diff options
-rw-r--r-- | .SRCINFO | 30 | ||||
-rw-r--r-- | .gitignore | 17 | ||||
-rw-r--r-- | 0001-openssl_cnf.patch | 31 | ||||
-rw-r--r-- | 0002-fix_err.patch | 15 | ||||
-rw-r--r-- | PKGBUILD | 72 | ||||
-rw-r--r-- | gost-engine.install | 9 |
6 files changed, 174 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..f0f8e5344dd8 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,30 @@ +pkgbase = gost-engine + pkgdesc = Russian GOST R 34.10 and GOST R 34.11-201 crypto algorithms for OpenSSL + pkgver = 1.1.1 + pkgrel = 1 + url = https://github.com/gost-engine/engine + install = gost-engine.install + arch = i686 + arch = x86_64 + license = Apache + makedepends = cmake + makedepends = git + depends = openssl + provides = openssl-gost + conflicts = openssl-gost + source = gost-engine::git+https://github.com/gost-engine/engine.git + source = gost-engine.install + source = 0001-openssl_cnf.patch + source = 0002-fix_err.patch + validpgpkeys = 33ED753E14757D79FA17E57DC4C1F715B2B66B95 + sha256sums = SKIP + sha256sums = c37297f70f48336a47bab6ac7af5e07c8734037a27237dde5d7d3c2d6366b8ac + sha256sums = 5f8c1d0219f28bdc0dff17c80952585b5cc2036ea7594a005278a5e7ab6aace0 + sha256sums = c4165b22a9db180932c6442ee26e04e73bb68a2af5ceb23cabf0c89db3a9b31e + sha512sums = SKIP + sha512sums = 68de2dd5f85655778432d56330e5ecd39c6cea7bf6e9a31441e2c7cfbdd5dc5ae1fdaaf070825fd4c3852afd2ac96781ed1b119544978a32bcce795708cfb2de + sha512sums = 1448ecb3a175e326f4dda1e411eab1df9fd9ad7b19862fc01b1aa0be39a5f7a32187c81975c8fff0f34f169fa9fb137fd5c9dff328b412bac116519ea31e3fef + sha512sums = d4fb5f9637554b0883b911234696924ece563ed73e2e48e329e4b4173402d98036df38f36b7cfa238cfbf66826d2f547815cfc3483d18723778aeb1fff5aab38 + +pkgname = gost-engine + diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000000..e8eeb330b6d3 --- /dev/null +++ b/.gitignore @@ -0,0 +1,17 @@ +/pkg +/src +/gost-engine +*.pkg.tar.xz +*.pkg.tar.zst +*.tar +*.tar.bz2 +*.tar.xz +*.tar.gz +*.tgz +*.txz +*.tbz +*.tbz2 +*.zip +*.7z +*.rar +*.deb diff --git a/0001-openssl_cnf.patch b/0001-openssl_cnf.patch new file mode 100644 index 000000000000..62eb3b624f45 --- /dev/null +++ b/0001-openssl_cnf.patch @@ -0,0 +1,31 @@ +diff --git a/openssl.cnf b/openssl.cnf +index 756f3b4..b44e9ea 100644 +--- a/openssl.cnf ++++ b/openssl.cnf +@@ -3,6 +3,8 @@ + # This is mostly being used for generation of certificate requests. + # + ++openssl_conf=openssl_def # Adding GOST Engine ++ + # Note that you can include other files from the main configuration + # file using the .include directive. + #.include filename +@@ -348,3 +350,17 @@ ess_cert_id_chain = no # Must the ESS cert id chain be included? + # (optional, default: no) + ess_cert_id_alg = sha1 # algorithm to compute certificate + # identifier (optional, default: sha1) ++ ++# Adding GOST Engine ++[openssl_def] ++engines = engine_section ++ ++[engine_section] ++gost = gost_section ++ ++[gost_section] ++engine_id = gost ++dynamic_path = /usr/lib/engines-1.1/gost.so ++default_algorithms = ALL ++CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet ++# End GOST Engine Block diff --git a/0002-fix_err.patch b/0002-fix_err.patch new file mode 100644 index 000000000000..1e7a68446276 --- /dev/null +++ b/0002-fix_err.patch @@ -0,0 +1,15 @@ +diff --git a/test_tls.c b/test_tls.c +index d137602..d2cdd9c 100644 +--- a/test_tls.c ++++ b/test_tls.c +@@ -65,6 +65,10 @@ struct certkey { + /* How much K to transfer between client and server. */ + #define KTRANSFER (1 * 1024) + ++static void err(const int i, const char* msg) ++{ ++ printf(msg); ++} + /* + * Simple TLS Server code is based on + * https://wiki.openssl.org/index.php/Simple_TLS_Server diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..e1d665f599fb --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,72 @@ +# Maintainer: Grigory Vasilyev <echo "h0tc0d3(-*A*-)g-m*a-i-l(-d#t-)c*m" | sed -e 's/-//ig' -e 's/*//ig' -e 's/(A)/@/i' -e 's/#/o/i' -e 's/(dot)/\./i'> + +validpgpkeys=('33ED753E14757D79FA17E57DC4C1F715B2B66B95') + +pkgname=gost-engine +pkgver=1.1.1 +pkgrel=1 +pkgdesc='Russian GOST R 34.10 and GOST R 34.11-201 crypto algorithms for OpenSSL' +arch=('i686' 'x86_64') +license=('Apache') +url='https://github.com/gost-engine/engine' + +depends=('openssl') +makedepends=('cmake' 'git') +conflicts=('openssl-gost') +provides=('openssl-gost') + +source=( + 'gost-engine::git+https://github.com/gost-engine/engine.git' + "$pkgname.install" + '0001-openssl_cnf.patch' + '0002-fix_err.patch' +) + +sha256sums=( + 'SKIP' + 'c37297f70f48336a47bab6ac7af5e07c8734037a27237dde5d7d3c2d6366b8ac' + '5f8c1d0219f28bdc0dff17c80952585b5cc2036ea7594a005278a5e7ab6aace0' + 'c4165b22a9db180932c6442ee26e04e73bb68a2af5ceb23cabf0c89db3a9b31e' +) + +sha512sums=( + 'SKIP' + '68de2dd5f85655778432d56330e5ecd39c6cea7bf6e9a31441e2c7cfbdd5dc5ae1fdaaf070825fd4c3852afd2ac96781ed1b119544978a32bcce795708cfb2de' + '1448ecb3a175e326f4dda1e411eab1df9fd9ad7b19862fc01b1aa0be39a5f7a32187c81975c8fff0f34f169fa9fb137fd5c9dff328b412bac116519ea31e3fef' + 'd4fb5f9637554b0883b911234696924ece563ed73e2e48e329e4b4173402d98036df38f36b7cfa238cfbf66826d2f547815cfc3483d18723778aeb1fff5aab38' +) + +install=$pkgname.install + +_wdir() { + cd "${srcdir}/gost-engine" +} + +prepare() { + _wdir + if [ -d build ]; then + rm -rf build + fi + git checkout openssl_1_1_1 + patch --forward --strip=1 --input="${srcdir}/0002-fix_err.patch" +} + +build() { + _wdir + cmake \ + -B build \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DOPENSSL_ROOT_DIR=/usr \ + -DOPENSSL_INCLUDE_DIR=/usr/include/openssl \ + -DOPENSSL_LIBRARIES=/usr/lib \ + -DOPENSSL_ENGINES_DIR=/usr/lib/engines-1.1 \ + -DCMAKE_BUILD_TYPE=Release . + cmake --build build --config Release +} + +package() { + _wdir + mkdir -p "${pkgdir}/etc/ssl" + cp "${srcdir}/0001-openssl_cnf.patch" "${pkgdir}/etc/ssl" + DESTDIR="$pkgdir" cmake --build build --target install --config Release +} diff --git a/gost-engine.install b/gost-engine.install new file mode 100644 index 000000000000..f05cafce6646 --- /dev/null +++ b/gost-engine.install @@ -0,0 +1,9 @@ +post_install() { + cd /etc/ssl + patch --forward --strip=1 --input=0001-openssl_cnf.patch +} + +pre_remove() { + cd /etc/ssl + patch --forward --reverse --strip=1 --input=0001-openssl_cnf.patch +} |