3 files changed, 294 insertions, 0 deletions
diff --git a/app-crypt/tpm-tools/Manifest b/app-crypt/tpm-tools/Manifest
index a03127fb9e42..1dfefae796dc 100644
--- a/app-crypt/tpm-tools/Manifest
+++ b/app-crypt/tpm-tools/Manifest
@@ -1,3 +1,5 @@
+AUX tpm-tools-1.3.9.1-openssl-1.1.patch 6028 BLAKE2B bd7a7b3dc748618004cbbfb7dc51a6f4e3f1c53654193b227c4b3eccd75fbb6d22ed46241a3e201399daa418d58cdd5b124cc2a467f8f59b4b33f54394035602 SHA512 caf3f9a3f82073d71618305132b883ab51ba3220d30ce5c160b9785bcb2e7268cf47621381530d39e1641e0b27bfeb30dcbfd62ae235d82d07942824f533cc7a
 DIST tpm-tools-1.3.9.1.tar.gz 482859 BLAKE2B ee915679e23bead04672bf719ce59bb6f20b550be39855b5304caeff554bf54d3cfe9104d464af7762388995e51d2bed0f9bedad83e42146cb7457382d09f4b2 SHA512 63a9c0e761cd890cc0a218de79a9c0169e151aba7824c19bf6b7ec894cf41c4950de1f63bd849aa93a4bdff36cf0fe557bc17113912b6d77f57f2bf1190b6a08
+EBUILD tpm-tools-1.3.9.1-r1.ebuild 1021 BLAKE2B 79e1d6c9ec711ce6f9d09916532b09fae2d987845be6273445015ee0dc284344eb4a16ae8c2880b6b34959ea7d7da1ee8ec9f9d2635046493df3aa0cb884992b SHA512 3337127de4c7be6287e9ea91d4f79928066f20fe966b6c64664eea85b63b0faf1aa6e4e535fbdac36abde7e6a30f9d39ba559998ca122f0672c1fb1c1ddcc14a
 EBUILD tpm-tools-1.3.9.1.ebuild 970 BLAKE2B 8b6308d0965230b3d332d838f967fd23aa85b21a153866e535b5dcc077c5fb3c6e29e36866f533a0833390d286b1bad697fcb633398533407f5e78995b7c4a54 SHA512 acd3fa4d308c24c41c3704a2b0a7995c1e5073bd47cfd36df0d00c29f0149dd2491319c7b5ced7d99e53e9ee285182dd9df01e2e803b343ab01a33b841d74d62
 MISC metadata.xml 515 BLAKE2B 06991185c31f6e40b7cda3c9842339911e9806d024e1493ef674751b4d253f5f701a8386a8969f7124b29b2c984f109ec98cb767380b48781fb22bd266d7863a SHA512 5aea8cabd5ae0a00b4a49717efaf8ed6d6363131ff8bdc2a9167108297d32dee72c5419bbc84ae9ba1263d515dff2aa092b991c8411771a2b8c361bcf000258a
diff --git a/app-crypt/tpm-tools/files/tpm-tools-1.3.9.1-openssl-1.1.patch b/app-crypt/tpm-tools/files/tpm-tools-1.3.9.1-openssl-1.1.patch
new file mode 100644
index 000000000000..a5747dbca709
--- /dev/null
+++ b/app-crypt/tpm-tools/files/tpm-tools-1.3.9.1-openssl-1.1.patch
@@ -0,0 +1,241 @@
+From 31d9cebc43833de939a0e13be0110ed830b66cbd Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Sat, 8 Dec 2018 23:28:54 +0200
+Subject: [PATCH] data_import.c: support openssl-1.1
+
+Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
+Bug: https://sourceforge.net/p/trousers/bugs/227/
+---
+ src/data_mgmt/data_import.c | 159 +++++++++++++++++++++++++-----------
+ 1 file changed, 112 insertions(+), 47 deletions(-)
+
+diff --git a/src/data_mgmt/data_import.c b/src/data_mgmt/data_import.c
+index f534717..33c76e7 100644
+--- a/src/data_mgmt/data_import.c
++++ b/src/data_mgmt/data_import.c
+@@ -39,6 +39,30 @@
+ #include <openssl/evp.h>
+ #include <openssl/err.h>
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L)
++static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) {
++	if ( n )
++		*n = r->n;
++	if ( e )
++		*e = r->e;
++	if ( d )
++		*d = r->d;
++}
++static void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) {
++	if ( p )
++		*p = r->p;
++	if ( q )
++		*q = r->q;
++}
++static void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp) {
++	if ( dmp1 )
++		*dmp1 = r->dmp1;
++	if ( dmq1 )
++		*dmq1 = r->dmq1;
++	if ( iqmp )
++		*iqmp = r->iqmp;
++}
++#endif
+ 
+ /*
+  * Global variables
+@@ -372,7 +396,7 @@ readX509Cert( const char  *a_pszFile,
+ 		goto out;
+ 	}
+ 
+-	if ( EVP_PKEY_type( pKey->type ) != EVP_PKEY_RSA ) {
++	if ( EVP_PKEY_base_id( pKey ) != EVP_PKEY_RSA ) {
+ 		logError( TOKEN_RSA_KEY_ERROR );
+ 
+ 		X509_free( pX509 );
+@@ -691,17 +715,35 @@ createRsaPubKeyObject( RSA               *a_pRsa,
+ 
+ 	int  rc = -1;
+ 
+-	int  nLen = BN_num_bytes( a_pRsa->n );
+-	int  eLen = BN_num_bytes( a_pRsa->e );
++	const BIGNUM *bn;
++	const BIGNUM *be;
++	int  nLen;
++	int  eLen;
++	CK_BYTE *n = NULL;
++	CK_BYTE *e = NULL;
++
++	RSA_get0_key( a_pRsa, &bn, &be, NULL );
++
++	nLen = BN_num_bytes( bn );
++	eLen = BN_num_bytes( be );
++	n = malloc( nLen );
++	e = malloc( eLen );
++
++	if ( !n || !e ) {
++		logError( TOKEN_MEMORY_ERROR );
++		goto out;
++	}
++
++	// Get binary representations of the RSA key information
++	BN_bn2bin( bn, n );
++	BN_bn2bin( be, e );
+ 
++	{
+ 	CK_RV  rv;
+ 
+ 	CK_BBOOL  bTrue  = TRUE;
+ 	CK_BBOOL  bFalse = FALSE;
+ 
+-	CK_BYTE *n = malloc( nLen );
+-	CK_BYTE *e = malloc( eLen );
+-
+ 	CK_OBJECT_CLASS  clPubClass  = CKO_PUBLIC_KEY;
+ 	CK_KEY_TYPE      tKeyType    = CKK_RSA;
+ 	CK_BBOOL         bPrivate    = ( !g_bPublic ) ? TRUE : FALSE;
+@@ -726,21 +768,13 @@ createRsaPubKeyObject( RSA               *a_pRsa,
+ 
+ 	*a_hObject = 0;
+ 
+-	if ( !n || !e ) {
+-		logError( TOKEN_MEMORY_ERROR );
+-		goto out;
+-	}
+-
+-	// Get binary representations of the RSA key information
+-	BN_bn2bin( a_pRsa->n, n );
+-	BN_bn2bin( a_pRsa->e, e );
+-
+ 	// Create the RSA public key object
+ 	rv = createObject( a_hSession, tAttr, ulAttrCount, a_hObject );
+ 	if ( rv != CKR_OK )
+ 		goto out;
+ 
+ 	rc = 0;
++	}
+ 
+ out:
+ 	free( n );
+@@ -760,29 +794,74 @@ createRsaPrivKeyObject( RSA               *a_pRsa,
+ 
+ 	int  rc = -1;
+ 
+-	int  nLen = BN_num_bytes( a_pRsa->n );
+-	int  eLen = BN_num_bytes( a_pRsa->e );
+-	int  dLen = BN_num_bytes( a_pRsa->d );
+-	int  pLen = BN_num_bytes( a_pRsa->p );
+-	int  qLen = BN_num_bytes( a_pRsa->q );
+-	int  dmp1Len = BN_num_bytes( a_pRsa->dmp1 );
+-	int  dmq1Len = BN_num_bytes( a_pRsa->dmq1 );
+-	int  iqmpLen = BN_num_bytes( a_pRsa->iqmp );
++	const BIGNUM *bn;
++	const BIGNUM *be;
++	const BIGNUM *bd;
++	const BIGNUM *bp;
++	const BIGNUM *bq;
++	const BIGNUM *bdmp1;
++	const BIGNUM *bdmq1;
++	const BIGNUM *biqmp;
++	int  nLen;
++	int  eLen;
++	int  dLen;
++	int  pLen;
++	int  qLen;
++	int  dmp1Len;
++	int  dmq1Len;
++	int  iqmpLen;
++	CK_BYTE *n = NULL;
++	CK_BYTE *e = NULL;
++	CK_BYTE *d = NULL;
++	CK_BYTE *p = NULL;
++	CK_BYTE *q = NULL;
++	CK_BYTE *dmp1 = NULL;
++	CK_BYTE *dmq1 = NULL;
++	CK_BYTE *iqmp = NULL;
++
++	RSA_get0_key( a_pRsa, &bn, &be, &bd);
++	RSA_get0_factors( a_pRsa, &bp, &bq);
++	RSA_get0_crt_params( a_pRsa, &bdmp1, &bdmq1, &biqmp );
++
++	nLen = BN_num_bytes( bn );
++	eLen = BN_num_bytes( be );
++	dLen = BN_num_bytes( bd );
++	pLen = BN_num_bytes( bp );
++	qLen = BN_num_bytes( bq );
++	dmp1Len = BN_num_bytes( bdmp1 );
++	dmq1Len = BN_num_bytes( bdmq1 );
++	iqmpLen = BN_num_bytes( biqmp );
++
++	n = malloc( nLen );
++	e = malloc( eLen );
++	d = malloc( dLen );
++	p = malloc( pLen );
++	q = malloc( qLen );
++	dmp1 = malloc( dmp1Len );
++	dmq1 = malloc( dmq1Len );
++	iqmp = malloc( iqmpLen );
+ 
++	if ( !n || !e || !d || !p || !q || !dmp1 || !dmq1 || !iqmp ) {
++		logError( TOKEN_MEMORY_ERROR );
++		goto out;
++	}
++
++	// Get binary representations of the RSA key information
++	BN_bn2bin( bn, n );
++	BN_bn2bin( be, e );
++	BN_bn2bin( bd, d );
++	BN_bn2bin( bp, p );
++	BN_bn2bin( bq, q );
++	BN_bn2bin( bdmp1, dmp1 );
++	BN_bn2bin( bdmq1, dmq1 );
++	BN_bn2bin( biqmp, iqmp );
++
++	{
+ 	CK_RV  rv;
+ 
+ 	CK_BBOOL  bTrue  = TRUE;
+ 	CK_BBOOL  bFalse = FALSE;
+ 
+-	CK_BYTE *n = malloc( nLen );
+-	CK_BYTE *e = malloc( eLen );
+-	CK_BYTE *d = malloc( dLen );
+-	CK_BYTE *p = malloc( pLen );
+-	CK_BYTE *q = malloc( qLen );
+-	CK_BYTE *dmp1 = malloc( dmp1Len );
+-	CK_BYTE *dmq1 = malloc( dmq1Len );
+-	CK_BYTE *iqmp = malloc( iqmpLen );
+-
+ 	CK_OBJECT_CLASS  clPrivClass = CKO_PRIVATE_KEY;
+ 	CK_KEY_TYPE      tKeyType    = CKK_RSA;
+ 	CK_BBOOL         bPrivate    = ( !g_bPublic ) ? TRUE : FALSE;
+@@ -815,25 +894,11 @@ createRsaPrivKeyObject( RSA               *a_pRsa,
+ 
+ 	*a_hObject = 0;
+ 
+-	if ( !n || !e || !d || !p || !q || !dmp1 || !dmq1 || !iqmp ) {
+-		logError( TOKEN_MEMORY_ERROR );
+-		goto out;
+-	}
+-
+-	// Get binary representations of the RSA key information
+-	BN_bn2bin( a_pRsa->n, n );
+-	BN_bn2bin( a_pRsa->e, e );
+-	BN_bn2bin( a_pRsa->d, d );
+-	BN_bn2bin( a_pRsa->p, p );
+-	BN_bn2bin( a_pRsa->q, q );
+-	BN_bn2bin( a_pRsa->dmp1, dmp1 );
+-	BN_bn2bin( a_pRsa->dmq1, dmq1 );
+-	BN_bn2bin( a_pRsa->iqmp, iqmp );
+-
+ 	// Create the RSA private key object
+ 	rv = createObject( a_hSession, tAttr, ulAttrCount, a_hObject );
+ 	if ( rv != CKR_OK )
+ 		goto out;
++	}
+ 
+ 	rc = 0;
+ 
+-- 
+2.19.2
+
diff --git a/app-crypt/tpm-tools/tpm-tools-1.3.9.1-r1.ebuild b/app-crypt/tpm-tools/tpm-tools-1.3.9.1-r1.ebuild
new file mode 100644
index 000000000000..e59af9e38d9e
--- /dev/null
+++ b/app-crypt/tpm-tools/tpm-tools-1.3.9.1-r1.ebuild
@@ -0,0 +1,51 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools flag-o-matic
+
+DESCRIPTION="TrouSerS' support tools for the Trusted Platform Modules"
+HOMEPAGE="http://trousers.sourceforge.net"
+SRC_URI="mirror://sourceforge/trousers/${PN}/${P}.tar.gz"
+
+LICENSE="CPL-1.0"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~m68k ~s390 ~sh ~x86"
+IUSE="libressl nls pkcs11 debug"
+
+DEPEND=">=app-crypt/trousers-0.3.0
+	!libressl? ( dev-libs/openssl:0= )
+	libressl? ( dev-libs/libressl:0= )
+	pkcs11? ( dev-libs/opencryptoki )"
+RDEPEND="${DEPEND}"
+BDEPEND="nls? ( sys-devel/gettext )"
+
+S="${WORKDIR}"
+
+PATCHES=(
+	"${FILESDIR}/${P}-openssl-1.1.patch"
+)
+
+src_prepare() {
+	default
+
+	sed -i -r \
+		-e '/CFLAGS/s/ -m64//' \
+		configure.ac || die
+
+	eautoreconf
+}
+
+src_configure() {
+	append-cppflags $(usex debug -DDEBUG -DNDEBUG)
+
+	econf \
+		$(use_enable nls) \
+		$(use pkcs11 || echo --disable-pkcs11-support)
+}
+
+src_install() {
+	default
+	find "${D}" -name '*.la' -delete || die
+}