commit: 6f6f1a15a5ab8192443e1e4d4f4da5909e04cb42
Author: orbea <orbea <AT> riseup <DOT> net>
AuthorDate: Sun May 8 18:10:24 2022 +0000
Commit: Quentin Retornaz <gentoo <AT> retornaz <DOT> com>
CommitDate: Mon May 9 18:35:53 2022 +0000
URL: https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=6f6f1a15
dev-libs/libp11: Add 0.4.11-r2
Signed-off-by: orbea <orbea <AT> riseup.net>
Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com>
dev-libs/libp11/files/libp11-0.4.11-libressl.patch | 165 ++++++++++++++++++++-
dev-libs/libp11/libp11-0.4.11-r2.ebuild | 32 ++++
2 files changed, 194 insertions(+), 3 deletions(-)
diff --git a/dev-libs/libp11/files/libp11-0.4.11-libressl.patch
b/dev-libs/libp11/files/libp11-0.4.11-libressl.patch
index 9f285b1..f074cd8 100644
--- a/dev-libs/libp11/files/libp11-0.4.11-libressl.patch
+++ b/dev-libs/libp11/files/libp11-0.4.11-libressl.patch
@@ -1,6 +1,163 @@
-diff -puriN libp11-0.4.11.orig/src/p11_rsa.c libp11-0.4.11/src/p11_rsa.c
---- libp11-0.4.11.orig/src/p11_rsa.c 2020-10-11 08:41:00.000000000 -0500
-+++ libp11-0.4.11/src/p11_rsa.c 2021-01-15 06:00:38.000000000 -0600
+Fix the build against libressl-3.5
+
+diff --git a/examples/auth.c b/examples/auth.c
+index 241db6d..7f1a905 100644
+--- a/examples/auth.c
++++ b/examples/auth.c
+@@ -267,7 +267,7 @@ int main(int argc, char *argv[])
+
+ /* now verify the result */
+ rc = RSA_verify(NID_sha1, random, RANDOM_SIZE,
+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ signature, siglen, EVP_PKEY_get0_RSA(pubkey));
+ #else
+ signature, siglen, pubkey->pkey.rsa);
+diff --git a/examples/decrypt.c b/examples/decrypt.c
+index d059fd4..2b51149 100644
+--- a/examples/decrypt.c
++++ b/examples/decrypt.c
+@@ -168,7 +168,7 @@ int main(int argc, char *argv[])
+ }
+
+ /* allocate destination buffer */
+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ encrypted = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pubkey)));
+ #else
+ encrypted = OPENSSL_malloc(RSA_size(pubkey->pkey.rsa));
+@@ -181,7 +181,7 @@ int main(int argc, char *argv[])
+
+ /* use public key for encryption */
+ len = RSA_public_encrypt(RANDOM_SIZE, random, encrypted,
+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ EVP_PKEY_get0_RSA(pubkey),
+ #else
+ pubkey->pkey.rsa,
+@@ -248,7 +248,7 @@ loggedin:
+ }
+
+ /* allocate space for decrypted data */
+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ decrypted = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pubkey)));
+ #else
+ decrypted = OPENSSL_malloc(RSA_size(pubkey->pkey.rsa));
+diff --git a/src/libp11-int.h b/src/libp11-int.h
+index 5c2b295..9b97119 100644
+--- a/src/libp11-int.h
++++ b/src/libp11-int.h
+@@ -152,7 +152,7 @@ void CRYPTO_THREAD_lock_free(int);
+ #endif
+
+ /* Emulate the OpenSSL 1.1 getters */
+-#if OPENSSL_VERSION_NUMBER < 0x10100003L || defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER < 0x10100003L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3000000L )
+ #define EVP_PKEY_get0_RSA(key) ((key)->pkey.rsa)
+ #define EVP_PKEY_get0_EC_KEY(key) ((key)->pkey.ec)
+ #endif
+diff --git a/src/p11_cert.c b/src/p11_cert.c
+index da09278..fb0818f 100644
+--- a/src/p11_cert.c
++++ b/src/p11_cert.c
+@@ -304,7 +304,7 @@ int pkcs11_store_certificate(PKCS11_TOKEN *token, X509
*x509, char *label,
+ (pkcs11_i2d_fn)i2d_X509_NAME, X509_get_issuer_name(x509));
+
+ /* Get digest algorithm from x509 certificate */
+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ signature_nid = X509_get_signature_nid(x509);
+ #else
+ signature_nid = OBJ_obj2nid(x509->sig_alg->algorithm);
+diff --git a/src/p11_ec.c b/src/p11_ec.c
+index 7e4b676..568e8c2 100644
+--- a/src/p11_ec.c
++++ b/src/p11_ec.c
+@@ -470,7 +470,7 @@ static ECDSA_SIG *pkcs11_ecdsa_sign_sig(const unsigned
char *dgst, int dlen,
+ sig = ECDSA_SIG_new();
+ if (!sig)
+ return NULL;
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ ECDSA_SIG_set0(sig, r, s);
+ #else
+ BN_free(sig->r);
+diff --git a/src/p11_key.c b/src/p11_key.c
+index e2ffe3b..827d112 100644
+--- a/src/p11_key.c
++++ b/src/p11_key.c
+@@ -251,7 +251,7 @@ static int pkcs11_store_key(PKCS11_TOKEN *token, EVP_PKEY
*pk,
+ pkcs11_addattr_bool(attrs + n++, CKA_VERIFY, TRUE);
+ pkcs11_addattr_bool(attrs + n++, CKA_WRAP, TRUE);
+ }
+-#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ if (EVP_PKEY_base_id(pk) == EVP_PKEY_RSA) {
+ RSA *rsa = EVP_PKEY_get1_RSA(pk);
+ pkcs11_addattr_int(attrs + n++, CKA_KEY_TYPE, CKK_RSA);
+@@ -336,7 +336,7 @@ EVP_PKEY *pkcs11_get_key(PKCS11_KEY *key, int isPrivate)
+ #endif
+ }
+ }
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ EVP_PKEY_up_ref(key->evp_key);
+ #else
+ CRYPTO_add(&key->evp_key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+diff --git a/src/p11_pkey.c b/src/p11_pkey.c
+index 50eef56..4536a67 100644
+--- a/src/p11_pkey.c
++++ b/src/p11_pkey.c
+@@ -621,7 +621,7 @@ static int pkcs11_try_pkey_ec_sign(EVP_PKEY_CTX
*evp_pkey_ctx,
+ BIGNUM *r = BN_bin2bn(sig, size/2, NULL);
+ BIGNUM *s = BN_bin2bn(sig + size/2, size/2, NULL);
+
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ ECDSA_SIG_set0(ossl_sig, r, s);
+ #else
+ BN_free(ossl_sig->r);
+diff --git a/src/p11_rsa.c b/src/p11_rsa.c
+index b6beef0..45acf2a 100644
+--- a/src/p11_rsa.c
++++ b/src/p11_rsa.c
+@@ -223,7 +223,7 @@ success:
+ rsa = RSA_new();
+ if (!rsa)
+ goto failure;
+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ RSA_set0_key(rsa, rsa_n, rsa_e, NULL);
+ #else
+ rsa->n = rsa_n;
+@@ -275,7 +275,7 @@ static EVP_PKEY *pkcs11_get_evp_key_rsa(PKCS11_KEY *key)
+
+ if (key->isPrivate) {
+ RSA_set_method(rsa, PKCS11_get_rsa_method());
+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ RSA_set_flags(rsa, RSA_FLAG_EXT_PKEY);
+ #else
+ rsa->flags |= RSA_FLAG_EXT_PKEY;
+@@ -301,7 +301,7 @@ int pkcs11_get_key_modulus(PKCS11_KEY *key, BIGNUM **bn)
+
+ if (!rsa)
+ return 0;
+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ RSA_get0_key(rsa, &rsa_n, NULL, NULL);
+ #else
+ rsa_n=rsa->n;
+@@ -318,7 +318,7 @@ int pkcs11_get_key_exponent(PKCS11_KEY *key, BIGNUM **bn)
+
+ if (!rsa)
+ return 0;
+-#if OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L || (
defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3050000fL )
+ RSA_get0_key(rsa, NULL, &rsa_e, NULL);
+ #else
+ rsa_e=rsa->e;
@@ -336,7 +336,7 @@ int pkcs11_get_key_size(PKCS11_KEY *key)
return RSA_size(rsa);
}
@@ -10,4 +167,6 @@ diff -puriN libp11-0.4.11.orig/src/p11_rsa.c
libp11-0.4.11/src/p11_rsa.c
int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
(int flen, const unsigned char *from,
+--
+2.35.1
diff --git a/dev-libs/libp11/libp11-0.4.11-r2.ebuild
b/dev-libs/libp11/libp11-0.4.11-r2.ebuild
new file mode 100644
index 0000000..53ba90b
--- /dev/null
+++ b/dev-libs/libp11/libp11-0.4.11-r2.ebuild
@@ -0,0 +1,32 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+DESCRIPTION="Abstraction layer to simplify PKCS#11 API"
+HOMEPAGE="https://github.com/opensc/libp11/wiki";
+SRC_URI="https://github.com/OpenSC/${PN}/releases/download/${P}/${P}.tar.gz";
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ppc ppc64 ~riscv ~s390 sparc x86"
+IUSE="doc static-libs"
+
+RDEPEND="dev-libs/openssl:="
+DEPEND="${RDEPEND}"
+BDEPEND="virtual/pkgconfig
+ doc? ( app-doc/doxygen )"
+
+PATCHES=("${FILESDIR}/libp11-0.4.11-libressl.patch")
+
+src_configure() {
+ econf \
+ --enable-shared \
+ $(use_enable static-libs static) \
+ $(use_enable doc api-doc)
+}
+
+src_install() {
+ default
+ find "${D}" -name '*.la' -delete || die
+}
