diff --git a/srcpkgs/dmg2img/patches/0001-openssl-1.1-compatibility.patch b/srcpkgs/dmg2img/patches/0001-openssl-1.1-compatibility.patch index b5ed45d2ff3..28a64e979d8 100644 --- a/srcpkgs/dmg2img/patches/0001-openssl-1.1-compatibility.patch +++ b/srcpkgs/dmg2img/patches/0001-openssl-1.1-compatibility.patch @@ -15,22 +15,20 @@ Fixes https://github.com/Lekensteyn/dmg2img/issues/4 vfdecrypt.c | 103 ++++++++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 80 insertions(+), 23 deletions(-) -diff --git a/vfdecrypt.c b/vfdecrypt.c -index 56d3530..b1a36d3 100644 --- a/vfdecrypt.c +++ b/vfdecrypt.c -@@ -183,7 +183,7 @@ void adjust_v2_header_byteorder(cencrypted_v2_pwheader *pwhdr) { +@@ -183,7 +183,7 @@ void adjust_v2_header_byteorder(cencrypt pwhdr->encrypted_keyblob_size = htonl(pwhdr->encrypted_keyblob_size); } - + -HMAC_CTX hmacsha1_ctx; +HMAC_CTX *hmacsha1_ctx; AES_KEY aes_decrypt_key; int CHUNK_SIZE=4096; // default - -@@ -196,9 +196,9 @@ void compute_iv(uint32_t chunk_no, uint8_t *iv) { + +@@ -196,9 +196,9 @@ void compute_iv(uint32_t chunk_no, uint8 unsigned int mdLen; - + chunk_no = OSSwapHostToBigInt32(chunk_no); - HMAC_Init_ex(&hmacsha1_ctx, NULL, 0, NULL, NULL); - HMAC_Update(&hmacsha1_ctx, (void *) &chunk_no, sizeof(uint32_t)); @@ -40,9 +38,9 @@ index 56d3530..b1a36d3 100644 + HMAC_Final(hmacsha1_ctx, mdResult, &mdLen); memcpy(iv, mdResult, CIPHER_BLOCKSIZE); } - -@@ -212,52 +212,75 @@ void decrypt_chunk(uint8_t *ctext, uint8_t *ptext, uint32_t chunk_no) { - /* DES3-EDE unwrap operation loosely based on to RFC 2630, section 12.6 + +@@ -212,52 +212,75 @@ void decrypt_chunk(uint8_t *ctext, uint8 + /* DES3-EDE unwrap operation loosely based on to RFC 2630, section 12.6 * wrapped_key has to be 40 bytes in length. */ int apple_des3_ede_unwrap_key(uint8_t *wrapped_key, int wrapped_key_len, uint8_t *decryptKey, uint8_t *unwrapped_key) { - EVP_CIPHER_CTX ctx; @@ -50,7 +48,7 @@ index 56d3530..b1a36d3 100644 uint8_t *TEMP1, *TEMP2, *CEKICV; uint8_t IV[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 }; int outlen, tmplen, i; - + - EVP_CIPHER_CTX_init(&ctx); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + ctx = EVP_CIPHER_CTX_new(); @@ -70,7 +68,7 @@ index 56d3530..b1a36d3 100644 /* uses PKCS#7 padding for symmetric key operations by default */ - EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV); + EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV); - + - if(!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) { + if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) { fprintf(stderr, "internal error (1) during key unwrap operation!\n"); @@ -88,10 +86,10 @@ index 56d3530..b1a36d3 100644 +#else + EVP_CIPHER_CTX_cleanup(ctx); +#endif - + /* reverse order of TEMP3 */ for(i = 0; i < outlen; i++) TEMP2[i] = TEMP1[outlen - i - 1]; - + - EVP_CIPHER_CTX_init(&ctx); + EVP_CIPHER_CTX_init(ctx); /* uses PKCS#7 padding for symmetric key operations by default */ @@ -107,7 +105,7 @@ index 56d3530..b1a36d3 100644 fprintf(stderr, "internal error (4) during key unwrap operation!\n"); return(-1); } - + outlen += tmplen; - EVP_CIPHER_CTX_cleanup(&ctx); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L @@ -115,7 +113,7 @@ index 56d3530..b1a36d3 100644 +#else + EVP_CIPHER_CTX_cleanup(ctx); +#endif - + memcpy(unwrapped_key, CEKICV+4, outlen-4); free(TEMP1); free(TEMP2); @@ -127,8 +125,8 @@ index 56d3530..b1a36d3 100644 +#endif return(0); } - -@@ -279,31 +302,46 @@ int unwrap_v1_header(char *passphrase, cencrypted_v1_header *header, uint8_t *ae + +@@ -279,31 +302,46 @@ int unwrap_v1_header(char *passphrase, c int unwrap_v2_header(char *passphrase, cencrypted_v2_pwheader *header, uint8_t *aes_key, uint8_t *hmacsha1_key) { /* derived key is a 3DES-EDE key */ uint8_t derived_key[192/8]; @@ -136,7 +134,7 @@ index 56d3530..b1a36d3 100644 + EVP_CIPHER_CTX *ctx; uint8_t *TEMP1; int outlen, tmplen; - + +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + ctx = EVP_CIPHER_CTX_new(); +#else @@ -149,9 +147,9 @@ index 56d3530..b1a36d3 100644 + PKCS5_PBKDF2_HMAC_SHA1(passphrase, strlen(passphrase), (unsigned char*)header->kdf_salt, 20, PBKDF2_ITERATION_COUNT, sizeof(derived_key), derived_key); - + print_hex(derived_key, 192/8); - + - EVP_CIPHER_CTX_init(&ctx); + EVP_CIPHER_CTX_init(ctx); /* result of the decryption operation shouldn't be bigger than ciphertext */ @@ -159,7 +157,7 @@ index 56d3530..b1a36d3 100644 /* uses PKCS#7 padding for symmetric key operations by default */ - EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, derived_key, header->blob_enc_iv); + EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, derived_key, header->blob_enc_iv); - + - if(!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, header->encrypted_keyblob, header->encrypted_keyblob_size)) { + if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, header->encrypted_keyblob, header->encrypted_keyblob_size)) { fprintf(stderr, "internal error (1) during key unwrap operation!\n"); @@ -180,11 +178,11 @@ index 56d3530..b1a36d3 100644 +#endif memcpy(aes_key, TEMP1, 16); memcpy(hmacsha1_key, TEMP1, 20); - + @@ -446,8 +484,21 @@ int main(int argc, char *argv[]) { CHUNK_SIZE = v2header.blocksize; } - + - HMAC_CTX_init(&hmacsha1_ctx); - HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key, sizeof(hmacsha1_key), EVP_sha1(), NULL); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L @@ -203,11 +201,11 @@ index 56d3530..b1a36d3 100644 +#endif + HMAC_Init_ex(hmacsha1_ctx, hmacsha1_key, sizeof(hmacsha1_key), EVP_sha1(), NULL); AES_set_decrypt_key(aes_key, CIPHER_KEY_LENGTH * 8, &aes_decrypt_key); - + if (verbose >= 1) { @@ -472,5 +523,11 @@ int main(int argc, char *argv[]) { } - + if (verbose) fprintf(stderr, "%"PRIX32" chunks written\n", chunk_no); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + HMAC_CTX_free(hmacsha1_ctx);