[gentoo-commits] repo/proj/libressl:master commit in: dev-libs/libp11/files/, dev-libs/libp11/ - gentoo-commits

From:	Quentin Retornaz <gentoo@××××××××.com>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/proj/libressl:master commit in: dev-libs/libp11/files/, dev-libs/libp11/
Date:	Mon, 09 May 2022 18:37:23
Message-Id:	`1652121353.6f6f1a15a5ab8192443e1e4d4f4da5909e04cb42.quentin@gentoo`

1

commit:     6f6f1a15a5ab8192443e1e4d4f4da5909e04cb42

2

Author:     orbea <orbea <AT> riseup <DOT> net>

3

AuthorDate: Sun May  8 18:10:24 2022 +0000

4

Commit:     Quentin Retornaz <gentoo <AT> retornaz <DOT> com>

5

CommitDate: Mon May  9 18:35:53 2022 +0000

6

URL:        https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=6f6f1a15

7

8

dev-libs/libp11: Add 0.4.11-r2

9

10

Signed-off-by: orbea <orbea <AT> riseup.net>

11

Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com>

12

13

 dev-libs/libp11/files/libp11-0.4.11-libressl.patch | 165 ++++++++++++++++++++-

14

 dev-libs/libp11/libp11-0.4.11-r2.ebuild            |  32 ++++

15

 2 files changed, 194 insertions(+), 3 deletions(-)

16

17

diff --git a/dev-libs/libp11/files/libp11-0.4.11-libressl.patch b/dev-libs/libp11/files/libp11-0.4.11-libressl.patch

18

index 9f285b1..f074cd8 100644

19

--- a/dev-libs/libp11/files/libp11-0.4.11-libressl.patch

20

+++ b/dev-libs/libp11/files/libp11-0.4.11-libressl.patch

21

@@ -1,6 +1,163 @@

22

-diff -puriN libp11-0.4.11.orig/src/p11_rsa.c libp11-0.4.11/src/p11_rsa.c

23

---- libp11-0.4.11.orig/src/p11_rsa.c	2020-10-11 08:41:00.000000000 -0500

24

-+++ libp11-0.4.11/src/p11_rsa.c	2021-01-15 06:00:38.000000000 -0600

25

+Fix the build against libressl-3.5

26

+

27

+diff --git a/examples/auth.c b/examples/auth.c

28

+index 241db6d..7f1a905 100644

29

+--- a/examples/auth.c

30

++++ b/examples/auth.c

31

+@@ -267,7 +267,7 @@ int main(int argc, char *argv[])

32

+

33

+ 	/* now verify the result */

34

+ 	rc = RSA_verify(NID_sha1, random, RANDOM_SIZE,

35

+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)

36

++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

37

+ 			signature, siglen, EVP_PKEY_get0_RSA(pubkey));

38

+ #else

39

+ 			signature, siglen, pubkey->pkey.rsa);

40

+diff --git a/examples/decrypt.c b/examples/decrypt.c

41

+index d059fd4..2b51149 100644

42

+--- a/examples/decrypt.c

43

++++ b/examples/decrypt.c

44

+@@ -168,7 +168,7 @@ int main(int argc, char *argv[])

45

+ 	}

46

+

47

+ 	/* allocate destination buffer */

48

+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)

49

++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

50

+ 	encrypted = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pubkey)));

51

+ #else

52

+ 	encrypted = OPENSSL_malloc(RSA_size(pubkey->pkey.rsa));

53

+@@ -181,7 +181,7 @@ int main(int argc, char *argv[])

54

+

55

+ 	/* use public key for encryption */

56

+ 	len = RSA_public_encrypt(RANDOM_SIZE, random, encrypted,

57

+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)

58

++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

59

+ 			EVP_PKEY_get0_RSA(pubkey),

60

+ #else

61

+ 			pubkey->pkey.rsa,

62

+@@ -248,7 +248,7 @@ loggedin:

63

+ 	}

64

+

65

+ 	/* allocate space for decrypted data */

66

+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)

67

++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

68

+ 	decrypted = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pubkey)));

69

+ #else

70

+ 	decrypted = OPENSSL_malloc(RSA_size(pubkey->pkey.rsa));

71

+diff --git a/src/libp11-int.h b/src/libp11-int.h

72

+index 5c2b295..9b97119 100644

73

+--- a/src/libp11-int.h

74

++++ b/src/libp11-int.h

75

+@@ -152,7 +152,7 @@ void CRYPTO_THREAD_lock_free(int);

76

+ #endif

77

+

78

+ /* Emulate the OpenSSL 1.1 getters */

79

+-#if OPENSSL_VERSION_NUMBER < 0x10100003L || defined(LIBRESSL_VERSION_NUMBER)

80

++#if OPENSSL_VERSION_NUMBER < 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3000000L )

81

+ #define EVP_PKEY_get0_RSA(key) ((key)->pkey.rsa)

82

+ #define EVP_PKEY_get0_EC_KEY(key) ((key)->pkey.ec)

83

+ #endif

84

+diff --git a/src/p11_cert.c b/src/p11_cert.c

85

+index da09278..fb0818f 100644

86

+--- a/src/p11_cert.c

87

++++ b/src/p11_cert.c

88

+@@ -304,7 +304,7 @@ int pkcs11_store_certificate(PKCS11_TOKEN *token, X509 *x509, char *label,

89

+ 		(pkcs11_i2d_fn)i2d_X509_NAME, X509_get_issuer_name(x509));

90

+

91

+ 	/* Get digest algorithm from x509 certificate */

92

+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)

93

++#if OPENSSL_VERSION_NUMBER >= 0x10002000L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

94

+ 	signature_nid = X509_get_signature_nid(x509);

95

+ #else

96

+ 	signature_nid = OBJ_obj2nid(x509->sig_alg->algorithm);

97

+diff --git a/src/p11_ec.c b/src/p11_ec.c

98

+index 7e4b676..568e8c2 100644

99

+--- a/src/p11_ec.c

100

++++ b/src/p11_ec.c

101

+@@ -470,7 +470,7 @@ static ECDSA_SIG *pkcs11_ecdsa_sign_sig(const unsigned char *dgst, int dlen,

102

+ 	sig = ECDSA_SIG_new();

103

+ 	if (!sig)

104

+ 		return NULL;

105

+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

106

++#if OPENSSL_VERSION_NUMBER >= 0x10100000L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

107

+ 	ECDSA_SIG_set0(sig, r, s);

108

+ #else

109

+ 	BN_free(sig->r);

110

+diff --git a/src/p11_key.c b/src/p11_key.c

111

+index e2ffe3b..827d112 100644

112

+--- a/src/p11_key.c

113

++++ b/src/p11_key.c

114

+@@ -251,7 +251,7 @@ static int pkcs11_store_key(PKCS11_TOKEN *token, EVP_PKEY *pk,

115

+ 		pkcs11_addattr_bool(attrs + n++, CKA_VERIFY, TRUE);

116

+ 		pkcs11_addattr_bool(attrs + n++, CKA_WRAP, TRUE);

117

+ 	}

118

+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)

119

++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

120

+ 	if (EVP_PKEY_base_id(pk) == EVP_PKEY_RSA) {

121

+ 		RSA *rsa = EVP_PKEY_get1_RSA(pk);

122

+ 		pkcs11_addattr_int(attrs + n++, CKA_KEY_TYPE, CKK_RSA);

123

+@@ -336,7 +336,7 @@ EVP_PKEY *pkcs11_get_key(PKCS11_KEY *key, int isPrivate)

124

+ #endif

125

+ 		}

126

+ 	}

127

+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

128

++#if OPENSSL_VERSION_NUMBER >= 0x10100000L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) 

129

+ 	EVP_PKEY_up_ref(key->evp_key);

130

+ #else

131

+ 	CRYPTO_add(&key->evp_key->references, 1, CRYPTO_LOCK_EVP_PKEY);

132

+diff --git a/src/p11_pkey.c b/src/p11_pkey.c

133

+index 50eef56..4536a67 100644

134

+--- a/src/p11_pkey.c

135

++++ b/src/p11_pkey.c

136

+@@ -621,7 +621,7 @@ static int pkcs11_try_pkey_ec_sign(EVP_PKEY_CTX *evp_pkey_ctx,

137

+ 		BIGNUM *r = BN_bin2bn(sig, size/2, NULL);

138

+ 		BIGNUM *s = BN_bin2bn(sig + size/2, size/2, NULL);

139

+

140

+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

141

++#if OPENSSL_VERSION_NUMBER >= 0x10100000L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

142

+ 		ECDSA_SIG_set0(ossl_sig, r, s);

143

+ #else

144

+ 		BN_free(ossl_sig->r);

145

+diff --git a/src/p11_rsa.c b/src/p11_rsa.c

146

+index b6beef0..45acf2a 100644

147

+--- a/src/p11_rsa.c

148

++++ b/src/p11_rsa.c

149

+@@ -223,7 +223,7 @@ success:

150

+ 	rsa = RSA_new();

151

+ 	if (!rsa)

152

+ 		goto failure;

153

+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)

154

++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

155

+ 	RSA_set0_key(rsa, rsa_n, rsa_e, NULL);

156

+ #else

157

+ 	rsa->n = rsa_n;

158

+@@ -275,7 +275,7 @@ static EVP_PKEY *pkcs11_get_evp_key_rsa(PKCS11_KEY *key)

159

+

160

+ 	if (key->isPrivate) {

161

+ 		RSA_set_method(rsa, PKCS11_get_rsa_method());

162

+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)

163

++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

164

+ 		RSA_set_flags(rsa, RSA_FLAG_EXT_PKEY);

165

+ #else

166

+ 		rsa->flags |= RSA_FLAG_EXT_PKEY;

167

+@@ -301,7 +301,7 @@ int pkcs11_get_key_modulus(PKCS11_KEY *key, BIGNUM **bn)

168

+

169

+ 	if (!rsa)

170

+ 		return 0;

171

+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)

172

++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

173

+ 	RSA_get0_key(rsa, &rsa_n, NULL, NULL);

174

+ #else

175

+ 	rsa_n=rsa->n;

176

+@@ -318,7 +318,7 @@ int pkcs11_get_key_exponent(PKCS11_KEY *key, BIGNUM **bn)

177

+

178

+ 	if (!rsa)

179

+ 		return 0;

180

+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)

181

++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )

182

+ 	RSA_get0_key(rsa, NULL, &rsa_e, NULL);

183

+ #else

184

+ 	rsa_e=rsa->e;

185

 @@ -336,7 +336,7 @@ int pkcs11_get_key_size(PKCS11_KEY *key)

186

  	return RSA_size(rsa);

187

}

188

@@ -10,4 +167,6 @@ diff -puriN libp11-0.4.11.orig/src/p11_rsa.c libp11-0.4.11/src/p11_rsa.c

189

190

  int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))

191

  		(int flen, const unsigned char *from,

192

+--

193

+2.35.1

194

195

196

diff --git a/dev-libs/libp11/libp11-0.4.11-r2.ebuild b/dev-libs/libp11/libp11-0.4.11-r2.ebuild

197

new file mode 100644

198

index 0000000..53ba90b

199

--- /dev/null

200

+++ b/dev-libs/libp11/libp11-0.4.11-r2.ebuild

201

@@ -0,0 +1,32 @@

202

+# Copyright 1999-2021 Gentoo Authors

203

+# Distributed under the terms of the GNU General Public License v2

204

+

205

+EAPI=7

206

+

207

+DESCRIPTION="Abstraction layer to simplify PKCS#11 API"

208

+HOMEPAGE="https://github.com/opensc/libp11/wiki"

209

+SRC_URI="https://github.com/OpenSC/${PN}/releases/download/${P}/${P}.tar.gz"

210

+

211

+LICENSE="LGPL-2.1"

212

+SLOT="0"

213

+KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ppc ppc64 ~riscv ~s390 sparc x86"

214

+IUSE="doc static-libs"

215

+

216

+RDEPEND="dev-libs/openssl:="

217

+DEPEND="${RDEPEND}"

218

+BDEPEND="virtual/pkgconfig

219

+	doc? ( app-doc/doxygen )"

220

+

221

+PATCHES=("${FILESDIR}/libp11-0.4.11-libressl.patch")

222

+

223

+src_configure() {

224

+	econf \

225

+		--enable-shared \

226

+		$(use_enable static-libs static) \

227

+		$(use_enable doc api-doc)

228

+}

229

+

230

+src_install() {

231

+	default

232

+	find "${D}" -name '*.la' -delete || die

233

+}

1	commit: 6f6f1a15a5ab8192443e1e4d4f4da5909e04cb42
2	Author: orbea <orbea <AT> riseup <DOT> net>
3	AuthorDate: Sun May 8 18:10:24 2022 +0000
4	Commit: Quentin Retornaz <gentoo <AT> retornaz <DOT> com>
5	CommitDate: Mon May 9 18:35:53 2022 +0000
6	URL: https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=6f6f1a15
7
8	dev-libs/libp11: Add 0.4.11-r2
9
10	Signed-off-by: orbea <orbea <AT> riseup.net>
11	Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com>
12
13	dev-libs/libp11/files/libp11-0.4.11-libressl.patch \| 165 ++++++++++++++++++++-
14	dev-libs/libp11/libp11-0.4.11-r2.ebuild \| 32 ++++
15	2 files changed, 194 insertions(+), 3 deletions(-)
16
17	diff --git a/dev-libs/libp11/files/libp11-0.4.11-libressl.patch b/dev-libs/libp11/files/libp11-0.4.11-libressl.patch
18	index 9f285b1..f074cd8 100644
19	--- a/dev-libs/libp11/files/libp11-0.4.11-libressl.patch
20	+++ b/dev-libs/libp11/files/libp11-0.4.11-libressl.patch
21	@@ -1,6 +1,163 @@
22	-diff -puriN libp11-0.4.11.orig/src/p11_rsa.c libp11-0.4.11/src/p11_rsa.c
23	---- libp11-0.4.11.orig/src/p11_rsa.c 2020-10-11 08:41:00.000000000 -0500
24	-+++ libp11-0.4.11/src/p11_rsa.c 2021-01-15 06:00:38.000000000 -0600
25	+Fix the build against libressl-3.5
26	+
27	+diff --git a/examples/auth.c b/examples/auth.c
28	+index 241db6d..7f1a905 100644
29	+--- a/examples/auth.c
30	++++ b/examples/auth.c
31	+@@ -267,7 +267,7 @@ int main(int argc, char *argv[])
32	+
33	+ /* now verify the result */
34	+ rc = RSA_verify(NID_sha1, random, RANDOM_SIZE,
35	+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
36	++#if OPENSSL_VERSION_NUMBER >= 0x10100003L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
37	+ signature, siglen, EVP_PKEY_get0_RSA(pubkey));
38	+ #else
39	+ signature, siglen, pubkey->pkey.rsa);
40	+diff --git a/examples/decrypt.c b/examples/decrypt.c
41	+index d059fd4..2b51149 100644
42	+--- a/examples/decrypt.c
43	++++ b/examples/decrypt.c
44	+@@ -168,7 +168,7 @@ int main(int argc, char *argv[])
45	+ }
46	+
47	+ /* allocate destination buffer */
48	+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
49	++#if OPENSSL_VERSION_NUMBER >= 0x10100003L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
50	+ encrypted = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pubkey)));
51	+ #else
52	+ encrypted = OPENSSL_malloc(RSA_size(pubkey->pkey.rsa));
53	+@@ -181,7 +181,7 @@ int main(int argc, char *argv[])
54	+
55	+ /* use public key for encryption */
56	+ len = RSA_public_encrypt(RANDOM_SIZE, random, encrypted,
57	+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
58	++#if OPENSSL_VERSION_NUMBER >= 0x10100003L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
59	+ EVP_PKEY_get0_RSA(pubkey),
60	+ #else
61	+ pubkey->pkey.rsa,
62	+@@ -248,7 +248,7 @@ loggedin:
63	+ }
64	+
65	+ /* allocate space for decrypted data */
66	+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
67	++#if OPENSSL_VERSION_NUMBER >= 0x10100003L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
68	+ decrypted = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pubkey)));
69	+ #else
70	+ decrypted = OPENSSL_malloc(RSA_size(pubkey->pkey.rsa));
71	+diff --git a/src/libp11-int.h b/src/libp11-int.h
72	+index 5c2b295..9b97119 100644
73	+--- a/src/libp11-int.h
74	++++ b/src/libp11-int.h
75	+@@ -152,7 +152,7 @@ void CRYPTO_THREAD_lock_free(int);
76	+ #endif
77	+
78	+ /* Emulate the OpenSSL 1.1 getters */
79	+-#if OPENSSL_VERSION_NUMBER < 0x10100003L \|\| defined(LIBRESSL_VERSION_NUMBER)
80	++#if OPENSSL_VERSION_NUMBER < 0x10100003L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3000000L )
81	+ #define EVP_PKEY_get0_RSA(key) ((key)->pkey.rsa)
82	+ #define EVP_PKEY_get0_EC_KEY(key) ((key)->pkey.ec)
83	+ #endif
84	+diff --git a/src/p11_cert.c b/src/p11_cert.c
85	+index da09278..fb0818f 100644
86	+--- a/src/p11_cert.c
87	++++ b/src/p11_cert.c
88	+@@ -304,7 +304,7 @@ int pkcs11_store_certificate(PKCS11_TOKEN token, X509 x509, char *label,
89	+ (pkcs11_i2d_fn)i2d_X509_NAME, X509_get_issuer_name(x509));
90	+
91	+ /* Get digest algorithm from x509 certificate */
92	+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
93	++#if OPENSSL_VERSION_NUMBER >= 0x10002000L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
94	+ signature_nid = X509_get_signature_nid(x509);
95	+ #else
96	+ signature_nid = OBJ_obj2nid(x509->sig_alg->algorithm);
97	+diff --git a/src/p11_ec.c b/src/p11_ec.c
98	+index 7e4b676..568e8c2 100644
99	+--- a/src/p11_ec.c
100	++++ b/src/p11_ec.c
101	+@@ -470,7 +470,7 @@ static ECDSA_SIG pkcs11_ecdsa_sign_sig(const unsigned char dgst, int dlen,
102	+ sig = ECDSA_SIG_new();
103	+ if (!sig)
104	+ return NULL;
105	+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
106	++#if OPENSSL_VERSION_NUMBER >= 0x10100000L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
107	+ ECDSA_SIG_set0(sig, r, s);
108	+ #else
109	+ BN_free(sig->r);
110	+diff --git a/src/p11_key.c b/src/p11_key.c
111	+index e2ffe3b..827d112 100644
112	+--- a/src/p11_key.c
113	++++ b/src/p11_key.c
114	+@@ -251,7 +251,7 @@ static int pkcs11_store_key(PKCS11_TOKEN token, EVP_PKEY pk,
115	+ pkcs11_addattr_bool(attrs + n++, CKA_VERIFY, TRUE);
116	+ pkcs11_addattr_bool(attrs + n++, CKA_WRAP, TRUE);
117	+ }
118	+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
119	++#if OPENSSL_VERSION_NUMBER >= 0x10100003L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
120	+ if (EVP_PKEY_base_id(pk) == EVP_PKEY_RSA) {
121	+ RSA *rsa = EVP_PKEY_get1_RSA(pk);
122	+ pkcs11_addattr_int(attrs + n++, CKA_KEY_TYPE, CKK_RSA);
123	+@@ -336,7 +336,7 @@ EVP_PKEY pkcs11_get_key(PKCS11_KEY key, int isPrivate)
124	+ #endif
125	+ }
126	+ }
127	+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
128	++#if OPENSSL_VERSION_NUMBER >= 0x10100000L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
129	+ EVP_PKEY_up_ref(key->evp_key);
130	+ #else
131	+ CRYPTO_add(&key->evp_key->references, 1, CRYPTO_LOCK_EVP_PKEY);
132	+diff --git a/src/p11_pkey.c b/src/p11_pkey.c
133	+index 50eef56..4536a67 100644
134	+--- a/src/p11_pkey.c
135	++++ b/src/p11_pkey.c
136	+@@ -621,7 +621,7 @@ static int pkcs11_try_pkey_ec_sign(EVP_PKEY_CTX *evp_pkey_ctx,
137	+ BIGNUM *r = BN_bin2bn(sig, size/2, NULL);
138	+ BIGNUM *s = BN_bin2bn(sig + size/2, size/2, NULL);
139	+
140	+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
141	++#if OPENSSL_VERSION_NUMBER >= 0x10100000L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
142	+ ECDSA_SIG_set0(ossl_sig, r, s);
143	+ #else
144	+ BN_free(ossl_sig->r);
145	+diff --git a/src/p11_rsa.c b/src/p11_rsa.c
146	+index b6beef0..45acf2a 100644
147	+--- a/src/p11_rsa.c
148	++++ b/src/p11_rsa.c
149	+@@ -223,7 +223,7 @@ success:
150	+ rsa = RSA_new();
151	+ if (!rsa)
152	+ goto failure;
153	+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)
154	++#if OPENSSL_VERSION_NUMBER >= 0x10100005L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
155	+ RSA_set0_key(rsa, rsa_n, rsa_e, NULL);
156	+ #else
157	+ rsa->n = rsa_n;
158	+@@ -275,7 +275,7 @@ static EVP_PKEY pkcs11_get_evp_key_rsa(PKCS11_KEY key)
159	+
160	+ if (key->isPrivate) {
161	+ RSA_set_method(rsa, PKCS11_get_rsa_method());
162	+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)
163	++#if OPENSSL_VERSION_NUMBER >= 0x10100005L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
164	+ RSA_set_flags(rsa, RSA_FLAG_EXT_PKEY);
165	+ #else
166	+ rsa->flags \|= RSA_FLAG_EXT_PKEY;
167	+@@ -301,7 +301,7 @@ int pkcs11_get_key_modulus(PKCS11_KEY key, BIGNUM *bn)
168	+
169	+ if (!rsa)
170	+ return 0;
171	+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)
172	++#if OPENSSL_VERSION_NUMBER >= 0x10100005L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
173	+ RSA_get0_key(rsa, &rsa_n, NULL, NULL);
174	+ #else
175	+ rsa_n=rsa->n;
176	+@@ -318,7 +318,7 @@ int pkcs11_get_key_exponent(PKCS11_KEY key, BIGNUM *bn)
177	+
178	+ if (!rsa)
179	+ return 0;
180	+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)
181	++#if OPENSSL_VERSION_NUMBER >= 0x10100005L \|\| ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
182	+ RSA_get0_key(rsa, NULL, &rsa_e, NULL);
183	+ #else
184	+ rsa_e=rsa->e;
185	@@ -336,7 +336,7 @@ int pkcs11_get_key_size(PKCS11_KEY *key)
186	return RSA_size(rsa);
187	}
188	@@ -10,4 +167,6 @@ diff -puriN libp11-0.4.11.orig/src/p11_rsa.c libp11-0.4.11/src/p11_rsa.c
189
190	int (RSA_meth_get_priv_enc(const RSA_METHOD meth))
191	(int flen, const unsigned char *from,
192	+--
193	+2.35.1
194
195
196	diff --git a/dev-libs/libp11/libp11-0.4.11-r2.ebuild b/dev-libs/libp11/libp11-0.4.11-r2.ebuild
197	new file mode 100644
198	index 0000000..53ba90b
199	--- /dev/null
200	+++ b/dev-libs/libp11/libp11-0.4.11-r2.ebuild
201	@@ -0,0 +1,32 @@
202	+# Copyright 1999-2021 Gentoo Authors
203	+# Distributed under the terms of the GNU General Public License v2
204	+
205	+EAPI=7
206	+
207	+DESCRIPTION="Abstraction layer to simplify PKCS#11 API"
208	+HOMEPAGE="https://github.com/opensc/libp11/wiki"
209	+SRC_URI="https://github.com/OpenSC/${PN}/releases/download/${P}/${P}.tar.gz"
210	+
211	+LICENSE="LGPL-2.1"
212	+SLOT="0"
213	+KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ppc ppc64 ~riscv ~s390 sparc x86"
214	+IUSE="doc static-libs"
215	+
216	+RDEPEND="dev-libs/openssl:="
217	+DEPEND="${RDEPEND}"
218	+BDEPEND="virtual/pkgconfig
219	+ doc? ( app-doc/doxygen )"
220	+
221	+PATCHES=("${FILESDIR}/libp11-0.4.11-libressl.patch")
222	+
223	+src_configure() {
224	+ econf \
225	+ --enable-shared \
226	+ $(use_enable static-libs static) \
227	+ $(use_enable doc api-doc)
228	+}
229	+
230	+src_install() {
231	+ default
232	+ find "${D}" -name '*.la' -delete \|\| die
233	+}

Gentoo Archives: gentoo-commits