Date: Tue, 13 Sep 2016 01:28:20 +0000 (UTC) From: John Marino <marino@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r421968 - in head/security/opencryptoki: . files Message-ID: <201609130128.u8D1SKgG004258@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: marino Date: Tue Sep 13 01:28:20 2016 New Revision: 421968 URL: https://svnweb.freebsd.org/changeset/ports/421968 Log: security/opencryptoki: Fix build with LIbreSSL (old DES functions) The referenced PR is related but overcome by the import of the latest version of opencryptoki. PR: 198351 Approved by: SSL blanket Added: head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c (contents, props changed) Modified: head/security/opencryptoki/Makefile Modified: head/security/opencryptoki/Makefile ============================================================================== --- head/security/opencryptoki/Makefile Tue Sep 13 00:49:12 2016 (r421967) +++ head/security/opencryptoki/Makefile Tue Sep 13 01:28:20 2016 (r421968) @@ -17,9 +17,8 @@ LICENSE_PERMS= dist-mirror dist-sell pkg LIB_DEPENDS= libtspi.so:security/trousers -USES= alias autoreconf gmake libtool tar:tgz +USES= alias autoreconf gmake libtool ssl tar:tgz USE_LDCONFIG= ${PREFIX}/lib/opencryptoki -USE_OPENSSL= yes .if exists(/usr/include/openssl/md2.h) WITH_OPENSSL_PORT=yes .endif Added: head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c Tue Sep 13 01:28:20 2016 (r421968) @@ -0,0 +1,62 @@ +--- usr/lib/pkcs11/common/sw_crypt.c.orig 2016-04-29 17:26:46 UTC ++++ usr/lib/pkcs11/common/sw_crypt.c +@@ -309,12 +309,12 @@ sw_des3_cbc(CK_BYTE * in_data, + CK_BYTE *key_value, + CK_BYTE encrypt) + { +- des_key_schedule des_key1; +- des_key_schedule des_key2; +- des_key_schedule des_key3; ++ DES_key_schedule des_key1; ++ DES_key_schedule des_key2; ++ DES_key_schedule des_key3; + +- const_des_cblock key_SSL1, key_SSL2, key_SSL3; +- des_cblock ivec; ++ const_DES_cblock key_SSL1, key_SSL2, key_SSL3; ++ DES_cblock ivec; + + // the des decrypt will only fail if the data length is not evenly divisible + // by 8 +@@ -328,30 +328,30 @@ sw_des3_cbc(CK_BYTE * in_data, + memcpy(&key_SSL1, key_value, (size_t)8); + memcpy(&key_SSL2, key_value+8, (size_t)8); + memcpy(&key_SSL3, key_value+16, (size_t)8); +- des_set_key_unchecked(&key_SSL1, des_key1); +- des_set_key_unchecked(&key_SSL2, des_key2); +- des_set_key_unchecked(&key_SSL3, des_key3); ++ DES_set_key_unchecked(&key_SSL1, &des_key1); ++ DES_set_key_unchecked(&key_SSL2, &des_key2); ++ DES_set_key_unchecked(&key_SSL3, &des_key3); + + memcpy(ivec, init_v, sizeof(ivec)); + + // Encrypt or decrypt the data + if (encrypt) { +- des_ede3_cbc_encrypt(in_data, ++ DES_ede3_cbc_encrypt(in_data, + out_data, + in_data_len, +- des_key1, +- des_key2, +- des_key3, ++ &des_key1, ++ &des_key2, ++ &des_key3, + &ivec, + DES_ENCRYPT); + *out_data_len = in_data_len; + } else { +- des_ede3_cbc_encrypt(in_data, ++ DES_ede3_cbc_encrypt(in_data, + out_data, + in_data_len, +- des_key1, +- des_key2, +- des_key3, ++ &des_key1, ++ &des_key2, ++ &des_key3, + &ivec, + DES_DECRYPT); +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201609130128.u8D1SKgG004258>