ppisar pushed to perl-Crypt-OpenSSL-ECDSA (master). "Adapt to OpenSSL 1.1.0 (bug #1383652)"

notifications Wed, 12 Oct 2016 00:45:14 -0700

From 403c89a7e2a368c146d8925bf0b0ff9910a35fe9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppi...@redhat.com>
Date: Wed, 12 Oct 2016 09:41:16 +0200
Subject: Adapt to OpenSSL 1.1.0 (bug #1383652)


---
 ...-OpenSSL-ECDSA-0.08-Port-to-OpenSSL-1.1.0.patch | 193 +++++++++++++++++++++
 perl-Crypt-OpenSSL-ECDSA.spec                      |   8 +-
 2 files changed, 200 insertions(+), 1 deletion(-)
 create mode 100644 Crypt-OpenSSL-ECDSA-0.08-Port-to-OpenSSL-1.1.0.patch

diff --git a/Crypt-OpenSSL-ECDSA-0.08-Port-to-OpenSSL-1.1.0.patch 
b/Crypt-OpenSSL-ECDSA-0.08-Port-to-OpenSSL-1.1.0.patch
new file mode 100644
index 0000000..f2f0222
--- /dev/null
+++ b/Crypt-OpenSSL-ECDSA-0.08-Port-to-OpenSSL-1.1.0.patch
@@ -0,0 +1,193 @@
+From 7a707a2bb0b0c6de1eb98cef74a5d1016f0e8c9a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppi...@redhat.com>
+Date: Tue, 11 Oct 2016 16:15:43 +0200
+Subject: [PATCH] Port to OpenSSL 1.1.0
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+OpenSSL 1.1.0 hid ECDSA structure internals and provided methods
+instead.
+
+This patch uses the methods and provides their copies in the case of
+older OpenSSL. Because the new OpenSSL API, ECDSA_SIG_set0(), cannot
+set curve parameters individually and ECDSA_SIG_get0() returns yet
+another reference, it's necessary to duplicate the other unchanged
+paramater when calling set_r() or set_s().
+
+This patch also stops exporting ECDSA_METHOD functions that were
+removed from the new OpenSSL.
+
+CPAN RT#118330
+
+Signed-off-by: Petr Písař <ppi...@redhat.com>
+---
+ ECDSA.xs | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++--------------
+ 1 file changed, 61 insertions(+), 17 deletions(-)
+
+diff --git a/ECDSA.xs b/ECDSA.xs
+index 4016368..648303e 100644
+--- a/ECDSA.xs
++++ b/ECDSA.xs
+@@ -7,9 +7,34 @@
+ 
+ #include <openssl/ecdsa.h>
+ #include <openssl/err.h>
++#include <openssl/bn.h>
+ 
+ #include "const-c.inc"
+ 
++
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#include <openssl/ec.h>
++#else
++static void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr,
++    const BIGNUM **ps) {
++    if (pr != NULL)
++        *pr = sig->r;
++    if (ps != NULL)
++        *ps = sig->s;
++}
++
++static int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
++{
++    if (r == NULL || s == NULL)
++        return 0;
++    BN_clear_free(sig->r);
++    BN_clear_free(sig->s);
++    sig->r = r;
++    sig->s = s;
++    return 1;
++}
++#endif
++
+ MODULE = Crypt::OpenSSL::ECDSA                PACKAGE = Crypt::OpenSSL::ECDSA
+ 
+ PROTOTYPES: ENABLE
+@@ -17,7 +42,9 @@ INCLUDE: const-xs.inc
+ 
+ BOOT:
+     ERR_load_crypto_strings();
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && OPENSSL_VERSION_NUMBER < 
0x10100000L
+     ERR_load_ECDSA_strings();
++#endif
+ 
+ #ECDSA_SIG *
+ #ECDSA_SIG_new()
+@@ -61,10 +88,16 @@ ECDSA_do_verify(const unsigned char *dgst, const ECDSA_SIG 
*sig, EC_KEY* eckey);
+       OUTPUT:
+               RETVAL
+ 
+-# These ECDSA_METHOD functions only became available in 1.0.2
++# These ECDSA_METHOD functions only became available in 1.0.2,
++# but some of them removed again in 1.1.0.
+ 
+ #if OPENSSL_VERSION_NUMBER >= 0x10002000L
+ 
++int     
++ECDSA_size(const EC_KEY *eckey)
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++
+ const ECDSA_METHOD *
+ ECDSA_OpenSSL()
+ 
+@@ -77,9 +110,6 @@ ECDSA_get_default_method()
+ int     
+ ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
+ 
+-int     
+-ECDSA_size(const EC_KEY *eckey)
+-
+ ECDSA_METHOD *
+ ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method=0)
+ 
+@@ -95,7 +125,7 @@ ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char 
*name)
+ void 
+ ERR_load_ECDSA_strings()
+ 
+-
++#endif
+ #endif
+ 
+ 
+@@ -135,11 +165,13 @@ SV *
+ get_r(ecdsa_sig)
+         ECDSA_SIG *ecdsa_sig
+     PREINIT:
++        const BIGNUM *r;
+         unsigned char *to;
+         STRLEN len;
+     CODE:
+         to = malloc(sizeof(char) * 128);
+-        len = BN_bn2bin(ecdsa_sig->r, to);
++        ECDSA_SIG_get0(ecdsa_sig, &r, NULL);
++        len = BN_bn2bin(r, to);
+         RETVAL = newSVpvn((const char*)to, len);
+         free(to);
+     OUTPUT:
+@@ -149,11 +181,13 @@ SV *
+ get_s(ecdsa_sig)
+         ECDSA_SIG *ecdsa_sig
+     PREINIT:
++        const BIGNUM *s;
+         unsigned char *to;
+         STRLEN len;
+     CODE:
+         to = malloc(sizeof(char) * 128);
+-        len = BN_bn2bin(ecdsa_sig->s, to);
++        ECDSA_SIG_get0(ecdsa_sig, NULL, &s);
++        len = BN_bn2bin(s, to);
+         RETVAL = newSVpvn((const char*)to, len);
+         free(to);
+     OUTPUT:
+@@ -164,26 +198,36 @@ set_r(ecdsa_sig, r_SV)
+         ECDSA_SIG *ecdsa_sig
+         SV * r_SV
+     PREINIT:
+-      char *s;
++          char *string;
+         STRLEN len;
++        BIGNUM *r;
++        BIGNUM *s;
+     CODE:
+-        s = SvPV(r_SV, len);
+-        if (ecdsa_sig->r)
+-            BN_free(ecdsa_sig->r);
+-        ecdsa_sig->r = BN_bin2bn((const unsigned char *)s, len, NULL);
++        string = SvPV(r_SV, len);
++        r = BN_bin2bn((const unsigned char *)string, len, NULL);
++        ECDSA_SIG_get0(ecdsa_sig, NULL, (const BIGNUM**)&s);
++        s = BN_dup(s);
++        if (NULL == s)
++            croak("Could not duplicate unchanged ECDSA paramater");
++        ECDSA_SIG_set0(ecdsa_sig, r, s);
+ 
+ void
+ set_s(ecdsa_sig, s_SV)
+         ECDSA_SIG *ecdsa_sig
+         SV * s_SV
+     PREINIT:
+-      char *s;
++          char *string;
+         STRLEN len;
++        BIGNUM *r;
++        BIGNUM *s;
+     CODE:
+-        s = SvPV(s_SV, len);
+-        if (ecdsa_sig->s)
+-            BN_free(ecdsa_sig->s);
+-        ecdsa_sig->s = BN_bin2bn((const unsigned char *)s, len, NULL);
++        string = SvPV(s_SV, len);
++        s = BN_bin2bn((const unsigned char *)string, len, NULL);
++        ECDSA_SIG_get0(ecdsa_sig, (const BIGNUM**)&r, NULL);
++        r = BN_dup(r);
++        if (NULL == r)
++            croak("Could not duplicate unchanged ECDSA paramater");
++        ECDSA_SIG_set0(ecdsa_sig, r, s);
+ 
+ 
+ 
+-- 
+2.7.4
+
diff --git a/perl-Crypt-OpenSSL-ECDSA.spec b/perl-Crypt-OpenSSL-ECDSA.spec
index d37c884..7c23b89 100644
--- a/perl-Crypt-OpenSSL-ECDSA.spec
+++ b/perl-Crypt-OpenSSL-ECDSA.spec
@@ -1,11 +1,13 @@
 Name:           perl-Crypt-OpenSSL-ECDSA
 Version:        0.08
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Perl extension for OpenSSL ECDSA (Elliptic Curve Digital 
Signature Algorithm)
 License:        GPL+ or Artistic
 Group:          Development/Libraries
 URL:            http://search.cpan.org/dist/Crypt-OpenSSL-ECDSA/
 Source0:        
http://www.cpan.org/authors/id/M/MI/MIKEM/Crypt-OpenSSL-ECDSA-%{version}.tar.gz
+# Adapt to OpenSSL 1.1.0, bug #1383652, CPAN RT#118330
+Patch0:         Crypt-OpenSSL-ECDSA-0.08-Port-to-OpenSSL-1.1.0.patch
 BuildRequires:  findutils
 BuildRequires:  openssl-devel
 BuildRequires:  perl
@@ -38,6 +40,7 @@ Signature Algorithm) functions from OpenSSL library.
 
 %prep
 %setup -q -n Crypt-OpenSSL-ECDSA-%{version}
+%patch0 -p1
 
 %build
 perl Makefile.PL INSTALLDIRS=vendor OPTIMIZE="$RPM_OPT_FLAGS" \
@@ -60,6 +63,9 @@ make test
 %{_mandir}/man3/*
 
 %changelog
+* Wed Oct 12 2016 Petr Pisar <ppi...@redhat.com> - 0.08-2
+- Adapt to OpenSSL 1.1.0 (bug #1383652)
+
 * Mon Aug 01 2016 Jitka Plesnikova <jples...@redhat.com> - 0.08-1
 - 0.08 bump
 
-- 
cgit v0.12


        
http://pkgs.fedoraproject.org/cgit/perl-Crypt-OpenSSL-ECDSA.git/commit/?h=master&id=403c89a7e2a368c146d8925bf0b0ff9910a35fe9
_______________________________________________
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

ppisar pushed to perl-Crypt-OpenSSL-ECDSA (master). "Adapt to OpenSSL 1.1.0 (bug #1383652)"

Reply via email to