6 files changed, 174 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..f0f8e5344dd8
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,30 @@
+pkgbase = gost-engine
+	pkgdesc = Russian GOST R 34.10 and GOST R 34.11-201 crypto algorithms for OpenSSL
+	pkgver = 1.1.1
+	pkgrel = 1
+	url = https://github.com/gost-engine/engine
+	install = gost-engine.install
+	arch = i686
+	arch = x86_64
+	license = Apache
+	makedepends = cmake
+	makedepends = git
+	depends = openssl
+	provides = openssl-gost
+	conflicts = openssl-gost
+	source = gost-engine::git+https://github.com/gost-engine/engine.git
+	source = gost-engine.install
+	source = 0001-openssl_cnf.patch
+	source = 0002-fix_err.patch
+	validpgpkeys = 33ED753E14757D79FA17E57DC4C1F715B2B66B95
+	sha256sums = SKIP
+	sha256sums = c37297f70f48336a47bab6ac7af5e07c8734037a27237dde5d7d3c2d6366b8ac
+	sha256sums = 5f8c1d0219f28bdc0dff17c80952585b5cc2036ea7594a005278a5e7ab6aace0
+	sha256sums = c4165b22a9db180932c6442ee26e04e73bb68a2af5ceb23cabf0c89db3a9b31e
+	sha512sums = SKIP
+	sha512sums = 68de2dd5f85655778432d56330e5ecd39c6cea7bf6e9a31441e2c7cfbdd5dc5ae1fdaaf070825fd4c3852afd2ac96781ed1b119544978a32bcce795708cfb2de
+	sha512sums = 1448ecb3a175e326f4dda1e411eab1df9fd9ad7b19862fc01b1aa0be39a5f7a32187c81975c8fff0f34f169fa9fb137fd5c9dff328b412bac116519ea31e3fef
+	sha512sums = d4fb5f9637554b0883b911234696924ece563ed73e2e48e329e4b4173402d98036df38f36b7cfa238cfbf66826d2f547815cfc3483d18723778aeb1fff5aab38
+
+pkgname = gost-engine
+
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 000000000000..e8eeb330b6d3
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,17 @@
+/pkg
+/src
+/gost-engine
+*.pkg.tar.xz
+*.pkg.tar.zst
+*.tar
+*.tar.bz2
+*.tar.xz
+*.tar.gz
+*.tgz
+*.txz
+*.tbz
+*.tbz2
+*.zip
+*.7z
+*.rar
+*.deb
diff --git a/0001-openssl_cnf.patch b/0001-openssl_cnf.patch
new file mode 100644
index 000000000000..62eb3b624f45
--- /dev/null
+++ b/0001-openssl_cnf.patch
@@ -0,0 +1,31 @@
+diff --git a/openssl.cnf b/openssl.cnf
+index 756f3b4..b44e9ea 100644
+--- a/openssl.cnf
++++ b/openssl.cnf
+@@ -3,6 +3,8 @@
+ # This is mostly being used for generation of certificate requests.
+ #
+ 
++openssl_conf=openssl_def # Adding GOST Engine
++
+ # Note that you can include other files from the main configuration
+ # file using the .include directive.
+ #.include filename
+@@ -348,3 +350,17 @@ ess_cert_id_chain	= no	# Must the ESS cert id chain be included?
+ 				# (optional, default: no)
+ ess_cert_id_alg		= sha1	# algorithm to compute certificate
+ 				# identifier (optional, default: sha1)
++
++# Adding GOST Engine
++[openssl_def]
++engines = engine_section
++
++[engine_section]
++gost = gost_section
++
++[gost_section]
++engine_id = gost
++dynamic_path = /usr/lib/engines-1.1/gost.so
++default_algorithms = ALL
++CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet
++# End GOST Engine Block
diff --git a/0002-fix_err.patch b/0002-fix_err.patch
new file mode 100644
index 000000000000..1e7a68446276
--- /dev/null
+++ b/0002-fix_err.patch
@@ -0,0 +1,15 @@
+diff --git a/test_tls.c b/test_tls.c
+index d137602..d2cdd9c 100644
+--- a/test_tls.c
++++ b/test_tls.c
+@@ -65,6 +65,10 @@ struct certkey {
+ /* How much K to transfer between client and server. */
+ #define KTRANSFER (1 * 1024)
+ 
++static void err(const int i, const char* msg)
++{
++   printf(msg);
++}
+ /*
+  * Simple TLS Server code is based on
+  * https://wiki.openssl.org/index.php/Simple_TLS_Server
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..e1d665f599fb
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,72 @@
+# Maintainer: Grigory Vasilyev <echo "h0tc0d3(-*A*-)g-m*a-i-l(-d#t-)c*m" | sed -e 's/-//ig' -e 's/*//ig' -e 's/(A)/@/i' -e 's/#/o/i' -e 's/(dot)/\./i'>
+
+validpgpkeys=('33ED753E14757D79FA17E57DC4C1F715B2B66B95')
+
+pkgname=gost-engine
+pkgver=1.1.1
+pkgrel=1
+pkgdesc='Russian GOST R 34.10 and GOST R 34.11-201 crypto algorithms for OpenSSL'
+arch=('i686' 'x86_64')
+license=('Apache')
+url='https://github.com/gost-engine/engine'
+
+depends=('openssl')
+makedepends=('cmake' 'git')
+conflicts=('openssl-gost')
+provides=('openssl-gost')
+
+source=(
+  'gost-engine::git+https://github.com/gost-engine/engine.git'
+  "$pkgname.install"
+  '0001-openssl_cnf.patch'
+  '0002-fix_err.patch'
+)
+
+sha256sums=(
+  'SKIP'
+  'c37297f70f48336a47bab6ac7af5e07c8734037a27237dde5d7d3c2d6366b8ac'
+  '5f8c1d0219f28bdc0dff17c80952585b5cc2036ea7594a005278a5e7ab6aace0'
+  'c4165b22a9db180932c6442ee26e04e73bb68a2af5ceb23cabf0c89db3a9b31e'
+)
+
+sha512sums=(
+  'SKIP'
+  '68de2dd5f85655778432d56330e5ecd39c6cea7bf6e9a31441e2c7cfbdd5dc5ae1fdaaf070825fd4c3852afd2ac96781ed1b119544978a32bcce795708cfb2de'
+  '1448ecb3a175e326f4dda1e411eab1df9fd9ad7b19862fc01b1aa0be39a5f7a32187c81975c8fff0f34f169fa9fb137fd5c9dff328b412bac116519ea31e3fef'
+  'd4fb5f9637554b0883b911234696924ece563ed73e2e48e329e4b4173402d98036df38f36b7cfa238cfbf66826d2f547815cfc3483d18723778aeb1fff5aab38'
+)
+
+install=$pkgname.install
+
+_wdir() {
+  cd "${srcdir}/gost-engine"
+}
+
+prepare() {
+  _wdir
+  if [ -d build ]; then
+      rm -rf build
+  fi
+  git checkout openssl_1_1_1
+  patch --forward --strip=1 --input="${srcdir}/0002-fix_err.patch"
+}
+
+build() {
+  _wdir
+  cmake \
+  -B build \
+  -DCMAKE_INSTALL_PREFIX=/usr \
+  -DOPENSSL_ROOT_DIR=/usr \
+  -DOPENSSL_INCLUDE_DIR=/usr/include/openssl \
+  -DOPENSSL_LIBRARIES=/usr/lib \
+  -DOPENSSL_ENGINES_DIR=/usr/lib/engines-1.1 \
+  -DCMAKE_BUILD_TYPE=Release .
+  cmake --build build --config Release
+}
+
+package() {
+  _wdir
+  mkdir -p "${pkgdir}/etc/ssl"
+  cp "${srcdir}/0001-openssl_cnf.patch" "${pkgdir}/etc/ssl"
+  DESTDIR="$pkgdir" cmake --build build --target install --config Release
+}
diff --git a/gost-engine.install b/gost-engine.install
new file mode 100644
index 000000000000..f05cafce6646
--- /dev/null
+++ b/gost-engine.install
@@ -0,0 +1,9 @@
+post_install() {
+  cd /etc/ssl
+  patch --forward --strip=1 --input=0001-openssl_cnf.patch
+}
+
+pre_remove() {
+  cd /etc/ssl
+  patch --forward --reverse --strip=1 --input=0001-openssl_cnf.patch
+}