dev-perl/Crypt-OpenSSL-RSA: Add patch for openssl-3 support

Closes: https://bugs.gentoo.org/805029
Package-Manager: Portage-3.0.28, Repoman-3.0.3
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

3 files changed, 93 insertions, 256 deletions

diff --git a/dev-perl/Crypt-OpenSSL-RSA/Crypt-OpenSSL-RSA-0.320.0.ebuild b/dev-perl/Crypt-OpenSSL-RSA/Crypt-OpenSSL-RSA-0.320.0.ebuild
index d466a0ecb24a..150179661de8 100644
--- a/dev-perl/Crypt-OpenSSL-RSA/Crypt-OpenSSL-RSA-0.320.0.ebuild
+++ b/dev-perl/Crypt-OpenSSL-RSA/Crypt-OpenSSL-RSA-0.320.0.ebuild
@@ -28,6 +28,10 @@ BDEPEND="${RDEPEND}
 	)
 "
 
+PATCHES=(
+	"${FILESDIR}/${P}-openssl-3.0.0.patch"
+)
+
 PERL_RM_FILES=(
 	t/z_kwalitee.t
 	t/z_perl_minimum_version.t
diff --git a/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.280.0-openssl-1.1.0.patch b/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.280.0-openssl-1.1.0.patch
deleted file mode 100644
index 463bcdfc83ce..000000000000
--- a/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.280.0-openssl-1.1.0.patch
+++ /dev/null
@@ -1,256 +0,0 @@
-From fdbda9585f5c99670912e5c0517dbc7a9d92c74b Mon Sep 17 00:00:00 2001
-From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-Date: Sat, 1 Oct 2016 19:52:44 +0000
-Subject: [PATCH] libcrypt-openssl-rsa-perl: get it compiled with openssl 1.1.0
-
-Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-
-Bug: https://rt.cpan.org/Public/Bug/Display.html?id=117481
-Bug-Debian: https://bugs.debian.org/828387
-
----
- RSA.xs | 173 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++---------
- 1 file changed, 150 insertions(+), 23 deletions(-)
-
-diff --git a/RSA.xs b/RSA.xs
-index de512e7822d0..b384cb0e23a2 100644
---- a/RSA.xs
-+++ b/RSA.xs
-@@ -47,9 +47,119 @@ void croakSsl(char* p_file, int p_line)
- 
- #define THROW(p_result) if (!(p_result)) { error = 1; goto err; }
- 
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
-+    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
-+static void RSA_get0_key(const RSA *r,
-+                         const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
-+{
-+    if (n != NULL)
-+        *n = r->n;
-+    if (e != NULL)
-+        *e = r->e;
-+    if (d != NULL)
-+        *d = r->d;
-+}
-+
-+static int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
-+{
-+    /* If the fields n and e in r are NULL, the corresponding input
-+     * parameters MUST be non-NULL for n and e.  d may be
-+     * left NULL (in case only the public key is used).
-+     */
-+    if ((r->n == NULL && n == NULL)
-+        || (r->e == NULL && e == NULL))
-+        return 0;
-+
-+    if (n != NULL) {
-+        BN_free(r->n);
-+        r->n = n;
-+    }
-+    if (e != NULL) {
-+        BN_free(r->e);
-+        r->e = e;
-+    }
-+    if (d != NULL) {
-+        BN_free(r->d);
-+        r->d = d;
-+    }
-+
-+    return 1;
-+}
-+
-+static int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
-+{
-+    /* If the fields p and q in r are NULL, the corresponding input
-+     * parameters MUST be non-NULL.
-+     */
-+    if ((r->p == NULL && p == NULL)
-+        || (r->q == NULL && q == NULL))
-+        return 0;
-+
-+    if (p != NULL) {
-+        BN_free(r->p);
-+        r->p = p;
-+    }
-+    if (q != NULL) {
-+        BN_free(r->q);
-+        r->q = q;
-+    }
-+
-+    return 1;
-+}
-+
-+static void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q)
-+{
-+    if (p != NULL)
-+        *p = r->p;
-+    if (q != NULL)
-+        *q = r->q;
-+}
-+
-+static int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
-+{
-+    /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input
-+     * parameters MUST be non-NULL.
-+     */
-+    if ((r->dmp1 == NULL && dmp1 == NULL)
-+        || (r->dmq1 == NULL && dmq1 == NULL)
-+        || (r->iqmp == NULL && iqmp == NULL))
-+        return 0;
-+
-+    if (dmp1 != NULL) {
-+        BN_free(r->dmp1);
-+        r->dmp1 = dmp1;
-+    }
-+    if (dmq1 != NULL) {
-+        BN_free(r->dmq1);
-+        r->dmq1 = dmq1;
-+    }
-+    if (iqmp != NULL) {
-+        BN_free(r->iqmp);
-+        r->iqmp = iqmp;
-+    }
-+
-+    return 1;
-+}
-+
-+static void RSA_get0_crt_params(const RSA *r,
-+                                const BIGNUM **dmp1, const BIGNUM **dmq1,
-+                                const BIGNUM **iqmp)
-+{
-+    if (dmp1 != NULL)
-+        *dmp1 = r->dmp1;
-+    if (dmq1 != NULL)
-+        *dmq1 = r->dmq1;
-+    if (iqmp != NULL)
-+        *iqmp = r->iqmp;
-+}
-+#endif
-+
- char _is_private(rsaData* p_rsa)
- {
--    return(p_rsa->rsa->d != NULL);
-+    const BIGNUM *d;
-+
-+    RSA_get0_key(p_rsa->rsa, NULL, NULL, &d);
-+    return(d != NULL);
- }
- 
- SV* make_rsa_obj(SV* p_proto, RSA* p_rsa)
-@@ -136,7 +246,7 @@ unsigned char* get_message_digest(SV* text_SV, int hash_method)
-     }
- }
- 
--SV* bn2sv(BIGNUM* p_bn)
-+SV* bn2sv(const BIGNUM* p_bn)
- {
-     return p_bn != NULL
-         ? sv_2mortal(newSViv((IV) BN_dup(p_bn)))
-@@ -297,8 +407,15 @@ generate_key(proto, bitsSV, exponent = 65537)
-     unsigned long exponent;
-   PREINIT:
-     RSA* rsa;
-+    BIGNUM *e;
-   CODE:
--    CHECK_OPEN_SSL(rsa = RSA_generate_key(SvIV(bitsSV), exponent, NULL, NULL));
-+    e = BN_new();
-+    CHECK_OPEN_SSL(e);
-+    rsa = RSA_new();
-+    CHECK_OPEN_SSL(rsa);
-+    BN_set_word(e, exponent);
-+    CHECK_OPEN_SSL(RSA_generate_key_ex(rsa, SvIV(bitsSV), e, NULL));
-+    BN_free(e);
-     RETVAL = make_rsa_obj(proto, rsa);
-   OUTPUT:
-     RETVAL
-@@ -325,10 +442,11 @@ _new_key_from_parameters(proto, n, e, d, p, q)
-         croak("At least a modulous and public key must be provided");
-     }
-     CHECK_OPEN_SSL(rsa = RSA_new());
--    rsa->n = n;
--    rsa->e = e;
-+    CHECK_OPEN_SSL(RSA_set0_key(rsa, n, e, NULL));
-     if (p || q)
-     {
-+        BIGNUM *dmp1, *dmq1, *iqmp;
-+
-         error = 0;
-         THROW(ctx = BN_CTX_new());
-         if (!p)
-@@ -341,8 +459,7 @@ _new_key_from_parameters(proto, n, e, d, p, q)
-             q = BN_new();
-             THROW(BN_div(q, NULL, n, p, ctx));
-         }
--        rsa->p = p;
--        rsa->q = q;
-+        CHECK_OPEN_SSL(RSA_set0_factors(rsa, p, q));
-         THROW(p_minus_1 = BN_new());
-         THROW(BN_sub(p_minus_1, p, BN_value_one()));
-         THROW(q_minus_1 = BN_new());
-@@ -353,13 +470,17 @@ _new_key_from_parameters(proto, n, e, d, p, q)
-             THROW(BN_mul(d, p_minus_1, q_minus_1, ctx));
-             THROW(BN_mod_inverse(d, e, d, ctx));
-         }
--        rsa->d = d;
--        THROW(rsa->dmp1 = BN_new());
--        THROW(BN_mod(rsa->dmp1, d, p_minus_1, ctx));
--        THROW(rsa->dmq1 = BN_new());
--        THROW(BN_mod(rsa->dmq1, d, q_minus_1, ctx));
--        THROW(rsa->iqmp = BN_new());
--        THROW(BN_mod_inverse(rsa->iqmp, q, p, ctx));
-+        CHECK_OPEN_SSL(RSA_set0_key(rsa, NULL, NULL, d));
-+
-+        THROW(dmp1 = BN_new());
-+        THROW(dmq1 = BN_new());
-+        THROW(iqmp = BN_new());
-+
-+        THROW(BN_mod(dmp1, d, p_minus_1, ctx));
-+        THROW(BN_mod(dmq1, d, q_minus_1, ctx));
-+        THROW(BN_mod_inverse(iqmp, q, p, ctx));
-+
-+        CHECK_OPEN_SSL(RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp));
-         THROW(RSA_check_key(rsa) == 1);
-      err:
-         if (p_minus_1) BN_clear_free(p_minus_1);
-@@ -373,7 +494,7 @@ _new_key_from_parameters(proto, n, e, d, p, q)
-     }
-     else
-     {
--        rsa->d = d;
-+        CHECK_OPEN_SSL(RSA_set0_key(rsa, NULL, NULL, d));
-     }
-     RETVAL = make_rsa_obj(proto, rsa);
- }
-@@ -386,15 +507,21 @@ _get_key_parameters(p_rsa)
- PPCODE:
- {
-     RSA* rsa;
-+    const BIGNUM *n, *e, *d, *p, *q;
-+    const BIGNUM *dmp1, *dmq1, *iqmp;
-+
-     rsa = p_rsa->rsa;
--    XPUSHs(bn2sv(rsa->n));
--    XPUSHs(bn2sv(rsa->e));
--    XPUSHs(bn2sv(rsa->d));
--    XPUSHs(bn2sv(rsa->p));
--    XPUSHs(bn2sv(rsa->q));
--    XPUSHs(bn2sv(rsa->dmp1));
--    XPUSHs(bn2sv(rsa->dmq1));
--    XPUSHs(bn2sv(rsa->iqmp));
-+    RSA_get0_key(rsa, &n, &e, &d);
-+    RSA_get0_factors(rsa, &p, &q);
-+    RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
-+    XPUSHs(bn2sv(n));
-+    XPUSHs(bn2sv(e));
-+    XPUSHs(bn2sv(d));
-+    XPUSHs(bn2sv(p));
-+    XPUSHs(bn2sv(q));
-+    XPUSHs(bn2sv(dmp1));
-+    XPUSHs(bn2sv(dmq1));
-+    XPUSHs(bn2sv(iqmp));
- }
- 
- SV*
--- 
-2.1.4
-
diff --git a/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.320.0-openssl-3.0.0.patch b/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.320.0-openssl-3.0.0.patch
new file mode 100644
index 000000000000..970562beb702
--- /dev/null
+++ b/dev-perl/Crypt-OpenSSL-RSA/files/Crypt-OpenSSL-RSA-0.320.0-openssl-3.0.0.patch
@@ -0,0 +1,89 @@
+
+Source:
+https://gitlab.com/redhat/centos-stream/rpms/perl-Crypt-OpenSSL-RSA/-/blob/c9s/perl-Crypt-OpenSSL-RSA-openssl30.patch
+
+
+diff --git a/README b/README
+index c7d4bb7..3da6d1d 100644
+--- a/README
++++ b/README
+@@ -10,7 +10,6 @@ SYNOPSIS
+       Crypt::OpenSSL::Random::random_seed($good_entropy);
+       Crypt::OpenSSL::RSA->import_random_seed();
+       $rsa_pub = Crypt::OpenSSL::RSA->new_public_key($key_string);
+-      $rsa_pub->use_sslv23_padding(); # use_pkcs1_oaep_padding is the default
+       $ciphertext = $rsa->encrypt($plaintext);
+ 
+       $rsa_priv = Crypt::OpenSSL::RSA->new_private_key($key_string);
+@@ -140,10 +139,6 @@ Instance Methods
+         all new applications. It is the default mode used by
+         "Crypt::OpenSSL::RSA".
+ 
+-    use_sslv23_padding
+-        Use PKCS #1 v1.5 padding with an SSL-specific modification that
+-        denotes that the server is SSL3 capable.
+-
+     use_md5_hash
+         Use the RFC 1321 MD5 hashing algorithm by Ron Rivest when signing
+         and verifying messages.
+@@ -168,7 +163,7 @@ Instance Methods
+         pkcs1_oaep_padding
+             at most 42 bytes less than this size.
+ 
+-        pkcs1_padding or sslv23_padding
++        pkcs1_padding
+             at most 11 bytes less than this size.
+ 
+         no_padding
+diff --git a/RSA.pm b/RSA.pm
+index 31e6949..1b63e99 100644
+--- a/RSA.pm
++++ b/RSA.pm
+@@ -34,8 +34,7 @@ Crypt::OpenSSL::RSA - RSA encoding and decoding, using the openSSL libraries
+   Crypt::OpenSSL::Random::random_seed($good_entropy);
+   Crypt::OpenSSL::RSA->import_random_seed();
+   $rsa_pub = Crypt::OpenSSL::RSA->new_public_key($key_string);
+-  $rsa_pub->use_sslv23_padding(); # use_pkcs1_oaep_padding is the default
+-  $ciphertext = $rsa->encrypt($plaintext);
++    $ciphertext = $rsa->encrypt($plaintext);
+ 
+   $rsa_priv = Crypt::OpenSSL::RSA->new_private_key($key_string);
+   $plaintext = $rsa->encrypt($ciphertext);
+@@ -220,11 +219,6 @@ an empty encoding parameter. This mode of padding is recommended for
+ all new applications.  It is the default mode used by
+ C<Crypt::OpenSSL::RSA>.
+ 
+-=item use_sslv23_padding
+-
+-Use C<PKCS #1 v1.5> padding with an SSL-specific modification that
+-denotes that the server is SSL3 capable.
+-
+ =item use_md5_hash
+ 
+ Use the RFC 1321 MD5 hashing algorithm by Ron Rivest when signing and
+@@ -267,7 +261,7 @@ the text to be encrypted should be:
+ 
+ at most 42 bytes less than this size.
+ 
+-=item pkcs1_padding or sslv23_padding
++=item pkcs1_padding
+ 
+ at most 11 bytes less than this size.
+ 
+diff --git a/RSA.xs b/RSA.xs
+index d474d11..711e4e7 100644
+--- a/RSA.xs
++++ b/RSA.xs
+@@ -640,12 +640,6 @@ use_pkcs1_oaep_padding(p_rsa)
+   CODE:
+     p_rsa->padding = RSA_PKCS1_OAEP_PADDING;
+ 
+-void
+-use_sslv23_padding(p_rsa)
+-    rsaData* p_rsa;
+-  CODE:
+-    p_rsa->padding = RSA_SSLV23_PADDING;
+-
+ # Sign text. Returns the signature.
+ 
+ SV*