1 |
commit: 05ef2e7b732a8571f2d4ef84659b7f972a8cd90e |
2 |
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Feb 27 19:07:04 2019 +0000 |
4 |
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Feb 27 19:07:04 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=05ef2e7b |
7 |
|
8 |
dev-libs/openssl: fix USE=bindist |
9 |
|
10 |
Package-Manager: Portage-2.3.62, Repoman-2.3.12 |
11 |
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> |
12 |
|
13 |
.../files/openssl-1.1.1b-ec-curves-patch.patch | 207 +++++++++++++++++++++ |
14 |
...nssl-1.1.1b.ebuild => openssl-1.1.1b-r1.ebuild} | 8 +- |
15 |
2 files changed, 214 insertions(+), 1 deletion(-) |
16 |
|
17 |
diff --git a/dev-libs/openssl/files/openssl-1.1.1b-ec-curves-patch.patch b/dev-libs/openssl/files/openssl-1.1.1b-ec-curves-patch.patch |
18 |
new file mode 100644 |
19 |
index 00000000000..c1f53c83823 |
20 |
--- /dev/null |
21 |
+++ b/dev-libs/openssl/files/openssl-1.1.1b-ec-curves-patch.patch |
22 |
@@ -0,0 +1,207 @@ |
23 |
+Based on openssl-1.1.1-ec-curves.patch. |
24 |
+ |
25 |
+Updated for OpenSSL change b6d41ff73392df5af9c931c902ae4cd75c5b61ea. |
26 |
+ |
27 |
+--- a/apps/speed.c |
28 |
++++ b/apps/speed.c |
29 |
+@@ -489,82 +489,28 @@ static const OPT_PAIR rsa_choices[] = { |
30 |
+ static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */ |
31 |
+ #endif /* OPENSSL_NO_RSA */ |
32 |
+ |
33 |
+-#define R_EC_P160 0 |
34 |
+-#define R_EC_P192 1 |
35 |
+-#define R_EC_P224 2 |
36 |
+-#define R_EC_P256 3 |
37 |
+-#define R_EC_P384 4 |
38 |
+-#define R_EC_P521 5 |
39 |
+-#define R_EC_K163 6 |
40 |
+-#define R_EC_K233 7 |
41 |
+-#define R_EC_K283 8 |
42 |
+-#define R_EC_K409 9 |
43 |
+-#define R_EC_K571 10 |
44 |
+-#define R_EC_B163 11 |
45 |
+-#define R_EC_B233 12 |
46 |
+-#define R_EC_B283 13 |
47 |
+-#define R_EC_B409 14 |
48 |
+-#define R_EC_B571 15 |
49 |
+-#define R_EC_BRP256R1 16 |
50 |
+-#define R_EC_BRP256T1 17 |
51 |
+-#define R_EC_BRP384R1 18 |
52 |
+-#define R_EC_BRP384T1 19 |
53 |
+-#define R_EC_BRP512R1 20 |
54 |
+-#define R_EC_BRP512T1 21 |
55 |
+-#define R_EC_X25519 22 |
56 |
+-#define R_EC_X448 23 |
57 |
++#define R_EC_P224 0 |
58 |
++#define R_EC_P256 1 |
59 |
++#define R_EC_P384 2 |
60 |
++#define R_EC_P521 3 |
61 |
++#define R_EC_X25519 4 |
62 |
++#define R_EC_X448 5 |
63 |
+ #ifndef OPENSSL_NO_EC |
64 |
+ static OPT_PAIR ecdsa_choices[] = { |
65 |
+- {"ecdsap160", R_EC_P160}, |
66 |
+- {"ecdsap192", R_EC_P192}, |
67 |
+ {"ecdsap224", R_EC_P224}, |
68 |
+ {"ecdsap256", R_EC_P256}, |
69 |
+ {"ecdsap384", R_EC_P384}, |
70 |
+ {"ecdsap521", R_EC_P521}, |
71 |
+- {"ecdsak163", R_EC_K163}, |
72 |
+- {"ecdsak233", R_EC_K233}, |
73 |
+- {"ecdsak283", R_EC_K283}, |
74 |
+- {"ecdsak409", R_EC_K409}, |
75 |
+- {"ecdsak571", R_EC_K571}, |
76 |
+- {"ecdsab163", R_EC_B163}, |
77 |
+- {"ecdsab233", R_EC_B233}, |
78 |
+- {"ecdsab283", R_EC_B283}, |
79 |
+- {"ecdsab409", R_EC_B409}, |
80 |
+- {"ecdsab571", R_EC_B571}, |
81 |
+- {"ecdsabrp256r1", R_EC_BRP256R1}, |
82 |
+- {"ecdsabrp256t1", R_EC_BRP256T1}, |
83 |
+- {"ecdsabrp384r1", R_EC_BRP384R1}, |
84 |
+- {"ecdsabrp384t1", R_EC_BRP384T1}, |
85 |
+- {"ecdsabrp512r1", R_EC_BRP512R1}, |
86 |
+- {"ecdsabrp512t1", R_EC_BRP512T1} |
87 |
+ }; |
88 |
+ # define ECDSA_NUM OSSL_NELEM(ecdsa_choices) |
89 |
+ |
90 |
+ static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */ |
91 |
+ |
92 |
+ static const OPT_PAIR ecdh_choices[] = { |
93 |
+- {"ecdhp160", R_EC_P160}, |
94 |
+- {"ecdhp192", R_EC_P192}, |
95 |
+ {"ecdhp224", R_EC_P224}, |
96 |
+ {"ecdhp256", R_EC_P256}, |
97 |
+ {"ecdhp384", R_EC_P384}, |
98 |
+ {"ecdhp521", R_EC_P521}, |
99 |
+- {"ecdhk163", R_EC_K163}, |
100 |
+- {"ecdhk233", R_EC_K233}, |
101 |
+- {"ecdhk283", R_EC_K283}, |
102 |
+- {"ecdhk409", R_EC_K409}, |
103 |
+- {"ecdhk571", R_EC_K571}, |
104 |
+- {"ecdhb163", R_EC_B163}, |
105 |
+- {"ecdhb233", R_EC_B233}, |
106 |
+- {"ecdhb283", R_EC_B283}, |
107 |
+- {"ecdhb409", R_EC_B409}, |
108 |
+- {"ecdhb571", R_EC_B571}, |
109 |
+- {"ecdhbrp256r1", R_EC_BRP256R1}, |
110 |
+- {"ecdhbrp256t1", R_EC_BRP256T1}, |
111 |
+- {"ecdhbrp384r1", R_EC_BRP384R1}, |
112 |
+- {"ecdhbrp384t1", R_EC_BRP384T1}, |
113 |
+- {"ecdhbrp512r1", R_EC_BRP512R1}, |
114 |
+- {"ecdhbrp512t1", R_EC_BRP512T1}, |
115 |
+ {"ecdhx25519", R_EC_X25519}, |
116 |
+ {"ecdhx448", R_EC_X448} |
117 |
+ }; |
118 |
+@@ -1495,29 +1441,10 @@ int speed_main(int argc, char **argv) |
119 |
+ unsigned int bits; |
120 |
+ } test_curves[] = { |
121 |
+ /* Prime Curves */ |
122 |
+- {"secp160r1", NID_secp160r1, 160}, |
123 |
+- {"nistp192", NID_X9_62_prime192v1, 192}, |
124 |
+ {"nistp224", NID_secp224r1, 224}, |
125 |
+ {"nistp256", NID_X9_62_prime256v1, 256}, |
126 |
+ {"nistp384", NID_secp384r1, 384}, |
127 |
+ {"nistp521", NID_secp521r1, 521}, |
128 |
+- /* Binary Curves */ |
129 |
+- {"nistk163", NID_sect163k1, 163}, |
130 |
+- {"nistk233", NID_sect233k1, 233}, |
131 |
+- {"nistk283", NID_sect283k1, 283}, |
132 |
+- {"nistk409", NID_sect409k1, 409}, |
133 |
+- {"nistk571", NID_sect571k1, 571}, |
134 |
+- {"nistb163", NID_sect163r2, 163}, |
135 |
+- {"nistb233", NID_sect233r1, 233}, |
136 |
+- {"nistb283", NID_sect283r1, 283}, |
137 |
+- {"nistb409", NID_sect409r1, 409}, |
138 |
+- {"nistb571", NID_sect571r1, 571}, |
139 |
+- {"brainpoolP256r1", NID_brainpoolP256r1, 256}, |
140 |
+- {"brainpoolP256t1", NID_brainpoolP256t1, 256}, |
141 |
+- {"brainpoolP384r1", NID_brainpoolP384r1, 384}, |
142 |
+- {"brainpoolP384t1", NID_brainpoolP384t1, 384}, |
143 |
+- {"brainpoolP512r1", NID_brainpoolP512r1, 512}, |
144 |
+- {"brainpoolP512t1", NID_brainpoolP512t1, 512}, |
145 |
+ /* Other and ECDH only ones */ |
146 |
+ {"X25519", NID_X25519, 253}, |
147 |
+ {"X448", NID_X448, 448} |
148 |
+@@ -2017,9 +1944,9 @@ int speed_main(int argc, char **argv) |
149 |
+ # endif |
150 |
+ |
151 |
+ # ifndef OPENSSL_NO_EC |
152 |
+- ecdsa_c[R_EC_P160][0] = count / 1000; |
153 |
+- ecdsa_c[R_EC_P160][1] = count / 1000 / 2; |
154 |
+- for (i = R_EC_P192; i <= R_EC_P521; i++) { |
155 |
++ ecdsa_c[R_EC_P224][0] = count / 1000; |
156 |
++ ecdsa_c[R_EC_P224][1] = count / 1000 / 2; |
157 |
++ for (i = R_EC_P256; i <= R_EC_P521; i++) { |
158 |
+ ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2; |
159 |
+ ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2; |
160 |
+ if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0) |
161 |
+@@ -2031,6 +1958,7 @@ int speed_main(int argc, char **argv) |
162 |
+ } |
163 |
+ } |
164 |
+ } |
165 |
++#if 0 |
166 |
+ ecdsa_c[R_EC_K163][0] = count / 1000; |
167 |
+ ecdsa_c[R_EC_K163][1] = count / 1000 / 2; |
168 |
+ for (i = R_EC_K233; i <= R_EC_K571; i++) { |
169 |
+@@ -2059,9 +1987,9 @@ int speed_main(int argc, char **argv) |
170 |
+ } |
171 |
+ } |
172 |
+ } |
173 |
+- |
174 |
+- ecdh_c[R_EC_P160][0] = count / 1000; |
175 |
+- for (i = R_EC_P192; i <= R_EC_P521; i++) { |
176 |
++#endif |
177 |
++ ecdh_c[R_EC_P224][0] = count / 1000; |
178 |
++ for (i = R_EC_P256; i <= R_EC_P521; i++) { |
179 |
+ ecdh_c[i][0] = ecdh_c[i - 1][0] / 2; |
180 |
+ if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0) |
181 |
+ ecdh_doit[i] = 0; |
182 |
+@@ -2071,6 +1999,7 @@ int speed_main(int argc, char **argv) |
183 |
+ } |
184 |
+ } |
185 |
+ } |
186 |
++#if 0 |
187 |
+ ecdh_c[R_EC_K163][0] = count / 1000; |
188 |
+ for (i = R_EC_K233; i <= R_EC_K571; i++) { |
189 |
+ ecdh_c[i][0] = ecdh_c[i - 1][0] / 2; |
190 |
+@@ -2116,6 +2045,7 @@ int speed_main(int argc, char **argv) |
191 |
+ } |
192 |
+ } |
193 |
+ } |
194 |
++#endif |
195 |
+ /* default iteration count for the last two EC Curves */ |
196 |
+ ecdh_c[R_EC_X25519][0] = count / 1800; |
197 |
+ ecdh_c[R_EC_X448][0] = count / 7200; |
198 |
+--- a/crypto/ec/ecp_smpl.c |
199 |
++++ b/crypto/ec/ecp_smpl.c |
200 |
+@@ -145,6 +145,11 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group, |
201 |
+ return 0; |
202 |
+ } |
203 |
+ |
204 |
++ if (BN_num_bits(p) < 224) { |
205 |
++ ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD); |
206 |
++ return 0; |
207 |
++ } |
208 |
++ |
209 |
+ if (ctx == NULL) { |
210 |
+ ctx = new_ctx = BN_CTX_new(); |
211 |
+ if (ctx == NULL) |
212 |
+--- a/test/ecdsatest.c |
213 |
++++ b/test/ecdsatest.c |
214 |
+@@ -176,6 +176,7 @@ static int x9_62_tests(void) |
215 |
+ if (!change_rand()) |
216 |
+ goto x962_err; |
217 |
+ |
218 |
++#if 0 |
219 |
+ if (!TEST_true(x9_62_test_internal(NID_X9_62_prime192v1, |
220 |
+ "3342403536405981729393488334694600415596881826869351677613", |
221 |
+ "5735822328888155254683894997897571951568553642892029982342"))) |
222 |
+@@ -186,6 +187,7 @@ static int x9_62_tests(void) |
223 |
+ "3238135532097973577080787768312505059318910517550078427819" |
224 |
+ "78505179448783"))) |
225 |
+ goto x962_err; |
226 |
++#endif |
227 |
+ |
228 |
+ # ifndef OPENSSL_NO_EC2M |
229 |
+ if (!TEST_true(x9_62_test_internal(NID_X9_62_c2tnb191v1, |
230 |
|
231 |
diff --git a/dev-libs/openssl/openssl-1.1.1b.ebuild b/dev-libs/openssl/openssl-1.1.1b-r1.ebuild |
232 |
similarity index 97% |
233 |
rename from dev-libs/openssl/openssl-1.1.1b.ebuild |
234 |
rename to dev-libs/openssl/openssl-1.1.1b-r1.ebuild |
235 |
index ad888b7d6a6..5e05c9dcab0 100644 |
236 |
--- a/dev-libs/openssl/openssl-1.1.1b.ebuild |
237 |
+++ b/dev-libs/openssl/openssl-1.1.1b-r1.ebuild |
238 |
@@ -64,12 +64,18 @@ src_prepare() { |
239 |
for i in "${FEDORA_SOURCE[@]}" ; do |
240 |
cp -f "${DISTDIR}"/"${P}_${i}" "${WORKDIR}"/"${i}" || die |
241 |
done |
242 |
+ |
243 |
# .spec %prep |
244 |
bash "${WORKDIR}"/"${SOURCE1}" || die |
245 |
cp -f "${WORKDIR}"/"${SOURCE12}" "${S}"/crypto/ec/ || die |
246 |
cp -f "${WORKDIR}"/"${SOURCE13}" "${S}"/test/ || die |
247 |
for i in "${FEDORA_PATCH[@]}" ; do |
248 |
- eapply "${DISTDIR}"/"${i}" |
249 |
+ if [[ "${i}" == "${PATCH37}" ]] ; then |
250 |
+ # apply our own for OpenSSL 1.1.1b adjusted version of this patch |
251 |
+ eapply "${FILESDIR}"/openssl-1.1.1b-ec-curves-patch.patch |
252 |
+ else |
253 |
+ eapply "${DISTDIR}"/"${i}" |
254 |
+ fi |
255 |
done |
256 |
# Also see the configure parts below: |
257 |
# enable-ec \ |