding |
334 |
+ at most 42 bytes less than this size. |
335 |
+ |
336 |
+- pkcs1_padding or sslv23_padding |
337 |
++ pkcs1_padding |
338 |
+ at most 11 bytes less than this size. |
339 |
+ |
340 |
+ no_padding |
341 |
+diff --git a/RSA.pm b/RSA.pm |
342 |
+index 31e6949..1b63e99 100644 |
343 |
+--- a/RSA.pm |
344 |
++++ b/RSA.pm |
345 |
+@@ -34,8 +34,7 @@ Crypt::OpenSSL::RSA - RSA encoding and decoding, using the openSSL libraries |
346 |
+ Crypt::OpenSSL::Random::random_seed($good_entropy); |
347 |
+ Crypt::OpenSSL::RSA->import_random_seed(); |
348 |
+ $rsa_pub = Crypt::OpenSSL::RSA->new_public_key($key_string); |
349 |
+- $rsa_pub->use_sslv23_padding(); # use_pkcs1_oaep_padding is the default |
350 |
+- $ciphertext = $rsa->encrypt($plaintext); |
351 |
++ $ciphertext = $rsa->encrypt($plaintext); |
352 |
+ |
353 |
+ $rsa_priv = Crypt::OpenSSL::RSA->new_private_key($key_string); |
354 |
+ $plaintext = $rsa->encrypt($ciphertext); |
355 |
+@@ -220,11 +219,6 @@ an empty encoding parameter. This mode of padding is recommended for |
356 |
+ all new applications. It is the default mode used by |
357 |
+ C<Crypt::OpenSSL::RSA>. |
358 |
+ |
359 |
+-=item use_sslv23_padding |
360 |
+- |
361 |
+-Use C<PKCS #1 v1.5> padding with an SSL-specific modification that |
362 |
+-denotes that the server is SSL3 capable. |
363 |
+- |
364 |
+ =item use_md5_hash |
365 |
+ |
366 |
+ Use the RFC 1321 MD5 hashing algorithm by Ron Rivest when signing and |
367 |
+@@ -267,7 +261,7 @@ the text to be encrypted should be: |
368 |
+ |
369 |
+ at most 42 bytes less than this size. |
370 |
+ |
371 |
+-=item pkcs1_padding or sslv23_padding |
372 |
++=item pkcs1_padding |
373 |
+ |
374 |
+ at most 11 bytes less than this size. |
375 |
+ |
376 |
+diff --git a/RSA.xs b/RSA.xs |
377 |
+index d474d11..711e4e7 100644 |
378 |
+--- a/RSA.xs |
379 |
++++ b/RSA.xs |
380 |
+@@ -640,12 +640,6 @@ use_pkcs1_oaep_padding(p_rsa) |
381 |
+ CODE: |
382 |
+ p_rsa->padding = RSA_PKCS1_OAEP_PADDING; |
383 |
+ |
384 |
+-void |
385 |
+-use_sslv23_padding(p_rsa) |
386 |
+- rsaData* p_rsa; |
387 |
+- CODE: |
388 |
+- p_rsa->padding = RSA_SSLV23_PADDING; |
389 |
+- |
390 |
+ # Sign text. Returns the signature. |
391 |
+ |
392 |
+ SV* |