svn commit: r421968 - in head/security/opencryptoki: . files
John Marino
marino at FreeBSD.org
Tue Sep 13 01:28:21 UTC 2016
Author: marino
Date: Tue Sep 13 01:28:20 2016
New Revision: 421968
URL: https://svnweb.freebsd.org/changeset/ports/421968
Log:
security/opencryptoki: Fix build with LIbreSSL (old DES functions)
The referenced PR is related but overcome by the import of the latest
version of opencryptoki.
PR: 198351
Approved by: SSL blanket
Added:
head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c (contents, props changed)
Modified:
head/security/opencryptoki/Makefile
Modified: head/security/opencryptoki/Makefile
==============================================================================
--- head/security/opencryptoki/Makefile Tue Sep 13 00:49:12 2016 (r421967)
+++ head/security/opencryptoki/Makefile Tue Sep 13 01:28:20 2016 (r421968)
@@ -17,9 +17,8 @@ LICENSE_PERMS= dist-mirror dist-sell pkg
LIB_DEPENDS= libtspi.so:security/trousers
-USES= alias autoreconf gmake libtool tar:tgz
+USES= alias autoreconf gmake libtool ssl tar:tgz
USE_LDCONFIG= ${PREFIX}/lib/opencryptoki
-USE_OPENSSL= yes
.if exists(/usr/include/openssl/md2.h)
WITH_OPENSSL_PORT=yes
.endif
Added: head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/opencryptoki/files/patch-usr_lib_pkcs11_common_sw__crypt.c Tue Sep 13 01:28:20 2016 (r421968)
@@ -0,0 +1,62 @@
+--- usr/lib/pkcs11/common/sw_crypt.c.orig 2016-04-29 17:26:46 UTC
++++ usr/lib/pkcs11/common/sw_crypt.c
+@@ -309,12 +309,12 @@ sw_des3_cbc(CK_BYTE * in_data,
+ CK_BYTE *key_value,
+ CK_BYTE encrypt)
+ {
+- des_key_schedule des_key1;
+- des_key_schedule des_key2;
+- des_key_schedule des_key3;
++ DES_key_schedule des_key1;
++ DES_key_schedule des_key2;
++ DES_key_schedule des_key3;
+
+- const_des_cblock key_SSL1, key_SSL2, key_SSL3;
+- des_cblock ivec;
++ const_DES_cblock key_SSL1, key_SSL2, key_SSL3;
++ DES_cblock ivec;
+
+ // the des decrypt will only fail if the data length is not evenly divisible
+ // by 8
+@@ -328,30 +328,30 @@ sw_des3_cbc(CK_BYTE * in_data,
+ memcpy(&key_SSL1, key_value, (size_t)8);
+ memcpy(&key_SSL2, key_value+8, (size_t)8);
+ memcpy(&key_SSL3, key_value+16, (size_t)8);
+- des_set_key_unchecked(&key_SSL1, des_key1);
+- des_set_key_unchecked(&key_SSL2, des_key2);
+- des_set_key_unchecked(&key_SSL3, des_key3);
++ DES_set_key_unchecked(&key_SSL1, &des_key1);
++ DES_set_key_unchecked(&key_SSL2, &des_key2);
++ DES_set_key_unchecked(&key_SSL3, &des_key3);
+
+ memcpy(ivec, init_v, sizeof(ivec));
+
+ // Encrypt or decrypt the data
+ if (encrypt) {
+- des_ede3_cbc_encrypt(in_data,
++ DES_ede3_cbc_encrypt(in_data,
+ out_data,
+ in_data_len,
+- des_key1,
+- des_key2,
+- des_key3,
++ &des_key1,
++ &des_key2,
++ &des_key3,
+ &ivec,
+ DES_ENCRYPT);
+ *out_data_len = in_data_len;
+ } else {
+- des_ede3_cbc_encrypt(in_data,
++ DES_ede3_cbc_encrypt(in_data,
+ out_data,
+ in_data_len,
+- des_key1,
+- des_key2,
+- des_key3,
++ &des_key1,
++ &des_key2,
++ &des_key3,
+ &ivec,
+ DES_DECRYPT);
+
More information about the svn-ports-head
mailing list