Skip to content

Commit 21cece2

Browse files
nehebPolynomialDivision
neheb
authored and
PolynomialDivision
committed
tools/libressl: update to 4.0.0
Stable version. Odd versions are betas. Added static patch to rename some ecdsa symbols that conflict with u-boot's mkimage. These symbols are not exported by default but because OpenWrt uses a static libressl, they are present and conflict with mkimage's libecdsa. Signed-off-by: Rosen Penev <[email protected]> Link: openwrt/openwrt#16901 Signed-off-by: Nick Hainke <[email protected]>
1 parent a1bf306 commit 21cece2

File tree

2 files changed

+101
-2
lines changed

2 files changed

+101
-2
lines changed

tools/libressl/Makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@
88
include $(TOPDIR)/rules.mk
99

1010
PKG_NAME:=libressl
11-
PKG_VERSION:=3.7.3
12-
PKG_HASH:=7948c856a90c825bd7268b6f85674a8dcd254bae42e221781b24e3f8dc335db3
11+
PKG_VERSION:=4.0.0
12+
PKG_HASH:=4d841955f0acc3dfc71d0e3dd35f283af461222350e26843fea9731c0246a1e4
1313

1414
PKG_CPE_ID:=cpe:/a:openbsd:libressl
1515

tools/libressl/patches/010-static.patch

Lines changed: 99 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,99 @@
1+
--- a/crypto/ec/ec_kmeth.c
2+
+++ b/crypto/ec/ec_kmeth.c
3+
@@ -74,12 +74,12 @@ static const EC_KEY_METHOD openssl_ec_ke
4+
.keygen = ec_key_gen,
5+
.compute_key = ecdh_compute_key,
6+
7+
- .sign = ecdsa_sign,
8+
- .sign_setup = ecdsa_sign_setup,
9+
- .sign_sig = ecdsa_sign_sig,
10+
+ .sign = libressl_ecdsa_sign,
11+
+ .sign_setup = libressl_ecdsa_sign_setup,
12+
+ .sign_sig = libressl_ecdsa_sign_sig,
13+
14+
- .verify = ecdsa_verify,
15+
- .verify_sig = ecdsa_verify_sig,
16+
+ .verify = libressl_ecdsa_verify,
17+
+ .verify_sig = libressl_ecdsa_verify_sig,
18+
};
19+
20+
const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method;
21+
--- a/crypto/ec/ec_local.h
22+
+++ b/crypto/ec/ec_local.h
23+
@@ -342,9 +342,9 @@ struct ec_key_method_st {
24+
int ec_key_gen(EC_KEY *eckey);
25+
int ecdh_compute_key(unsigned char **out, size_t *out_len,
26+
const EC_POINT *pub_key, const EC_KEY *ecdh);
27+
-int ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
28+
+int libressl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
29+
const unsigned char *sigbuf, int sig_len, EC_KEY *eckey);
30+
-int ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
31+
+int libressl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
32+
const ECDSA_SIG *sig, EC_KEY *eckey);
33+
34+
/*
35+
--- a/crypto/ecdsa/ecdsa.c
36+
+++ b/crypto/ecdsa/ecdsa.c
37+
@@ -217,7 +217,7 @@ ecdsa_prepare_digest(const unsigned char
38+
}
39+
40+
int
41+
-ecdsa_sign(int type, const unsigned char *digest, int digest_len,
42+
+libressl_ecdsa_sign(int type, const unsigned char *digest, int digest_len,
43+
unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv,
44+
const BIGNUM *r, EC_KEY *key)
45+
{
46+
@@ -266,7 +266,7 @@ LCRYPTO_ALIAS(ECDSA_sign);
47+
*/
48+
49+
int
50+
-ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r)
51+
+libressl_ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r)
52+
{
53+
const EC_GROUP *group;
54+
EC_POINT *point = NULL;
55+
@@ -517,7 +517,7 @@ ecdsa_compute_s(BIGNUM **out_s, const BI
56+
*/
57+
58+
ECDSA_SIG *
59+
-ecdsa_sign_sig(const unsigned char *digest, int digest_len,
60+
+libressl_ecdsa_sign_sig(const unsigned char *digest, int digest_len,
61+
const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *key)
62+
{
63+
BN_CTX *ctx = NULL;
64+
@@ -600,7 +600,7 @@ ECDSA_do_sign(const unsigned char *diges
65+
LCRYPTO_ALIAS(ECDSA_do_sign);
66+
67+
int
68+
-ecdsa_verify(int type, const unsigned char *digest, int digest_len,
69+
+libressl_ecdsa_verify(int type, const unsigned char *digest, int digest_len,
70+
const unsigned char *sigbuf, int sig_len, EC_KEY *key)
71+
{
72+
ECDSA_SIG *s;
73+
@@ -649,7 +649,7 @@ LCRYPTO_ALIAS(ECDSA_verify);
74+
*/
75+
76+
int
77+
-ecdsa_verify_sig(const unsigned char *digest, int digest_len,
78+
+libressl_ecdsa_verify_sig(const unsigned char *digest, int digest_len,
79+
const ECDSA_SIG *sig, EC_KEY *key)
80+
{
81+
const EC_GROUP *group;
82+
--- a/crypto/ecdsa/ecdsa_local.h
83+
+++ b/crypto/ecdsa/ecdsa_local.h
84+
@@ -68,12 +68,12 @@ struct ECDSA_SIG_st {
85+
BIGNUM *s;
86+
};
87+
88+
-int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv,
89+
+int libressl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv,
90+
BIGNUM **out_r);
91+
-int ecdsa_sign(int type, const unsigned char *digest, int digest_len,
92+
+int libressl_ecdsa_sign(int type, const unsigned char *digest, int digest_len,
93+
unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv,
94+
const BIGNUM *r, EC_KEY *eckey);
95+
-ECDSA_SIG *ecdsa_sign_sig(const unsigned char *digest, int digest_len,
96+
+ECDSA_SIG *libressl_ecdsa_sign_sig(const unsigned char *digest, int digest_len,
97+
const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey);
98+
99+
__END_HIDDEN_DECLS

0 commit comments

Comments
 (0)