Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch
diff options
context:
space:
mode:
Diffstat (limited to 'dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch')
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch97
1 files changed, 0 insertions, 97 deletions
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch
deleted file mode 100644
index 8f249e22a1d2..000000000000
--- a/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch
+++ /dev/null
@@ -1,97 +0,0 @@
-From c25ae0fff78cb3cb784ef79167329d5cd55b62de Mon Sep 17 00:00:00 2001
-From: Bernd Edlinger <bernd.edlinger@hotmail.de>
-Date: Thu, 27 Dec 2018 22:18:21 +0100
-Subject: [PATCH] Fix cert with rsa instead of rsaEncryption as public key
- algorithm
-
-Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
-(Merged from https://github.com/openssl/openssl/pull/7962)
-
-(cherry picked from commit 1f483a69bce11c940309edc437eee6e32294d5f2)
----
- crypto/rsa/rsa_ameth.c | 9 ++++++---
- test/certs/root-cert-rsa2.pem | 18 ++++++++++++++++++
- test/recipes/25-test_verify.t | 4 +++-
- 3 files changed, 27 insertions(+), 4 deletions(-)
- create mode 100644 test/certs/root-cert-rsa2.pem
-
-diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
-index a6595aec054..75debb3e0a9 100644
---- a/crypto/rsa/rsa_ameth.c
-+++ b/crypto/rsa/rsa_ameth.c
-@@ -34,7 +34,7 @@ static int rsa_param_encode(const EVP_PKEY *pkey,
-
- *pstr = NULL;
- /* If RSA it's just NULL type */
-- if (pkey->ameth->pkey_id == EVP_PKEY_RSA) {
-+ if (pkey->ameth->pkey_id != EVP_PKEY_RSA_PSS) {
- *pstrtype = V_ASN1_NULL;
- return 1;
- }
-@@ -58,7 +58,7 @@ static int rsa_param_decode(RSA *rsa, const X509_ALGOR *alg)
- int algptype;
-
- X509_ALGOR_get0(&algoid, &algptype, &algp, alg);
-- if (OBJ_obj2nid(algoid) == EVP_PKEY_RSA)
-+ if (OBJ_obj2nid(algoid) != EVP_PKEY_RSA_PSS)
- return 1;
- if (algptype == V_ASN1_UNDEF)
- return 1;
-@@ -109,7 +109,10 @@ static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
- RSA_free(rsa);
- return 0;
- }
-- EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa);
-+ if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa)) {
-+ RSA_free(rsa);
-+ return 0;
-+ }
- return 1;
- }
-
-diff --git a/test/certs/root-cert-rsa2.pem b/test/certs/root-cert-rsa2.pem
-new file mode 100644
-index 00000000000..b817fdf3e5d
---- /dev/null
-+++ b/test/certs/root-cert-rsa2.pem
-@@ -0,0 +1,18 @@
-+-----BEGIN CERTIFICATE-----
-+MIIC7DCCAdSgAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
-+IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjASMRAwDgYDVQQD
-+DAdSb290IENBMIIBHTAIBgRVCAEBBQADggEPADCCAQoCggEBAOHmAPUGvKBGOHkP
-+Px5xGRNtAt8rm3Zr/KywIe3WkQhCO6VjNexSW6CiSsXWAJQDl1o9uWco0n3jIVyk
-+7cY8jY6E0Z1Uwz3ZdKKWdmdx+cYaUHez/XjuW+DjjIkjwpoi7D7UN54HzcArVREX
-+OjRCHGkNOhiw7RWUXsb9nofGHOeUGpLAXwXBc0PlA94JkckkztiOi34u4DFI0YYq
-+alUmeugLNk6XseCkydpcaUsDgAhWg6Mfsiq4wUz+xbFN1MABqu2+ziW97mmt9gfN
-+biuhiVT1aOuYCe3JYGbLM2JKA7Bo1g6rX8E1VX79Ru6669y2oqPthX9337VoIkN+
-+ZiQjr8UCAwEAAaNQME4wHQYDVR0OBBYEFI71Ja8em2uEPXyAmslTnE1y96NSMB8G
-+A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ
-+KoZIhvcNAQELBQADggEBAJ0OIdog3uQ1pmsjv1Qtf1w4If1geOn5uK0EOj2wYBHt
-+NxlFn7l8d9+51QMZFO+RlQJ0s3Webyo1ReuaL2dMn2LGJhWMoSBAwrMALAENU3lv
-+8jioRbfO2OamsdpJpKxQUyUJYudNe+BoKNX/ry3rxezmsFsRr9nDMiJZpmBCXiMm
-+mFFJOJkG0CheexBbMkua4kyStIOwO4rb5bSHszVso/9ucdGHBSC7oRcJXoWSDjBx
-+PdQPPBK5g4yqL8Lz26ehgsmhRKL9k32eVyjDKcIzgpmgcPTfTqNbd1KHQJKx4ssb
-+7nEpGKHalSo5Oq5L9s9qYrUv37kwBY4OpJFtmGaodoI=
-+-----END CERTIFICATE-----
-diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t
-index 6c3deab7c67..b80a1cde3ed 100644
---- a/test/recipes/25-test_verify.t
-+++ b/test/recipes/25-test_verify.t
-@@ -27,7 +27,7 @@ sub verify {
- run(app([@args]));
- }
-
--plan tests => 134;
-+plan tests => 135;
-
- # Canonical success
- ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
-@@ -361,6 +361,8 @@ ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"]
- "Not too many names and constraints to check (2)");
- ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"], ),
- "Not too many names and constraints to check (3)");
-+ok(verify("root-cert-rsa2", "sslserver", ["root-cert-rsa2"], [], "-check_ss_sig"),
-+ "Public Key Algorithm rsa instead of rsaEncryption");
-
- SKIP: {
- skip "Ed25519 is not supported by this OpenSSL build", 1