1 |
commit: 6f6f1a15a5ab8192443e1e4d4f4da5909e04cb42 |
2 |
Author: orbea <orbea <AT> riseup <DOT> net> |
3 |
AuthorDate: Sun May 8 18:10:24 2022 +0000 |
4 |
Commit: Quentin Retornaz <gentoo <AT> retornaz <DOT> com> |
5 |
CommitDate: Mon May 9 18:35:53 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=6f6f1a15 |
7 |
|
8 |
dev-libs/libp11: Add 0.4.11-r2 |
9 |
|
10 |
Signed-off-by: orbea <orbea <AT> riseup.net> |
11 |
Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com> |
12 |
|
13 |
dev-libs/libp11/files/libp11-0.4.11-libressl.patch | 165 ++++++++++++++++++++- |
14 |
dev-libs/libp11/libp11-0.4.11-r2.ebuild | 32 ++++ |
15 |
2 files changed, 194 insertions(+), 3 deletions(-) |
16 |
|
17 |
diff --git a/dev-libs/libp11/files/libp11-0.4.11-libressl.patch b/dev-libs/libp11/files/libp11-0.4.11-libressl.patch |
18 |
index 9f285b1..f074cd8 100644 |
19 |
--- a/dev-libs/libp11/files/libp11-0.4.11-libressl.patch |
20 |
+++ b/dev-libs/libp11/files/libp11-0.4.11-libressl.patch |
21 |
@@ -1,6 +1,163 @@ |
22 |
-diff -puriN libp11-0.4.11.orig/src/p11_rsa.c libp11-0.4.11/src/p11_rsa.c |
23 |
---- libp11-0.4.11.orig/src/p11_rsa.c 2020-10-11 08:41:00.000000000 -0500 |
24 |
-+++ libp11-0.4.11/src/p11_rsa.c 2021-01-15 06:00:38.000000000 -0600 |
25 |
+Fix the build against libressl-3.5 |
26 |
+ |
27 |
+diff --git a/examples/auth.c b/examples/auth.c |
28 |
+index 241db6d..7f1a905 100644 |
29 |
+--- a/examples/auth.c |
30 |
++++ b/examples/auth.c |
31 |
+@@ -267,7 +267,7 @@ int main(int argc, char *argv[]) |
32 |
+ |
33 |
+ /* now verify the result */ |
34 |
+ rc = RSA_verify(NID_sha1, random, RANDOM_SIZE, |
35 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER) |
36 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
37 |
+ signature, siglen, EVP_PKEY_get0_RSA(pubkey)); |
38 |
+ #else |
39 |
+ signature, siglen, pubkey->pkey.rsa); |
40 |
+diff --git a/examples/decrypt.c b/examples/decrypt.c |
41 |
+index d059fd4..2b51149 100644 |
42 |
+--- a/examples/decrypt.c |
43 |
++++ b/examples/decrypt.c |
44 |
+@@ -168,7 +168,7 @@ int main(int argc, char *argv[]) |
45 |
+ } |
46 |
+ |
47 |
+ /* allocate destination buffer */ |
48 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER) |
49 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
50 |
+ encrypted = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pubkey))); |
51 |
+ #else |
52 |
+ encrypted = OPENSSL_malloc(RSA_size(pubkey->pkey.rsa)); |
53 |
+@@ -181,7 +181,7 @@ int main(int argc, char *argv[]) |
54 |
+ |
55 |
+ /* use public key for encryption */ |
56 |
+ len = RSA_public_encrypt(RANDOM_SIZE, random, encrypted, |
57 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER) |
58 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
59 |
+ EVP_PKEY_get0_RSA(pubkey), |
60 |
+ #else |
61 |
+ pubkey->pkey.rsa, |
62 |
+@@ -248,7 +248,7 @@ loggedin: |
63 |
+ } |
64 |
+ |
65 |
+ /* allocate space for decrypted data */ |
66 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER) |
67 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
68 |
+ decrypted = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pubkey))); |
69 |
+ #else |
70 |
+ decrypted = OPENSSL_malloc(RSA_size(pubkey->pkey.rsa)); |
71 |
+diff --git a/src/libp11-int.h b/src/libp11-int.h |
72 |
+index 5c2b295..9b97119 100644 |
73 |
+--- a/src/libp11-int.h |
74 |
++++ b/src/libp11-int.h |
75 |
+@@ -152,7 +152,7 @@ void CRYPTO_THREAD_lock_free(int); |
76 |
+ #endif |
77 |
+ |
78 |
+ /* Emulate the OpenSSL 1.1 getters */ |
79 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100003L || defined(LIBRESSL_VERSION_NUMBER) |
80 |
++#if OPENSSL_VERSION_NUMBER < 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3000000L ) |
81 |
+ #define EVP_PKEY_get0_RSA(key) ((key)->pkey.rsa) |
82 |
+ #define EVP_PKEY_get0_EC_KEY(key) ((key)->pkey.ec) |
83 |
+ #endif |
84 |
+diff --git a/src/p11_cert.c b/src/p11_cert.c |
85 |
+index da09278..fb0818f 100644 |
86 |
+--- a/src/p11_cert.c |
87 |
++++ b/src/p11_cert.c |
88 |
+@@ -304,7 +304,7 @@ int pkcs11_store_certificate(PKCS11_TOKEN *token, X509 *x509, char *label, |
89 |
+ (pkcs11_i2d_fn)i2d_X509_NAME, X509_get_issuer_name(x509)); |
90 |
+ |
91 |
+ /* Get digest algorithm from x509 certificate */ |
92 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) |
93 |
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
94 |
+ signature_nid = X509_get_signature_nid(x509); |
95 |
+ #else |
96 |
+ signature_nid = OBJ_obj2nid(x509->sig_alg->algorithm); |
97 |
+diff --git a/src/p11_ec.c b/src/p11_ec.c |
98 |
+index 7e4b676..568e8c2 100644 |
99 |
+--- a/src/p11_ec.c |
100 |
++++ b/src/p11_ec.c |
101 |
+@@ -470,7 +470,7 @@ static ECDSA_SIG *pkcs11_ecdsa_sign_sig(const unsigned char *dgst, int dlen, |
102 |
+ sig = ECDSA_SIG_new(); |
103 |
+ if (!sig) |
104 |
+ return NULL; |
105 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) |
106 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
107 |
+ ECDSA_SIG_set0(sig, r, s); |
108 |
+ #else |
109 |
+ BN_free(sig->r); |
110 |
+diff --git a/src/p11_key.c b/src/p11_key.c |
111 |
+index e2ffe3b..827d112 100644 |
112 |
+--- a/src/p11_key.c |
113 |
++++ b/src/p11_key.c |
114 |
+@@ -251,7 +251,7 @@ static int pkcs11_store_key(PKCS11_TOKEN *token, EVP_PKEY *pk, |
115 |
+ pkcs11_addattr_bool(attrs + n++, CKA_VERIFY, TRUE); |
116 |
+ pkcs11_addattr_bool(attrs + n++, CKA_WRAP, TRUE); |
117 |
+ } |
118 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER) |
119 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
120 |
+ if (EVP_PKEY_base_id(pk) == EVP_PKEY_RSA) { |
121 |
+ RSA *rsa = EVP_PKEY_get1_RSA(pk); |
122 |
+ pkcs11_addattr_int(attrs + n++, CKA_KEY_TYPE, CKK_RSA); |
123 |
+@@ -336,7 +336,7 @@ EVP_PKEY *pkcs11_get_key(PKCS11_KEY *key, int isPrivate) |
124 |
+ #endif |
125 |
+ } |
126 |
+ } |
127 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) |
128 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
129 |
+ EVP_PKEY_up_ref(key->evp_key); |
130 |
+ #else |
131 |
+ CRYPTO_add(&key->evp_key->references, 1, CRYPTO_LOCK_EVP_PKEY); |
132 |
+diff --git a/src/p11_pkey.c b/src/p11_pkey.c |
133 |
+index 50eef56..4536a67 100644 |
134 |
+--- a/src/p11_pkey.c |
135 |
++++ b/src/p11_pkey.c |
136 |
+@@ -621,7 +621,7 @@ static int pkcs11_try_pkey_ec_sign(EVP_PKEY_CTX *evp_pkey_ctx, |
137 |
+ BIGNUM *r = BN_bin2bn(sig, size/2, NULL); |
138 |
+ BIGNUM *s = BN_bin2bn(sig + size/2, size/2, NULL); |
139 |
+ |
140 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) |
141 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
142 |
+ ECDSA_SIG_set0(ossl_sig, r, s); |
143 |
+ #else |
144 |
+ BN_free(ossl_sig->r); |
145 |
+diff --git a/src/p11_rsa.c b/src/p11_rsa.c |
146 |
+index b6beef0..45acf2a 100644 |
147 |
+--- a/src/p11_rsa.c |
148 |
++++ b/src/p11_rsa.c |
149 |
+@@ -223,7 +223,7 @@ success: |
150 |
+ rsa = RSA_new(); |
151 |
+ if (!rsa) |
152 |
+ goto failure; |
153 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER) |
154 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
155 |
+ RSA_set0_key(rsa, rsa_n, rsa_e, NULL); |
156 |
+ #else |
157 |
+ rsa->n = rsa_n; |
158 |
+@@ -275,7 +275,7 @@ static EVP_PKEY *pkcs11_get_evp_key_rsa(PKCS11_KEY *key) |
159 |
+ |
160 |
+ if (key->isPrivate) { |
161 |
+ RSA_set_method(rsa, PKCS11_get_rsa_method()); |
162 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER) |
163 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
164 |
+ RSA_set_flags(rsa, RSA_FLAG_EXT_PKEY); |
165 |
+ #else |
166 |
+ rsa->flags |= RSA_FLAG_EXT_PKEY; |
167 |
+@@ -301,7 +301,7 @@ int pkcs11_get_key_modulus(PKCS11_KEY *key, BIGNUM **bn) |
168 |
+ |
169 |
+ if (!rsa) |
170 |
+ return 0; |
171 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER) |
172 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
173 |
+ RSA_get0_key(rsa, &rsa_n, NULL, NULL); |
174 |
+ #else |
175 |
+ rsa_n=rsa->n; |
176 |
+@@ -318,7 +318,7 @@ int pkcs11_get_key_exponent(PKCS11_KEY *key, BIGNUM **bn) |
177 |
+ |
178 |
+ if (!rsa) |
179 |
+ return 0; |
180 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER) |
181 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || ( defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL ) |
182 |
+ RSA_get0_key(rsa, NULL, &rsa_e, NULL); |
183 |
+ #else |
184 |
+ rsa_e=rsa->e; |
185 |
@@ -336,7 +336,7 @@ int pkcs11_get_key_size(PKCS11_KEY *key) |
186 |
return RSA_size(rsa); |
187 |
} |
188 |
@@ -10,4 +167,6 @@ diff -puriN libp11-0.4.11.orig/src/p11_rsa.c libp11-0.4.11/src/p11_rsa.c |
189 |
|
190 |
int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth)) |
191 |
(int flen, const unsigned char *from, |
192 |
+-- |
193 |
+2.35.1 |
194 |
|
195 |
|
196 |
diff --git a/dev-libs/libp11/libp11-0.4.11-r2.ebuild b/dev-libs/libp11/libp11-0.4.11-r2.ebuild |
197 |
new file mode 100644 |
198 |
index 0000000..53ba90b |
199 |
--- /dev/null |
200 |
+++ b/dev-libs/libp11/libp11-0.4.11-r2.ebuild |
201 |
@@ -0,0 +1,32 @@ |
202 |
+# Copyright 1999-2021 Gentoo Authors |
203 |
+# Distributed under the terms of the GNU General Public License v2 |
204 |
+ |
205 |
+EAPI=7 |
206 |
+ |
207 |
+DESCRIPTION="Abstraction layer to simplify PKCS#11 API" |
208 |
+HOMEPAGE="https://github.com/opensc/libp11/wiki" |
209 |
+SRC_URI="https://github.com/OpenSC/${PN}/releases/download/${P}/${P}.tar.gz" |
210 |
+ |
211 |
+LICENSE="LGPL-2.1" |
212 |
+SLOT="0" |
213 |
+KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ppc ppc64 ~riscv ~s390 sparc x86" |
214 |
+IUSE="doc static-libs" |
215 |
+ |
216 |
+RDEPEND="dev-libs/openssl:=" |
217 |
+DEPEND="${RDEPEND}" |
218 |
+BDEPEND="virtual/pkgconfig |
219 |
+ doc? ( app-doc/doxygen )" |
220 |
+ |
221 |
+PATCHES=("${FILESDIR}/libp11-0.4.11-libressl.patch") |
222 |
+ |
223 |
+src_configure() { |
224 |
+ econf \ |
225 |
+ --enable-shared \ |
226 |
+ $(use_enable static-libs static) \ |
227 |
+ $(use_enable doc api-doc) |
228 |
+} |
229 |
+ |
230 |
+src_install() { |
231 |
+ default |
232 |
+ find "${D}" -name '*.la' -delete || die |
233 |
+} |