From 8df1ba4a80de53f16456c0733d9bb12731e40829 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Thu, 2 Aug 2012 11:30:10 +0300
Subject: [PATCH] main/openssl: fix padlock sha1/256 oneshot finalizing update

We want to handle bytes upto next block boundary, to work with
hardware from block boundary. The code incorrectly fed just the
amount of bytes in the block.
---
 ...engines-e_padlock-implement-sha1-sha224-sha256-accel.patch | 4 ++--
 main/openssl/APKBUILD                                         | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch b/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
index d1bb3704b747..1ace35936f42 100644
--- a/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+++ b/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
@@ -298,7 +298,7 @@ index 4300f35..3591c59 100644
 +	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
 +	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
 +		if (c->num != 0) {
-+			l = (len < SHA_CBLOCK) ? len : SHA_CBLOCK;
++			l = (len < SHA_CBLOCK - c->num) ? len : (SHA_CBLOCK - c->num);
 +			if (!SHA1_Update(c, data, l))
 +				return 0;
 +			p += l;
@@ -489,7 +489,7 @@ index 4300f35..3591c59 100644
 +	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
 +	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
 +		if (c->num != 0) {
-+			l = (len < SHA256_CBLOCK) ? len : SHA256_CBLOCK;
++			l = (len < SHA256_CBLOCK - c->num) ? len : (SHA256_CBLOCK - c->num);
 +			if (!SHA256_Update(c, data, l))
 +				return 0;
 +			p += l;
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index a3e4cf5fb25a..76052c86dee7 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Timo Teras <timo.teras@iki.fi>
 pkgname=openssl
 pkgver=1.0.0j
-pkgrel=0
+pkgrel=1
 pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
 url="http://openssl.org"
 depends=
@@ -75,5 +75,5 @@ c6a9857a5dbd30cead0404aa7dd73977  openssl-bb-basename.patch
 1f607b8e11347e56a0906756f3d6928a  0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
 16424fe5fb494804559f01c7ec7e64f4  0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch
 53fbd01733b488717575e04a5aaf6664  0003-engines-e_padlock-backport-cvs-head-changes.patch
-beea8819faeefb9ab19ef90f00c53782  0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+c0dae72e29e8fdfb753906411b1722bc  0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
 8bc7a427f6005158585386b9837f700c  0005-crypto-engine-autoload-padlock-dynamic-engine.patch"
-- 
GitLab