diff options
Diffstat (limited to 'app-crypt/qca')
-rw-r--r-- | app-crypt/qca/Manifest | 3 | ||||
-rw-r--r-- | app-crypt/qca/files/qca-2.3.2-cmsut-signverify_message_invalid-fails-randomly.patch | 32 | ||||
-rw-r--r-- | app-crypt/qca/files/qca-2.3.2-openssl-1.1.1i-empty-msg-verification.patch | 57 | ||||
-rw-r--r-- | app-crypt/qca/files/qca-2.3.7-use-sha256-not-sha1.patch | 29 | ||||
-rw-r--r-- | app-crypt/qca/metadata.xml | 38 | ||||
-rw-r--r-- | app-crypt/qca/qca-2.3.2.ebuild | 88 | ||||
-rw-r--r-- | app-crypt/qca/qca-2.3.3.ebuild | 82 | ||||
-rw-r--r-- | app-crypt/qca/qca-2.3.8.ebuild | 118 |
8 files changed, 167 insertions, 280 deletions
diff --git a/app-crypt/qca/Manifest b/app-crypt/qca/Manifest index d4d9f7558a0f..6b18c45fa2b7 100644 --- a/app-crypt/qca/Manifest +++ b/app-crypt/qca/Manifest @@ -1,2 +1 @@ -DIST qca-2.3.2.tar.xz 735500 BLAKE2B 559b27c48c756f2b4f4f206d2157c90ae4856610f1539b4162a2bffe7fffe19b5c768d3d3f9d0486d2098fb403eb64372515815f49fd428d22dfc0405d99e435 SHA512 da6415a097c99b878f45730c1dd1e0bfc7f96858ad7018918ac7c2ae2eca830cb73e131173b1018ee4caa6c3a504b80c8ad28f8f9448c2fd1593161c2ac8aad4 -DIST qca-2.3.3.tar.xz 736456 BLAKE2B f0812fd33bd19293c8034e48bcf214d2d70dc1397860779c2c145fe841365384a8eb6bad9859520d32104010acb0cefb97e3a974b9852a37ca8039d52d9dbd03 SHA512 9a262350502daa1dd10802a7a24f0e4712d87d4ddcf752452a51caa8694a30835672f54f8e600aa8dc4afdac9ef073641deed52a24423e304d18ad2b83deeca6 +DIST qca-2.3.8.tar.xz 761340 BLAKE2B 04ec8d2fb9c2c00b04407828c549a4bb7d8bf6cda2f1071078dd446b8fc90c89872b2a4dc838bcb4eb34132545365be210c0043bde95c084901661a874600b34 SHA512 ddb410214e8264955c2bb8c68d018e3826cb8ec48f8cc7207c2aec1c36051dc0501455b5049eff927dcf354603c0646f86ca10f2cebebe87789b3fd07a993b68 diff --git a/app-crypt/qca/files/qca-2.3.2-cmsut-signverify_message_invalid-fails-randomly.patch b/app-crypt/qca/files/qca-2.3.2-cmsut-signverify_message_invalid-fails-randomly.patch deleted file mode 100644 index af86e4539fba..000000000000 --- a/app-crypt/qca/files/qca-2.3.2-cmsut-signverify_message_invalid-fails-randomly.patch +++ /dev/null @@ -1,32 +0,0 @@ -From ecdd0538dded7d2ba9e73a51f4f52030dd3f5a3b Mon Sep 17 00:00:00 2001 -From: Albert Astals Cid <aacid@kde.org> -Date: Fri, 5 Feb 2021 17:43:45 +0100 -Subject: [PATCH] Fix CMSut::signverify_message_invalid failing "randomly" - -Once in a blue moon it happens that signedResult1[signedResult1.size() - -2] is a 0, so setting it to 0 doesn't break the signature validation, so - check if it's a 0 and if it is, set it to 1 ---- - unittest/cms/cms.cpp | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/unittest/cms/cms.cpp b/unittest/cms/cms.cpp -index 4901221e..9b541789 100644 ---- a/unittest/cms/cms.cpp -+++ b/unittest/cms/cms.cpp -@@ -499,7 +499,11 @@ void CMSut::signverify_message_invalid() - - // This is just to break things - // signedResult1[30] = signedResult1[30] + 1; -- signedResult1[signedResult1.size() - 2] = 0x00; -+ if (signedResult1.at(signedResult1.size() - 2) != 0) { -+ signedResult1[signedResult1.size() - 2] = 0x00; -+ } else { -+ signedResult1[signedResult1.size() - 2] = 0x01; -+ } - - msg.startVerify(); - msg.update(signedResult1); --- -GitLab - diff --git a/app-crypt/qca/files/qca-2.3.2-openssl-1.1.1i-empty-msg-verification.patch b/app-crypt/qca/files/qca-2.3.2-openssl-1.1.1i-empty-msg-verification.patch deleted file mode 100644 index 34258aed1620..000000000000 --- a/app-crypt/qca/files/qca-2.3.2-openssl-1.1.1i-empty-msg-verification.patch +++ /dev/null @@ -1,57 +0,0 @@ -From bc94cc08e1d3ea733946861d90a21681d58665ab Mon Sep 17 00:00:00 2001 -From: Albert Astals Cid <aacid@kde.org> -Date: Fri, 5 Feb 2021 16:39:11 +0100 -Subject: [PATCH] openssl 1.1.1i made verification of empty messages always - succeed - -BUGS: 432519 ---- - unittest/cms/cms.cpp | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/unittest/cms/cms.cpp b/unittest/cms/cms.cpp -index 37e188d0..4901221e 100644 ---- a/unittest/cms/cms.cpp -+++ b/unittest/cms/cms.cpp -@@ -30,6 +30,8 @@ - #include "import_plugins.h" - #endif - -+#include <openssl/opensslv.h> -+ - class CMSut : public QObject - { - Q_OBJECT -@@ -252,7 +254,9 @@ void CMSut::signverify() - msg.waitForFinished(-1); - QVERIFY(msg.wasSigned()); - QVERIFY(msg.success()); -+#if OPENSSL_VERSION_NUMBER < 0x1010109fL - QEXPECT_FAIL("empty", "We don't seem to be able to verify signature of a zero length message", Continue); -+#endif - QVERIFY(msg.verifySuccess()); - - msg.reset(); -@@ -264,7 +268,9 @@ void CMSut::signverify() - msg.waitForFinished(-1); - QVERIFY(msg.wasSigned()); - QVERIFY(msg.success()); -+#if OPENSSL_VERSION_NUMBER < 0x1010109fL - QEXPECT_FAIL("empty", "We don't seem to be able to verify signature of a zero length message", Continue); -+#endif - QVERIFY(msg.verifySuccess()); - - msg.reset(); -@@ -277,6 +283,9 @@ void CMSut::signverify() - msg.waitForFinished(-1); - QVERIFY(msg.wasSigned()); - QVERIFY(msg.success()); -+#if OPENSSL_VERSION_NUMBER >= 0x1010109fL -+ QEXPECT_FAIL("empty", "On newer openssl verifaction of zero length message always succeeds", Continue); -+#endif - QCOMPARE(msg.verifySuccess(), false); - - msg.reset(); --- -GitLab - diff --git a/app-crypt/qca/files/qca-2.3.7-use-sha256-not-sha1.patch b/app-crypt/qca/files/qca-2.3.7-use-sha256-not-sha1.patch new file mode 100644 index 000000000000..e16fa76f6c57 --- /dev/null +++ b/app-crypt/qca/files/qca-2.3.7-use-sha256-not-sha1.patch @@ -0,0 +1,29 @@ +From 123123453bd4f3ac87ca6dd641a9028e6e7a29f0 Mon Sep 17 00:00:00 2001 +From: Albert Vaca Cintora <albertvaka@gmail.com> +Date: Mon, 24 Jul 2023 13:32:30 +0000 +Subject: [PATCH] Sign self-signed certs with SHA256 + +--- + plugins/qca-ossl/qca-ossl.cpp | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/plugins/qca-ossl/qca-ossl.cpp b/plugins/qca-ossl/qca-ossl.cpp +index 893631c9..f340ee2f 100644 +--- a/plugins/qca-ossl/qca-ossl.cpp ++++ b/plugins/qca-ossl/qca-ossl.cpp +@@ -3470,10 +3470,8 @@ public: + X509_EXTENSION *ex; + + const EVP_MD *md; +- if (priv.key()->type() == PKey::RSA) +- md = EVP_sha1(); +- else if (priv.key()->type() == PKey::DSA) +- md = EVP_sha1(); ++ if (priv.key()->type() == PKey::RSA || priv.key()->type() == PKey::DSA) ++ md = EVP_sha256(); + else + return false; + +-- +GitLab + diff --git a/app-crypt/qca/metadata.xml b/app-crypt/qca/metadata.xml index 612a394e3440..9abd64a69601 100644 --- a/app-crypt/qca/metadata.xml +++ b/app-crypt/qca/metadata.xml @@ -1,22 +1,22 @@ <?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> -<maintainer type="project"> - <email>qt@gentoo.org</email> - <name>Gentoo Qt Project</name> -</maintainer> -<maintainer type="project"> - <email>kde@gentoo.org</email> - <name>Gentoo KDE Project</name> -</maintainer> -<use> - <flag name="botan">Enable botan plugin</flag> - <flag name="gcrypt">Enable gcrypt plugin</flag> - <flag name="gpg">Enable GnuPG plugin</flag> - <flag name="logger">Enable logger plugin</flag> - <flag name="nss">Enable NSS plugin</flag> - <flag name="pkcs11">Enable PKCS#11 plugin</flag> - <flag name="sasl">Enable SASL plugin</flag> - <flag name="softstore">Enable softstore plugin</flag> -</use> + <maintainer type="project"> + <email>kde@gentoo.org</email> + <name>Gentoo KDE Project</name> + </maintainer> + <upstream> + <bugs-to>https://bugs.kde.org/</bugs-to> + <remote-id type="kde-invent">libraries/qca</remote-id> + </upstream> + <use> + <flag name="botan">Enable botan plugin</flag> + <flag name="gcrypt">Enable gcrypt plugin</flag> + <flag name="gpg">Enable GnuPG plugin</flag> + <flag name="logger">Enable logger plugin</flag> + <flag name="nss">Enable NSS plugin</flag> + <flag name="pkcs11">Enable PKCS#11 plugin</flag> + <flag name="sasl">Enable SASL plugin</flag> + <flag name="softstore">Enable softstore plugin</flag> + </use> </pkgmetadata> diff --git a/app-crypt/qca/qca-2.3.2.ebuild b/app-crypt/qca/qca-2.3.2.ebuild deleted file mode 100644 index 8d66157373c0..000000000000 --- a/app-crypt/qca/qca-2.3.2.ebuild +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit kde.org cmake qmake-utils - -DESCRIPTION="Qt Cryptographic Architecture (QCA)" -HOMEPAGE="https://userbase.kde.org/QCA" -SRC_URI="mirror://kde/stable/${PN}/${PV}/${P}.tar.xz" - -LICENSE="LGPL-2.1" -SLOT="2" -KEYWORDS="amd64 ~arm arm64 ~hppa ~ppc ~ppc64 ~sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris" -IUSE="botan debug doc examples gcrypt gpg logger nss pkcs11 sasl softstore +ssl test" - -RESTRICT="!test? ( test )" - -BDEPEND=" - doc? ( app-doc/doxygen ) -" -RDEPEND=" - dev-qt/qtcore:5 - botan? ( dev-libs/botan:= ) - gcrypt? ( dev-libs/libgcrypt:= ) - gpg? ( app-crypt/gnupg ) - nss? ( dev-libs/nss ) - pkcs11? ( - >=dev-libs/openssl-1.1 - dev-libs/pkcs11-helper - ) - sasl? ( dev-libs/cyrus-sasl:2 ) - ssl? ( >=dev-libs/openssl-1.1:0= ) -" -DEPEND="${RDEPEND} - test? ( - dev-qt/qtnetwork:5 - dev-qt/qttest:5 - ) -" - -PATCHES=( - "${FILESDIR}/${PN}-disable-pgp-test.patch" - "${FILESDIR}/${P}-openssl-1.1.1i-empty-msg-verification.patch" # bug 766932 - "${FILESDIR}/${P}-cmsut-signverify_message_invalid-fails-randomly.patch" -) - -qca_plugin_use() { - echo -DWITH_${2:-$1}_PLUGIN=$(usex "$1") -} - -src_configure() { - local mycmakeargs=( - -DQCA_FEATURE_INSTALL_DIR="${EPREFIX}$(qt5_get_mkspecsdir)/features" - -DQCA_PLUGINS_INSTALL_DIR="${EPREFIX}$(qt5_get_plugindir)" - $(qca_plugin_use botan) - $(qca_plugin_use gcrypt) - $(qca_plugin_use gpg gnupg) - $(qca_plugin_use logger) - $(qca_plugin_use nss) - $(qca_plugin_use pkcs11) - $(qca_plugin_use sasl cyrus-sasl) - $(qca_plugin_use softstore) - $(qca_plugin_use ssl ossl) - -DBUILD_TESTS=$(usex test) - ) - cmake_src_configure -} - -src_test() { - local -x QCA_PLUGIN_PATH="${BUILD_DIR}/lib/qca" - cmake_src_test -} - -src_install() { - cmake_src_install - - if use doc; then - pushd "${BUILD_DIR}" >/dev/null || die - doxygen Doxyfile || die - dodoc -r apidocs/html - popd >/dev/null || die - fi - - if use examples; then - dodoc -r "${S}"/examples - fi -} diff --git a/app-crypt/qca/qca-2.3.3.ebuild b/app-crypt/qca/qca-2.3.3.ebuild deleted file mode 100644 index c1805f95d270..000000000000 --- a/app-crypt/qca/qca-2.3.3.ebuild +++ /dev/null @@ -1,82 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit kde.org cmake qmake-utils - -DESCRIPTION="Qt Cryptographic Architecture (QCA)" -HOMEPAGE="https://userbase.kde.org/QCA" -SRC_URI="mirror://kde/stable/${PN}/${PV}/${P}.tar.xz" - -LICENSE="LGPL-2.1" -SLOT="2" -KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris" -IUSE="botan debug doc examples gcrypt gpg logger nss pkcs11 sasl softstore +ssl test" - -RESTRICT="!test? ( test )" - -RDEPEND=" - dev-qt/qtcore:5 - botan? ( dev-libs/botan:= ) - gcrypt? ( dev-libs/libgcrypt:= ) - gpg? ( app-crypt/gnupg ) - nss? ( dev-libs/nss ) - pkcs11? ( - >=dev-libs/openssl-1.1 - dev-libs/pkcs11-helper - ) - sasl? ( dev-libs/cyrus-sasl:2 ) - ssl? ( >=dev-libs/openssl-1.1:0= ) -" -DEPEND="${RDEPEND} - test? ( - dev-qt/qtnetwork:5 - dev-qt/qttest:5 - ) -" -BDEPEND="doc? ( app-doc/doxygen )" - -PATCHES=( "${FILESDIR}/${PN}-disable-pgp-test.patch" ) - -qca_plugin_use() { - echo -DWITH_${2:-$1}_PLUGIN=$(usex "$1") -} - -src_configure() { - local mycmakeargs=( - -DQCA_FEATURE_INSTALL_DIR="${EPREFIX}$(qt5_get_mkspecsdir)/features" - -DQCA_PLUGINS_INSTALL_DIR="${EPREFIX}$(qt5_get_plugindir)" - $(qca_plugin_use botan) - $(qca_plugin_use gcrypt) - $(qca_plugin_use gpg gnupg) - $(qca_plugin_use logger) - $(qca_plugin_use nss) - $(qca_plugin_use pkcs11) - $(qca_plugin_use sasl cyrus-sasl) - $(qca_plugin_use softstore) - $(qca_plugin_use ssl ossl) - -DBUILD_TESTS=$(usex test) - ) - cmake_src_configure -} - -src_test() { - local -x QCA_PLUGIN_PATH="${BUILD_DIR}/lib/qca" - cmake_src_test -} - -src_install() { - cmake_src_install - - if use doc; then - pushd "${BUILD_DIR}" >/dev/null || die - doxygen Doxyfile || die - dodoc -r apidocs/html - popd >/dev/null || die - fi - - if use examples; then - dodoc -r "${S}"/examples - fi -} diff --git a/app-crypt/qca/qca-2.3.8.ebuild b/app-crypt/qca/qca-2.3.8.ebuild new file mode 100644 index 000000000000..9b4f8839e2c5 --- /dev/null +++ b/app-crypt/qca/qca-2.3.8.ebuild @@ -0,0 +1,118 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit cmake kde.org multibuild out-of-source-utils qmake-utils + +DESCRIPTION="Qt Cryptographic Architecture (QCA)" +HOMEPAGE="https://userbase.kde.org/QCA" +SRC_URI="mirror://kde/stable/${PN}/${PV}/${P}.tar.xz" + +LICENSE="LGPL-2.1" +SLOT="2" +KEYWORDS="amd64 ~arm arm64 ~hppa ~loong ~ppc ppc64 ~riscv ~sparc x86 ~amd64-linux ~x86-linux ~ppc-macos" +IUSE="botan debug doc examples gcrypt gpg logger nss pkcs11 +qt5 qt6 sasl softstore +ssl test" +REQUIRED_USE="|| ( qt5 qt6 )" + +RESTRICT="!test? ( test )" + +RDEPEND=" + botan? ( dev-libs/botan:3= ) + gcrypt? ( dev-libs/libgcrypt:= ) + gpg? ( app-crypt/gnupg ) + nss? ( dev-libs/nss ) + pkcs11? ( + >=dev-libs/openssl-1.1 + dev-libs/pkcs11-helper + ) + qt5? ( >=dev-qt/qtcore-5.14:5 ) + qt6? ( + dev-qt/qtbase:6 + dev-qt/qt5compat:6 + ) + sasl? ( dev-libs/cyrus-sasl:2 ) + ssl? ( >=dev-libs/openssl-1.1:= ) +" +DEPEND="${RDEPEND} + test? ( + qt5? ( + dev-qt/qtnetwork:5 + dev-qt/qttest:5 + ) + qt6? ( dev-qt/qtbase:6[network] ) + ) +" +BDEPEND=" + doc? ( + app-text/doxygen[dot] + virtual/latex-base + ) +" + +PATCHES=( + "${FILESDIR}/${PN}-disable-pgp-test.patch" + "${FILESDIR}/${PN}-2.3.7-use-sha256-not-sha1.patch" # git master +) + +qca_plugin_use() { + echo -DWITH_${2:-$1}_PLUGIN=$(usex "$1") +} + +pkg_setup() { + MULTIBUILD_VARIANTS=( $(usev qt5) $(usev qt6) ) +} + +src_configure() { + myconfigure() { + local mycmakeargs=( + -DQCA_FEATURE_INSTALL_DIR="${EPREFIX}$(${MULTIBUILD_VARIANT}_get_mkspecsdir)/features" + -DQCA_PLUGINS_INSTALL_DIR="${EPREFIX}$(${MULTIBUILD_VARIANT}_get_plugindir)" + $(qca_plugin_use botan) + $(qca_plugin_use gcrypt) + $(qca_plugin_use gpg gnupg) + $(qca_plugin_use logger) + $(qca_plugin_use nss) + $(qca_plugin_use pkcs11) + $(qca_plugin_use sasl cyrus-sasl) + $(qca_plugin_use softstore) + $(qca_plugin_use ssl ossl) + -DBUILD_TESTS=$(usex test) + ) + if [[ ${MULTIBUILD_VARIANT} == qt6 ]]; then + mycmakeargs+=( -DBUILD_WITH_QT6=ON ) + else + mycmakeargs+=( -DBUILD_WITH_QT6=OFF ) + fi + cmake_src_configure + } + + multibuild_foreach_variant myconfigure +} + +src_compile() { + multibuild_foreach_variant cmake_src_compile + if use doc; then + multibuild_for_best_variant cmake_build doc + fi +} + +src_test() { + mytest() { + local -x QCA_PLUGIN_PATH="${BUILD_DIR}/lib/qca" + cmake_src_test + } + multibuild_foreach_variant mytest +} + +src_install() { + multibuild_foreach_variant cmake_src_install + + if use doc; then + multibuild_for_best_variant run_in_build_dir dodoc -r apidocs/html + fi + + if use examples; then + dodoc -r "${S}"/examples + fi +} |