From 50c21b38da7e4a46f3680a02dddf5ad158fe85c3 Mon Sep 17 00:00:00 2001 From: Andrey Bondrov Date: Fri, 16 Dec 2016 12:44:25 +1000 Subject: [PATCH] Update gost-engine-2 patch with more commits from fixed gost-engine 1.0.2 branch --- openssl-1.0.2j-gost-engine-2.patch | 308 +++++++++++++++++------------ openssl.spec | 4 +- 2 files changed, 189 insertions(+), 123 deletions(-) diff --git a/openssl-1.0.2j-gost-engine-2.patch b/openssl-1.0.2j-gost-engine-2.patch index 47c7507..1b58ff9 100644 --- a/openssl-1.0.2j-gost-engine-2.patch +++ b/openssl-1.0.2j-gost-engine-2.patch @@ -1,6 +1,6 @@ diff -urN openssl-1.0.2j/engines/ccgost/e_gost_err.c openssl-1.0.2j-patched/engines/ccgost/e_gost_err.c --- openssl-1.0.2j/engines/ccgost/e_gost_err.c 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/e_gost_err.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/e_gost_err.c 2016-04-19 04:43:25.000000000 +1000 @@ -1,6 +1,6 @@ /* e_gost_err.c */ /* ==================================================================== @@ -119,7 +119,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/e_gost_err.c openssl-1.0.2j-patched/engi "signature parts greater than q"}, diff -urN openssl-1.0.2j/engines/ccgost/e_gost_err.h openssl-1.0.2j-patched/engines/ccgost/e_gost_err.h --- openssl-1.0.2j/engines/ccgost/e_gost_err.h 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/e_gost_err.h 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/e_gost_err.h 2016-04-19 04:43:25.000000000 +1000 @@ -1,12 +1,12 @@ /* ==================================================================== - * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved. @@ -298,7 +298,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/e_gost_err.h openssl-1.0.2j-patched/engi } diff -urN openssl-1.0.2j/engines/ccgost/gost12sum.c openssl-1.0.2j-patched/engines/ccgost/gost12sum.c --- openssl-1.0.2j/engines/ccgost/gost12sum.c 1970-01-01 10:00:00.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost12sum.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost12sum.c 2016-04-19 04:43:25.000000000 +1000 @@ -0,0 +1,266 @@ +/********************************************************************** + * gostsum12.c * @@ -568,7 +568,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost12sum.c openssl-1.0.2j-patched/engin +} diff -urN openssl-1.0.2j/engines/ccgost/gost89.c openssl-1.0.2j-patched/engines/ccgost/gost89.c --- openssl-1.0.2j/engines/ccgost/gost89.c 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost89.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost89.c 2016-04-19 04:43:25.000000000 +1000 @@ -208,6 +208,33 @@ 0x8, 0x3} }; @@ -605,7 +605,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost89.c openssl-1.0.2j-patched/engines/ 0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4, diff -urN openssl-1.0.2j/engines/ccgost/gost89.h openssl-1.0.2j-patched/engines/ccgost/gost89.h --- openssl-1.0.2j/engines/ccgost/gost89.h 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost89.h 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost89.h 2016-04-19 04:43:25.000000000 +1000 @@ -92,6 +92,7 @@ extern gost_subst_block Gost28147_CryptoProParamSetB; extern gost_subst_block Gost28147_CryptoProParamSetC; @@ -616,7 +616,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost89.h openssl-1.0.2j-patched/engines/ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engines/ccgost/gost_ameth.c --- openssl-1.0.2j/engines/ccgost/gost_ameth.c 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost_ameth.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost_ameth.c 2016-04-19 04:43:25.000000000 +1000 @@ -16,23 +16,54 @@ #ifndef OPENSSL_NO_CMS # include @@ -1151,17 +1151,17 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi } ret = gost_set_priv_key(pk, pk_num); -@@ -346,166 +431,160 @@ +@@ -346,166 +431,163 @@ { ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); ASN1_STRING *params = encode_gost_algor_params(pk); - unsigned char *priv_buf = NULL; - int priv_len; -+ unsigned char *priv_buf = NULL, *buf = NULL; -+ int key_len = pkey_bits_gost(pk), priv_len = 0, i = 0; ++ unsigned char /**priv_buf = NULL,*/ *buf = NULL; ++ int key_len = pkey_bits_gost(pk), /*priv_len = 0,*/ i = 0; - ASN1_INTEGER *asn1key = NULL; -+ ASN1_STRING *octet = NULL; ++ /*ASN1_STRING *octet = NULL;*/ if (!params) { return 0; } @@ -1186,6 +1186,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi + buf[key_len - 1 - i] = tmp; + } + ++/* + octet = ASN1_STRING_new(); + ASN1_OCTET_STRING_set(octet, buf, key_len); + @@ -1193,8 +1194,11 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi + ASN1_STRING_free(octet); + OPENSSL_free(buf); + ++ return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params, ++ priv_buf, priv_len); */ return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params, - priv_buf, priv_len); +- priv_buf, priv_len); ++ buf, key_len); } /* --------- printing keys --------------------------------*/ @@ -1359,11 +1363,11 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi - return 0; - } - if (!BIO_indent(out, indent, 128)) -- return 0; -- BIO_printf(out, "Public key:\n"); -- if (!BIO_indent(out, indent + 3, 128)) + if (print_gost_ec_pub(out, pkey, indent) == 0) return 0; +- BIO_printf(out, "Public key:\n"); +- if (!BIO_indent(out, indent + 3, 128)) +- return 0; - BIO_printf(out, "X:"); - BN_print(out, X); - BIO_printf(out, "\n"); @@ -1382,24 +1386,24 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi - return 0; - BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid)); - return 1; -+ return print_gost_ec_param(out, pkey, indent); - } - +-} +- -static int param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -+static int param_print_gost_ec(BIO *out, const EVP_PKEY *pkey, int indent, -+ ASN1_PCTX *pctx) - { +-{ - return print_gost_01(out, pkey, indent, pctx, 0); -+ return print_gost_ec(out, pkey, indent, pctx, 0); ++ return print_gost_ec_param(out, pkey, indent); } -static int pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) --{ ++static int param_print_gost_ec(BIO *out, const EVP_PKEY *pkey, int indent, ++ ASN1_PCTX *pctx) + { - return print_gost_01(out, pkey, indent, pctx, 1); --} -- ++ return print_gost_ec(out, pkey, indent, pctx, 0); + } + -static int priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, +static int pub_print_gost_ec(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx) @@ -1428,7 +1432,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi { const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk); if (!ec) -@@ -515,159 +594,61 @@ +@@ -515,159 +597,61 @@ return 0; } @@ -1612,7 +1616,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi { X509_ALGOR *palg = NULL; const unsigned char *pubkey_buf = NULL; -@@ -688,12 +669,13 @@ +@@ -688,12 +672,13 @@ group = EC_KEY_get0_group(EVP_PKEY_get0(pk)); octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len); if (!octet) { @@ -1628,7 +1632,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi return 0; } for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) { -@@ -707,7 +689,7 @@ +@@ -707,7 +692,7 @@ OPENSSL_free(databuf); pub_key = EC_POINT_new(group); if (!EC_POINT_set_affine_coordinates_GFp(group, pub_key, X, Y, NULL)) { @@ -1637,7 +1641,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi EC_POINT_free(pub_key); BN_free(X); BN_free(Y); -@@ -716,7 +698,7 @@ +@@ -716,7 +701,7 @@ BN_free(X); BN_free(Y); if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk), pub_key)) { @@ -1646,7 +1650,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi EC_POINT_free(pub_key); return 0; } -@@ -725,15 +707,15 @@ +@@ -725,15 +710,15 @@ } @@ -1666,7 +1670,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk); int ptype = V_ASN1_UNDEF; -@@ -744,116 +726,125 @@ +@@ -744,116 +729,125 @@ ptype = V_ASN1_SEQUENCE; } order = BN_new(); @@ -1841,7 +1845,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi } static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder) -@@ -864,46 +855,18 @@ +@@ -864,46 +858,18 @@ return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder); } @@ -1890,7 +1894,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi } /* ----------------------------------------------------------------------*/ -@@ -914,44 +877,53 @@ +@@ -914,44 +880,53 @@ if (!*ameth) return 0; switch (nid) { @@ -1962,8 +1966,8 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi } diff -urN openssl-1.0.2j/engines/ccgost/gost_asn1.c openssl-1.0.2j-patched/engines/ccgost/gost_asn1.c --- openssl-1.0.2j/engines/ccgost/gost_asn1.c 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost_asn1.c 2016-01-04 00:30:05.000000000 +1000 -@@ -12,45 +12,52 @@ ++++ openssl-1.0.2j-patched/engines/ccgost/gost_asn1.c 2016-04-19 04:43:25.000000000 +1000 +@@ -12,45 +12,58 @@ #include "gost_lcl.h" ASN1_NDEF_SEQUENCE(GOST_KEY_TRANSPORT) = { @@ -1971,88 +1975,88 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_asn1.c openssl-1.0.2j-patched/engin - ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, GOST_KEY_AGREEMENT_INFO, 0) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT) - --IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) -- ++ ASN1_SIMPLE(GOST_KEY_TRANSPORT, key_info, GOST_KEY_INFO), ++ ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, ++ GOST_KEY_AGREEMENT_INFO, 0) ++} ++ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT) + IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) + -ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = { - ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING), - ASN1_SIMPLE(GOST_KEY_INFO, imit, ASN1_OCTET_STRING) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO) -+ ASN1_SIMPLE(GOST_KEY_TRANSPORT, key_info, GOST_KEY_INFO), -+ ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, -+ GOST_KEY_AGREEMENT_INFO, 0) +- ++ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = ++{ ++ ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING), ++ ASN1_SIMPLE(GOST_KEY_INFO, imit, ASN1_OCTET_STRING) +} -+ -+ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT) - --IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO) -+ IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) ++ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO) + IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO) -ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) = { - ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT), -+ ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = -+{ -+ ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING), -+ ASN1_SIMPLE(GOST_KEY_INFO, imit, ASN1_OCTET_STRING) -+} ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO) -+ IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO) -+ ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) = +- ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0), +- ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING) +-} ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO) +- ++ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) = +{ + ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT), - ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0), - ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING) - } ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO) -- --IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) -- ++ ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0), ++ ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING) ++} ++ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO) + IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) + -ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) = { - ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT), -+ IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) -+ ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) = -+{ -+ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT), - ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT), +- ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT), - ASN1_OPT(GOST_KEY_PARAMS, cipher_params, ASN1_OBJECT), -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS) - --IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS) -- ++ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) = ++{ ++ ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT), ++ ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT), ++ ASN1_OPT(GOST_KEY_PARAMS, cipher_params, ASN1_OBJECT), ++} ++ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS) + IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS) + -ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) = { - ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING), - ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, ASN1_OBJECT), -} ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS) - --IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) -- --ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = { /* FIXME incomplete */ -+ ASN1_OPT(GOST_KEY_PARAMS, cipher_params, -+ ASN1_OBJECT),} ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS) -+ IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS) -+ ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) = ++ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) = +{ -+ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING), -+ ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, -+ ASN1_OBJECT),} ++ ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING), ++ ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, ASN1_OBJECT), ++} +ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS) -+ IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) -+ ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = + IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) + +-ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = { /* FIXME incomplete */ ++ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = +{ /* FIXME incomplete */ ASN1_SIMPLE(GOST_CLIENT_KEY_EXCHANGE_PARAMS, gkt, GOST_KEY_TRANSPORT) --} -+} ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS) + } +- + ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS) + IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) + -+ IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) - --ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS) --IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) -+ ASN1_NDEF_SEQUENCE(MASKED_GOST_KEY) = ++ASN1_NDEF_SEQUENCE(MASKED_GOST_KEY) = +{ + ASN1_SIMPLE(MASKED_GOST_KEY, masked_priv_key, ASN1_OCTET_STRING), -+ ASN1_SIMPLE(MASKED_GOST_KEY, public_key, ASN1_OCTET_STRING) -+} ASN1_NDEF_SEQUENCE_END(MASKED_GOST_KEY) -+ IMPLEMENT_ASN1_FUNCTIONS(MASKED_GOST_KEY) ++ ASN1_SIMPLE(MASKED_GOST_KEY, public_key, ASN1_OCTET_STRING) ++} ++ASN1_NDEF_SEQUENCE_END(MASKED_GOST_KEY) ++IMPLEMENT_ASN1_FUNCTIONS(MASKED_GOST_KEY) diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engines/ccgost/gost_crypt.c --- openssl-1.0.2j/engines/ccgost/gost_crypt.c 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost_crypt.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost_crypt.c 2016-04-19 04:43:25.000000000 +1000 @@ -8,6 +8,7 @@ **********************************************************************/ #include @@ -2250,12 +2254,12 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi +int gost_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ -+ OPENSSL_assert(inl % 8 == 0); + unsigned char b[8]; + const unsigned char *in_ptr = in; + unsigned char *out_ptr = out; + int i; + struct ossl_gost_cipher_ctx *c = ctx->cipher_data; ++ OPENSSL_assert(inl % 8 == 0); + if (ctx->encrypt) { + while (inl > 0) { + for (i = 0; i < 8; i++) { @@ -2285,7 +2289,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi /* GOST encryption in CFB mode */ int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -@@ -398,18 +524,36 @@ +@@ -398,23 +524,86 @@ int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { switch (type) { @@ -2325,7 +2329,57 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi return 1; } else { return 0; -@@ -433,22 +577,22 @@ + } ++#ifdef EVP_CTRL_SET_SBOX ++ case EVP_CTRL_SET_SBOX: ++ if (ptr) { ++ struct ossl_gost_cipher_ctx *c = ctx->cipher_data; ++ int nid; ++ int cur_meshing; ++ int ret; ++ ++ if (c == NULL) { ++ return -1; ++ } ++ ++ if (c->count != 0) { ++ return -1; ++ } ++ ++ nid = OBJ_txt2nid(ptr); ++ if (nid == NID_undef) { ++ return 0; ++ } ++ ++ cur_meshing = c->key_meshing; ++ ret = gost_cipher_set_param(c, nid); ++ c->key_meshing = cur_meshing; ++ return ret; ++ } else { ++ return 0; ++ } ++#endif ++#ifdef EVP_CTRL_KEY_MESH ++ case EVP_CTRL_KEY_MESH: ++ { ++ struct ossl_gost_cipher_ctx *c = ctx->cipher_data; ++ ++ if (c == NULL) { ++ return -1; ++ } ++ ++ if (c->count != 0) { ++ return -1; ++ } + ++ c->key_meshing = arg; ++ return 1; ++ } ++#endif + default: + GOSTerr(GOST_F_GOST_CIPHER_CTL, + GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND); +@@ -433,22 +622,22 @@ GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new(); ASN1_OCTET_STRING *os = NULL; if (!gcp) { @@ -2352,7 +2406,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi return 0; } i2d_GOST_CIPHER_PARAMS(gcp, &p); -@@ -458,7 +602,7 @@ +@@ -458,7 +647,7 @@ if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) { OPENSSL_free(buf); @@ -2361,7 +2415,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi return 0; } OPENSSL_free(buf); -@@ -475,6 +619,8 @@ +@@ -475,6 +664,8 @@ GOST_CIPHER_PARAMS *gcp = NULL; unsigned char *p; struct ossl_gost_cipher_ctx *c = ctx->cipher_data; @@ -2370,7 +2424,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) { return ret; } -@@ -490,7 +636,16 @@ +@@ -490,18 +681,33 @@ GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, GOST_R_INVALID_IV_LENGTH); return -1; } @@ -2388,7 +2442,17 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi GOST_CIPHER_PARAMS_free(gcp); return -1; } -@@ -501,7 +656,7 @@ +- memcpy(ctx->oiv, gcp->iv->data, len); ++ ++ { ++ ASN1_TYPE tmp; ++ tmp.value.octet_string = gcp->iv; ++ tmp.type = V_ASN1_OCTET_STRING; ++ EVP_CIPHER_get_asn1_iv(ctx, &tmp); ++ } + + GOST_CIPHER_PARAMS_free(gcp); + return 1; } @@ -2397,7 +2461,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi { struct ossl_gost_imit_ctx *c = ctx->md_data; memset(c->buffer, 0, sizeof(c->buffer)); -@@ -509,10 +664,21 @@ +@@ -509,10 +715,21 @@ c->count = 0; c->bytes_left = 0; c->key_meshing = 1; @@ -2420,7 +2484,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi static void mac_block_mesh(struct ossl_gost_imit_ctx *c, const unsigned char *data) { -@@ -581,7 +747,7 @@ +@@ -581,7 +798,7 @@ } mac_block_mesh(c, c->partial_block); } @@ -2429,7 +2493,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi return 1; } -@@ -593,17 +759,50 @@ +@@ -593,17 +810,50 @@ return 1; case EVP_MD_CTRL_SET_KEY: { @@ -2488,7 +2552,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi } diff -urN openssl-1.0.2j/engines/ccgost/gost_ctl.c openssl-1.0.2j-patched/engines/ccgost/gost_ctl.c --- openssl-1.0.2j/engines/ccgost/gost_ctl.c 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost_ctl.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost_ctl.c 2016-04-19 04:43:25.000000000 +1000 @@ -15,34 +15,28 @@ #include "gost_lcl.h" @@ -2560,7 +2624,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ctl.c openssl-1.0.2j-patched/engine return 1; diff -urN openssl-1.0.2j/engines/ccgost/gost_ec_keyx.c openssl-1.0.2j-patched/engines/ccgost/gost_ec_keyx.c --- openssl-1.0.2j/engines/ccgost/gost_ec_keyx.c 1970-01-01 10:00:00.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost_ec_keyx.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost_ec_keyx.c 2016-04-19 04:43:25.000000000 +1000 @@ -0,0 +1,341 @@ +/********************************************************************** + * gost_ec_keyx.c * @@ -2905,7 +2969,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ec_keyx.c openssl-1.0.2j-patched/en +} diff -urN openssl-1.0.2j/engines/ccgost/gost_ec_sign.c openssl-1.0.2j-patched/engines/ccgost/gost_ec_sign.c --- openssl-1.0.2j/engines/ccgost/gost_ec_sign.c 1970-01-01 10:00:00.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost_ec_sign.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost_ec_sign.c 2016-04-19 04:43:25.000000000 +1000 @@ -0,0 +1,522 @@ +/********************************************************************** + * gost_ec_sign.c * @@ -3431,7 +3495,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ec_sign.c openssl-1.0.2j-patched/en +} diff -urN openssl-1.0.2j/engines/ccgost/gost_eng.c openssl-1.0.2j-patched/engines/ccgost/gost_eng.c --- openssl-1.0.2j/engines/ccgost/gost_eng.c 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost_eng.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost_eng.c 2016-04-19 04:43:25.000000000 +1000 @@ -33,20 +33,41 @@ static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth, const int **nids, int nid); @@ -3692,7 +3756,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_eng.c openssl-1.0.2j-patched/engine if (!toadd) diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012.c openssl-1.0.2j-patched/engines/ccgost/gosthash2012.c --- openssl-1.0.2j/engines/ccgost/gosthash2012.c 1970-01-01 10:00:00.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012.c 2016-04-19 04:43:25.000000000 +1000 @@ -0,0 +1,230 @@ +/* + * GOST R 34.11-2012 core functions. @@ -3926,7 +3990,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012.c openssl-1.0.2j-patched/en +} diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_const.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_const.h --- openssl-1.0.2j/engines/ccgost/gosthash2012_const.h 1970-01-01 10:00:00.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_const.h 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_const.h 2016-04-19 04:43:25.000000000 +1000 @@ -0,0 +1,352 @@ +/* + * GOST R 34.11-2012 constants. @@ -4282,7 +4346,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_const.h openssl-1.0.2j-patc +}; diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012.h --- openssl-1.0.2j/engines/ccgost/gosthash2012.h 1970-01-01 10:00:00.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012.h 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012.h 2016-04-19 04:43:25.000000000 +1000 @@ -0,0 +1,66 @@ +/* + * GOST R 34.11-2012 core functions definitions. @@ -4352,7 +4416,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012.h openssl-1.0.2j-patched/en +void gost2012_finish_hash(gost2012_hash_ctx * CTX, unsigned char *digest); diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_precalc.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_precalc.h --- openssl-1.0.2j/engines/ccgost/gosthash2012_precalc.h 1970-01-01 10:00:00.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_precalc.h 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_precalc.h 2016-04-19 04:43:25.000000000 +1000 @@ -0,0 +1,1411 @@ +/* + * Precalculation of matrix A multiplication. @@ -5767,7 +5831,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_precalc.h openssl-1.0.2j-pa +#endif diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_ref.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_ref.h --- openssl-1.0.2j/engines/ccgost/gosthash2012_ref.h 1970-01-01 10:00:00.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_ref.h 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_ref.h 2016-04-19 04:43:25.000000000 +1000 @@ -0,0 +1,63 @@ +/* + * Portable implementation of core functions for GOST R 34.11-2012. @@ -5834,7 +5898,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_ref.h openssl-1.0.2j-patche +} diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_sse2.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_sse2.h --- openssl-1.0.2j/engines/ccgost/gosthash2012_sse2.h 1970-01-01 10:00:00.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_sse2.h 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_sse2.h 2016-04-19 04:43:25.000000000 +1000 @@ -0,0 +1,204 @@ +/* + * Implementation of core functions for GOST R 34.11-2012 using SSE2. @@ -6042,7 +6106,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_sse2.h openssl-1.0.2j-patch +} diff -urN openssl-1.0.2j/engines/ccgost/gosthash.c openssl-1.0.2j-patched/engines/ccgost/gosthash.c --- openssl-1.0.2j/engines/ccgost/gosthash.c 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gosthash.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gosthash.c 2016-04-19 04:43:25.000000000 +1000 @@ -154,7 +154,7 @@ int init_gost_hash_ctx(gost_hash_ctx * ctx, const gost_subst_block * subst_block) @@ -6063,7 +6127,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash.c openssl-1.0.2j-patched/engine while (fin_len > 0) { diff -urN openssl-1.0.2j/engines/ccgost/gost_lcl.h openssl-1.0.2j-patched/engines/ccgost/gost_lcl.h --- openssl-1.0.2j/engines/ccgost/gost_lcl.h 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost_lcl.h 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost_lcl.h 2016-04-19 04:43:25.000000000 +1000 @@ -20,8 +20,23 @@ # include "gosthash.h" /* Control commands */ @@ -6261,7 +6325,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_lcl.h openssl-1.0.2j-patched/engine #endif diff -urN openssl-1.0.2j/engines/ccgost/gost_md2012.c openssl-1.0.2j-patched/engines/ccgost/gost_md2012.c --- openssl-1.0.2j/engines/ccgost/gost_md2012.c 1970-01-01 10:00:00.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost_md2012.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost_md2012.c 2016-04-19 04:43:25.000000000 +1000 @@ -0,0 +1,139 @@ +/********************************************************************** + * gost_md2012.c * @@ -6404,7 +6468,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_md2012.c openssl-1.0.2j-patched/eng +} diff -urN openssl-1.0.2j/engines/ccgost/gost_params.c openssl-1.0.2j-patched/engines/ccgost/gost_params.c --- openssl-1.0.2j/engines/ccgost/gost_params.c 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost_params.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost_params.c 2016-04-19 04:43:25.000000000 +1000 @@ -1,144 +1,17 @@ /********************************************************************** * params.c * @@ -6609,7 +6673,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_params.c openssl-1.0.2j-patched/eng }; diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engines/ccgost/gost_pmeth.c --- openssl-1.0.2j/engines/ccgost/gost_pmeth.c 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gost_pmeth.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gost_pmeth.c 2016-04-19 04:43:25.000000000 +1000 @@ -1,43 +1,50 @@ /********************************************************************** * gost_pmeth.c * @@ -6767,7 +6831,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi } - return -2; -} - +- -static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx, - const char *type, const char *value) -{ @@ -6825,7 +6889,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi - return 0; - } - } -- + - return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, - param_nid, NULL); - } @@ -7295,7 +7359,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi long keylen; int ret; unsigned char *keybuf = string_to_hex(value, &keylen); -@@ -523,42 +615,101 @@ +@@ -523,42 +615,103 @@ return ret; } @@ -7317,11 +7381,13 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi + } + + param = get_encryption_params(obj); ++ ASN1_OBJECT_free(obj); + if (param == NULL) { + GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, GOST_R_INVALID_MAC_PARAMS); + return 0; + } + ++ + return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, 0, + (void *)param); + } @@ -7407,7 +7473,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi return ret; } -@@ -570,35 +721,58 @@ +@@ -570,35 +723,58 @@ return 0; switch (id) { @@ -7485,7 +7551,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi break; case NID_id_Gost28147_89_MAC: EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl, -@@ -609,6 +783,16 @@ +@@ -609,6 +785,16 @@ EVP_PKEY_meth_set_init(*pmeth, pkey_gost_mac_init); EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_mac_cleanup); EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_mac_copy); @@ -7504,7 +7570,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi return 0; diff -urN openssl-1.0.2j/engines/ccgost/gostsum12.c openssl-1.0.2j-patched/engines/ccgost/gostsum12.c --- openssl-1.0.2j/engines/ccgost/gostsum12.c 1970-01-01 10:00:00.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gostsum12.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gostsum12.c 2016-04-19 04:43:25.000000000 +1000 @@ -0,0 +1,257 @@ +/********************************************************************** + * gostsum12.c * @@ -7765,7 +7831,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gostsum12.c openssl-1.0.2j-patched/engin +} diff -urN openssl-1.0.2j/engines/ccgost/gostsum.c openssl-1.0.2j-patched/engines/ccgost/gostsum.c --- openssl-1.0.2j/engines/ccgost/gostsum.c 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/gostsum.c 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/gostsum.c 2016-04-19 04:43:25.000000000 +1000 @@ -12,6 +12,9 @@ #include #include @@ -7831,7 +7897,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gostsum.c openssl-1.0.2j-patched/engines exit(1); diff -urN openssl-1.0.2j/engines/ccgost/Makefile openssl-1.0.2j-patched/engines/ccgost/Makefile --- openssl-1.0.2j/engines/ccgost/Makefile 2016-09-26 19:49:47.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/Makefile 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/Makefile 2016-04-19 04:43:25.000000000 +1000 @@ -8,16 +8,16 @@ CFLAGS= $(INCLUDES) $(CFLAG) LIB=$(TOP)/libcrypto.a @@ -8079,7 +8145,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/Makefile openssl-1.0.2j-patched/engines/ +gosthash2012.o: gosthash2012_precalc.h gosthash2012_ref.h diff -urN openssl-1.0.2j/engines/ccgost/README.gost openssl-1.0.2j-patched/engines/ccgost/README.gost --- openssl-1.0.2j/engines/ccgost/README.gost 2016-09-26 19:49:07.000000000 +1000 -+++ openssl-1.0.2j-patched/engines/ccgost/README.gost 2016-01-04 00:30:05.000000000 +1000 ++++ openssl-1.0.2j-patched/engines/ccgost/README.gost 2016-04-19 04:43:25.000000000 +1000 @@ -28,6 +28,8 @@ It has 256-bit symmetric key and only 32 bits of MAC value (while HMAC has same key size and value size). diff --git a/openssl.spec b/openssl.spec index 6d07088..d8c40ea 100644 --- a/openssl.spec +++ b/openssl.spec @@ -15,7 +15,7 @@ Summary: Secure Sockets Layer communications libs & utils Name: openssl Version: 1.0.2j -Release: 4 +Release: 5 License: BSD-like Group: System/Libraries Url: https://www.openssl.org @@ -27,7 +27,7 @@ Source4: openssl-thread-test.c # Based on https://github.com/gost-engine/engine # Never remove gost-engine patches Patch0: openssl-1.0.2j-gost-engine.patch -# Copy https://github.com/gost-engine/engine/tree/56c5e3414135c9443739db3b2b1409c3be265a50 +# Copy https://github.com/gost-engine/engine/tree/openssl_1_0_2 # over engines/ccgost/ and make diff Patch1: openssl-1.0.2j-gost-engine-2.patch # Handle RPM_OPT_FLAGS in Configure