From f48f4356580e3ceb5df212add0e8f91f3b899d2a Mon Sep 17 00:00:00 2001 From: Peter Michael Green Date: Tue, 19 Jan 2021 16:01:40 +0000 Subject: [PATCH] Import android-platform-external-boringssl_10.0.0+r36-1+rpi1.debian.tar.xz [dgit import tarball android-platform-external-boringssl 10.0.0+r36-1+rpi1 android-platform-external-boringssl_10.0.0+r36-1+rpi1.debian.tar.xz] --- .gitlab-ci.yml | 12 + README.Debian | 21 ++ android-libboringssl-dev.install | 4 + android-libboringssl.docs | 3 + android-libboringssl.install | 3 + changelog | 44 +++ clean | 1 + control | 57 ++++ copyright | 477 +++++++++++++++++++++++++++++++ gbp.conf | 3 + libcrypto.mk | 31 ++ libssl.mk | 57 ++++ patches/armv6.patch | 392 +++++++++++++++++++++++++ patches/series | 1 + rules | 13 + source/format | 1 + source/lintian-overrides | 5 + watch | 6 + 18 files changed, 1131 insertions(+) create mode 100644 .gitlab-ci.yml create mode 100644 README.Debian create mode 100755 android-libboringssl-dev.install create mode 100644 android-libboringssl.docs create mode 100755 android-libboringssl.install create mode 100644 changelog create mode 100644 clean create mode 100644 control create mode 100644 copyright create mode 100644 gbp.conf create mode 100644 libcrypto.mk create mode 100644 libssl.mk create mode 100644 patches/armv6.patch create mode 100644 patches/series create mode 100755 rules create mode 100644 source/format create mode 100644 source/lintian-overrides create mode 100644 watch diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..0a4cc68 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,12 @@ +pages: + image: registry.salsa.debian.org/salsa-ci-team/ci-image-git-buildpackage + stage: deploy + only: + - master + artifacts: + paths: + - public + expire_in: 1 day + script: + - gitlab-ci-git-buildpackage-all + - gitlab-ci-aptly diff --git a/README.Debian b/README.Debian new file mode 100644 index 0000000..fd5a11c --- /dev/null +++ b/README.Debian @@ -0,0 +1,21 @@ +This library is a version of Google's internal OpenSSL fork called +BoringSSL. This is not the official BoringSSL release, it is the +version of BoringSSL that is maintained as part of the Android SDK and +OS. These packages should never be used for anything but the parts of +the Android SDK that require them. + +We package these chunks separately because we believe it makes it +easier to maintain. Security updates can happen only in the +particular package rather than having to build the whole Android SDK +together as one giant source tree. + +Upstream is already good at providing security fixes for all of the +various bits, and they maintain quite a few stable releases in +parallel. Security maintenance for the Android SDK packages will +mostly be a matter of just including any new patch versions +(i.e. 8.1.0_r14 vs 8.1.0_r15). + +For more info: +https://lists.debian.org/debian-security/2016/05/msg00038.html + + -- Hans-Christoph Steiner , Wed, 28 Feb 2018 11:51:35 +0100 diff --git a/android-libboringssl-dev.install b/android-libboringssl-dev.install new file mode 100755 index 0000000..6b0e01e --- /dev/null +++ b/android-libboringssl-dev.install @@ -0,0 +1,4 @@ +#!/usr/bin/dh-exec + +debian/out/*.so usr/lib/${DEB_HOST_MULTIARCH}/android +include/openssl usr/include/android \ No newline at end of file diff --git a/android-libboringssl.docs b/android-libboringssl.docs new file mode 100644 index 0000000..b41e947 --- /dev/null +++ b/android-libboringssl.docs @@ -0,0 +1,3 @@ +NOTICE +src/INCORPORATING.md +src/README.md \ No newline at end of file diff --git a/android-libboringssl.install b/android-libboringssl.install new file mode 100755 index 0000000..c402285 --- /dev/null +++ b/android-libboringssl.install @@ -0,0 +1,3 @@ +#!/usr/bin/dh-exec + +debian/out/*.so.* usr/lib/${DEB_HOST_MULTIARCH}/android \ No newline at end of file diff --git a/changelog b/changelog new file mode 100644 index 0000000..274381c --- /dev/null +++ b/changelog @@ -0,0 +1,44 @@ +android-platform-external-boringssl (10.0.0+r36-1+rpi1) bullseye-staging; urgency=medium + + * Mark asm as armv6 to avoid setting off armv7 contamination checker. + * set __ARM_MAX_ARCH__ to 6. + * disable HWAES define. + * disable GHASH_ASM_ARM define. + + -- Peter Michael Green Tue, 19 Jan 2021 16:01:40 +0000 + +android-platform-external-boringssl (10.0.0+r36-1) unstable; urgency=medium + + * Team upload + * New upstream version + * Upstream (10.0.0+r36) (Closes: #933865) + + -- Dhyey Patel Mon, 23 Nov 2020 12:14:17 +0100 + +android-platform-external-boringssl (8.1.0+r23-3) unstable; urgency=medium + + [ Kai-Chung Yan (殷啟聰) ] + * d/copyright: Refer to the Apache-2.0 in the commons-licenses + + [ Roger Shimizu ] + * d/watch: Update rule to get new upstream version + + [ Hans-Christoph Steiner ] + * fix adb crashes on startup on armhf (Closes: #933865) + + -- Hans-Christoph Steiner Thu, 08 Oct 2020 19:35:08 +0200 + +android-platform-external-boringssl (8.1.0+r23-2) unstable; urgency=medium + + * Update d/copyright: + * Cover all copyright holders (Closes: #905820) + * Point the Source to AOSP + * Standards-Version => 4.2.1 + + -- Kai-Chung Yan Fri, 21 Sep 2018 16:43:18 +0800 + +android-platform-external-boringssl (8.1.0+r23-1) unstable; urgency=medium + + * Initial release (Closes: #823933) + + -- Kai-Chung Yan Mon, 28 May 2018 19:53:05 +0200 diff --git a/clean b/clean new file mode 100644 index 0000000..92a7cdc --- /dev/null +++ b/clean @@ -0,0 +1 @@ +debian/out/ \ No newline at end of file diff --git a/control b/control new file mode 100644 index 0000000..eb68eea --- /dev/null +++ b/control @@ -0,0 +1,57 @@ +Source: android-platform-external-boringssl +Section: libs +Priority: optional +Maintainer: Android Tools Maintainers +Uploaders: Kai-Chung Yan +Build-Depends: debhelper-compat (= 12), + dh-exec, +Standards-Version: 4.5.0 +Rules-Requires-Root: no +Vcs-Git: https://salsa.debian.org/android-tools-team/android-platform-external-boringssl.git +Vcs-Browser: https://salsa.debian.org/android-tools-team/android-platform-external-boringssl +Homepage: https://android.googlesource.com/platform/external/boringssl + +Package: android-libboringssl +Architecture: armel armhf arm64 amd64 i386 ppc64el +Depends: ${misc:Depends}, ${shlibs:Depends} +Description: Google's internal fork of OpenSSL for the Android SDK + The Android SDK builds against a static version of BoringSSL, + Google's internal fork of OpenSSL. This package should never be used + for anything but Android SDK packages that already depend on it. + . + BoringSSL arose because Google used OpenSSL for many years in various + ways and, over time, built up a large number of patches that were + maintained while tracking upstream OpenSSL. As Google’s product + portfolio became more complex, more copies of OpenSSL sprung up and + the effort involved in maintaining all these patches in multiple + places was growing steadily. + . + This is the Android AOSP fork of BoringSSL which is designed to be + used by Android and its SDK. BoringSSL is only ever statically linked + into apps, and pinned to a commit version. Upstream has no official + releases of BoringSSL on its own, so it must be included separately + for each project that uses it. + +Package: android-libboringssl-dev +Section: libdevel +Architecture: armel armhf arm64 amd64 i386 ppc64el +Depends: android-libboringssl (= ${binary:Version}), ${misc:Depends} +Description: Google's internal fork of OpenSSL for the Android SDK - devel + The Android SDK builds against a static version of BoringSSL, + Google's internal fork of OpenSSL. This package should never be used + for anything but Android SDK packages that already depend on it. + . + BoringSSL arose because Google used OpenSSL for many years in various + ways and, over time, built up a large number of patches that were + maintained while tracking upstream OpenSSL. As Google’s product + portfolio became more complex, more copies of OpenSSL sprung up and + the effort involved in maintaining all these patches in multiple + places was growing steadily. + . + This is the Android AOSP fork of BoringSSL which is designed to be + used by Android and its SDK. BoringSSL is only ever statically linked + into apps, and pinned to a commit version. Upstream has no official + releases of BoringSSL on its own, so it must be included separately + for each project that uses it. + . + This package contains the development files. diff --git a/copyright b/copyright new file mode 100644 index 0000000..75c8fee --- /dev/null +++ b/copyright @@ -0,0 +1,477 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0 +Source: https://android.googlesource.com/platform/external/boringssl +Upstream-Name: BoringSSL + +Files: * +Copyright: 1998-2011, The OpenSSL Project +License: OpenSSL and SSLeay + +Files: src/crypto/asn1/* + src/crypto/base64/base64.c + src/crypto/bio/* + src/crypto/bn_extra/* + src/crypto/buf/* + src/crypto/cipher_extra/cipher_extra.c + src/crypto/cipher_extra/derive_key.c + src/crypto/cipher_extra/e_null.c + src/crypto/cipher_extra/e_rc2.c + src/crypto/cipher_extra/e_rc4.c + src/crypto/cipher_extra/internal.h + src/crypto/conf/conf.c + src/crypto/conf/conf_def.h + src/crypto/cpu-intel.c + src/crypto/dh/check.c + src/crypto/dh/dh_test.cc + src/crypto/dh/dh.c + src/crypto/digest_extra/digest_extra.c + src/crypto/dsa/dsa_test.cc + src/crypto/dsa/dsa.c + src/crypto/err/err.c + src/crypto/evp/evp_asn1.c + src/crypto/evp/evp_ctx.c + src/crypto/evp/evp.c + src/crypto/evp/internal.h + src/crypto/evp/sign.c + src/crypto/ex_data.c + src/crypto/fipsmodule/bn/* + src/crypto/fipsmodule/cipher/cipher.c + src/crypto/fipsmodule/cipher/e_des.c + src/crypto/fipsmodule/cipher/internal.h + src/crypto/fipsmodule/des/des.c + src/crypto/fipsmodule/des/internal.h + src/crypto/fipsmodule/digest/digest.c + src/crypto/fipsmodule/digest/digests.c + src/crypto/fipsmodule/digest/internal.h + src/crypto/fipsmodule/hmac/hmac.c + src/crypto/fipsmodule/md4/md4.c + src/crypto/fipsmodule/md5/md5.c + src/crypto/fipsmodule/rsa/internal.h + src/crypto/fipsmodule/rsa/rsa_impl.c + src/crypto/fipsmodule/rsa/rsa.c + src/crypto/fipsmodule/sha/sha1-altivec.c + src/crypto/fipsmodule/sha/sha1.c + src/crypto/fipsmodule/sha/sha256.c + src/crypto/fipsmodule/sha/sha512.c + src/crypto/hmac_extra/* + src/crypto/internal.h + src/crypto/lhash/lhash.c + src/crypto/mem.c + src/crypto/obj/* + src/crypto/pem/* + src/crypto/rc4/rc4.c + src/crypto/rsa_extra/* + src/crypto/stack/stack.c + src/crypto/thread.c + src/crypto/x509/* + src/decrepit/bio/base64_bio.c + src/decrepit/blowfish/blowfish.c + src/decrepit/cast/cast_tables.c + src/decrepit/cast/cast.c + src/decrepit/cast/internal.h + src/decrepit/des/cfb64ede.c + src/decrepit/macros.h + src/decrepit/rc4/rc4_decrepit.c + src/decrepit/ripemd/internal.h + src/decrepit/ripemd/ripemd.c + src/decrepit/rsa/rsa_decrepit.c + src/decrepit/ssl/ssl_decrepit.c + src/include/openssl/asn1.h + src/include/openssl/base64.h + src/include/openssl/bio.h + src/include/openssl/blowfish.h + src/include/openssl/bn.h + src/include/openssl/buf.h + src/include/openssl/cast.h + src/include/openssl/cipher.h + src/include/openssl/conf.h + src/include/openssl/cpu.h + src/include/openssl/des.h + src/include/openssl/dh.h + src/include/openssl/digest.h + src/include/openssl/dsa.h + src/include/openssl/err.h + src/include/openssl/evp.h + src/include/openssl/ex_data.h + src/include/openssl/hmac.h + src/include/openssl/lhash.h + src/include/openssl/md4.h + src/include/openssl/md5.h + src/include/openssl/mem.h + src/include/openssl/nid.h + src/include/openssl/obj.h + src/include/openssl/pem.h + src/include/openssl/rc4.h + src/include/openssl/ripemd.h + src/include/openssl/rsa.h + src/include/openssl/sha.h + src/include/openssl/ssl.h + src/include/openssl/ssl3.h + src/include/openssl/stack.h + src/include/openssl/thread.h + src/include/openssl/tls1.h + src/include/openssl/type_check.h + src/include/openssl/x509_vfy.h + src/include/openssl/x509.h + src/ssl/* +Copyright: 1995-1998, Eric Young +License: SSLeay + +Files: crypto_test_data.cc + err_data.c + rules.mk + src/.clang-format + src/.github/* + src/.gitignore + src/BUILDING.md + src/CMakeLists.txt + src/codereview.settings + src/CONTRIBUTING.md + src/crypto/asn1/asn1_test.cc + src/crypto/base64/base64_test.cc + src/crypto/bio/bio_test.cc + src/crypto/bio/socket_helper.c + src/crypto/bn_extra/bn_asn1.c + src/crypto/bytestring/* + src/crypto/chacha/* + src/crypto/cipher_extra/aead_test.cc + src/crypto/cipher_extra/e_aesctrhmac.c + src/crypto/cipher_extra/e_aesgcmsiv.c + src/crypto/cipher_extra/e_chacha20poly1305.c + src/crypto/cipher_extra/e_ssl3.c + src/crypto/cipher_extra/e_tls.c + src/crypto/cipher_extra/test/nist_cavp/make_cavp.go + src/crypto/cmac/cmac_test.cc + src/crypto/compiler_test.cc + src/crypto/conf/internal.h + src/crypto/cpu-aarch64-linux.c + src/crypto/cpu-arm-linux.c + src/crypto/cpu-arm.c + src/crypto/cpu-ppc64le.c + src/crypto/crypto.c + src/crypto/curve25519/* + src/crypto/dh/CMakeLists.txt + src/crypto/digest_extra/digest_test.cc + src/crypto/digest_extra/internal.h + src/crypto/ecdh/ecdh_test.cc + src/crypto/engine/* + src/crypto/err/err_data_generate.go + src/crypto/err/err_test.cc + src/crypto/evp/evp_extra_test.cc + src/crypto/evp/p_ed25519_asn1.c + src/crypto/evp/p_ed25519.c + src/crypto/evp/pbkdf_test.cc + src/crypto/evp/scrypt_test.cc + src/crypto/fipsmodule/aes/aes_test.cc + src/crypto/fipsmodule/aes/internal.h + src/crypto/fipsmodule/bcm.c + src/crypto/fipsmodule/bn/check_bn_tests.go + src/crypto/fipsmodule/cipher/aead.c + src/crypto/fipsmodule/delocate.h + src/crypto/fipsmodule/ec/ec_test.cc + src/crypto/fipsmodule/ec/p224-64.c + src/crypto/fipsmodule/ec/p256-64.c + src/crypto/fipsmodule/ec/p256-x86_64_test.cc + src/crypto/fipsmodule/ec/util-64.c + src/crypto/fipsmodule/is_fips.c + src/crypto/fipsmodule/modes/polyval.c + src/crypto/fipsmodule/rand/* + src/crypto/hkdf/* + src/crypto/lhash/lhash_test.cc + src/crypto/lhash/make_macros.sh + src/crypto/obj/obj_test.cc + src/crypto/obj/objects.go + src/crypto/pkcs7/* + src/crypto/pkcs8/pkcs12_test.cc + src/crypto/pkcs8/pkcs8_test.cc + src/crypto/poly1305/* + src/crypto/pool/* + src/crypto/rand_extra/* + src/crypto/refcount_*.c + src/crypto/test/* + src/crypto/thread_*.c + src/crypto/x509/internal.h + src/crypto/x509/x509_test.cc + src/decrepit/evp/* + src/decrepit/obj/* + src/decrepit/ripemd/* + src/decrepit/x509/* + src/fipstools/* + src/FUZZING.md + src/include/openssl/aead.h + src/include/openssl/asn1_mac.h + src/include/openssl/buffer.h + src/include/openssl/bytestring.h + src/include/openssl/chacha.h + src/include/openssl/cmac.h + src/include/openssl/crypto.h + src/include/openssl/curve25519.h + src/include/openssl/dtls1.h + src/include/openssl/engine.h + src/include/openssl/hkdf.h + src/include/openssl/is_boringssl.h + src/include/openssl/lhash_macros.h + src/include/openssl/obj_mac.h + src/include/openssl/objects.h + src/include/openssl/opensslconf.h + src/include/openssl/opensslv.h + src/include/openssl/ossl_typ.h + src/include/openssl/pkcs12.h + src/include/openssl/pkcs7.h + src/include/openssl/poly1305.h + src/include/openssl/pool.h + src/include/openssl/rand.h + src/include/openssl/safestack.h + src/include/openssl/srtp.h + src/INCORPORATING.md + src/LICENSE + src/PORTING.md + src/README.md + src/ssl/CMakeLists.txt + src/ssl/custom_extensions.cc + src/ssl/ssl_aead_ctx.cc + src/ssl/ssl_buffer.cc + src/ssl/ssl_ecdh.cc + src/ssl/ssl_test.cc + src/ssl/ssl_versions.cc + src/ssl/test/* + src/ssl/tls13_both.cc + src/ssl/tls13_client.cc + src/ssl/tls13_enc.cc + src/ssl/tls13_server.cc + src/STYLE.md + src/tool/* + src/util/* +Copyright: 2014-2017, Google Inc. +License: ISC + +Files: src/crypto/cipher_extra/asm/aes128gcmsiv-x86_64.pl +Copyright: 2017, Shay Gueron + 2017, Google Inc +License: ISC + +Files: AndroidTest.xml + sources.bp + sources.mk +Copyright: 2017, The Android Open Source Project +License: Apache-2.0 + +Files: src/ssl/test/runner/curve25519/* + src/ssl/test/runner/ed25519/* + src/ssl/test/runner/alert.go + src/ssl/test/runner/cipher_suites.go + src/ssl/test/runner/common.go + src/ssl/test/runner/conn.go + src/ssl/test/runner/dtls.go + src/ssl/test/runner/handshake_client.go + src/ssl/test/runner/handshake_messages.go + src/ssl/test/runner/handshake_server.go + src/ssl/test/runner/key_agreement.go + src/ssl/test/runner/packet_adapter.go + src/ssl/test/runner/prf.go + src/ssl/test/runner/sign.go + src/ssl/test/runner/ticket.go + src/ssl/test/runner/tls.go +Copyright: 2012-2016, The Go Authors +License: BSD-3-clause + +Files: src/util/bot/go/* + src/util/bot/vs_toolchain.py +Copyright: 2014, The Chromium Authors +License: BSD-3-clause + +Files: src/crypto/fipsmodule/bn/asm/rsaz-avx2.pl + src/crypto/fipsmodule/bn/rsaz_exp.c + src/crypto/fipsmodule/bn/rsaz_exp.h +Copyright: 2012, Intel Corporation +License: BSD-3-clause + +Files: src/crypto/fipsmodule/ec/asm/p256-x86_64-asm.pl + src/crypto/fipsmodule/ec/p256-x86_64-table.h + src/crypto/fipsmodule/ec/p256-x86_64.* +Copyright: 2014-2015, Intel Corporation +License: ISC + +Files: src/crypto/x509v3/v3_pci.c + src/crypto/x509v3/v3_pcia.c +Copyright: 2004, Kungliga Tekniska Högskolan +License: BSD-3-clause + +Files: src/third_party/android-cmake/AndroidNdkGdb.cmake + src/third_party/android-cmake/AndroidNdkModules.cmake +Copyright: 2014, Pavel Rojtberg +License: BSD-3-clause + +Files: src/third_party/android-cmake/android.toolchain.cmake +Copyright: 2011-2014, Andrey Kamaev + 2010-2011, Ethan Rublee +License: BSD-3-clause + +Files: src/crypto/ecdh/ecdh.c + src/include/openssl/ecdh.h +Copyright: 2002, Sun Microsystems + 2000-2002, The OpenSSL Project +License: OpenSSL + +Files: src/crypto/fipsmodule/bn/montgomery_inv.c +Copyright: 2016, Brian Smith +License: ISC + +Files: src/crypto/cipher_extra/asm/chacha20_poly1305_x86_64.pl +Copyright: 2015, CloudFlare Ltd +License: ISC + +Files: debian/* +Copyright: 2016, Kai-Chung Yan +License: MIT + +License: OpenSSL + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. All advertising materials mentioning features or use of this + software must display the following acknowledgment: + "This product includes software developed by the OpenSSL Project + for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + endorse or promote products derived from this software without + prior written permission. For written permission, please contact + openssl-core@openssl.org. + 5. Products derived from this software may not be called "OpenSSL" + nor may "OpenSSL" appear in their names without prior written + permission of the OpenSSL Project. + 6. Redistributions of any form whatsoever must retain the following + acknowledgment: + "This product includes software developed by the OpenSSL Project + for use in the OpenSSL Toolkit (http://www.openssl.org/)" + . + THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + OF THE POSSIBILITY OF SUCH DAMAGE. + +License: ISC + Permission to use, copy, modify, and/or distribute this software for any + purpose with or without fee is hereby granted, provided that the above + copyright notice and this permission notice appear in all copies. + . + THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +License: MIT + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to deal + in the Software without restriction, including without limitation the rights + to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + . + The above copyright notice and this permission notice shall be included in all + copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE. + +License: SSLeay + This library is free for commercial and non-commercial use as long as + the following conditions are adhered to. The following conditions + apply to all code found in this distribution, be it the RC4, RSA, + lhash, DES, etc., code; not just the SSL code. The SSL documentation + included with this distribution is covered by the same copyright terms + except that the holder is Tim Hudson (tjh@cryptsoft.com). + . + Copyright remains Eric Young's, and as such any Copyright notices in + the code are not to be removed. + If this package is used in a product, Eric Young should be given attribution + as the author of the parts of the library used. + This can be in the form of a textual message at program startup or + in documentation (online or textual) provided with the package. + . + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + "This product includes cryptographic software written by + Eric Young (eay@cryptsoft.com)" + The word 'cryptographic' can be left out if the routines from the library + being used are not cryptographic related :-). + 4. If you include any Windows specific code (or a derivative thereof) from + the apps directory (application code) you must include an acknowledgement: + "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + . + THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. + . + The licence and distribution terms for any publically available version or + derivative of this code cannot be changed. i.e. this code cannot simply be + copied and put under another distribution licence + [including the GNU General Public Licence.] + +License: Apache-2.0 + On Debian systems, the full text of the Apache License, Version 2.0 + can be found in the file `/usr/share/common-licenses/Apache-2.0'. + +License: BSD-3-clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + . + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following disclaimer + in the documentation and/or other materials provided with the + distribution. + * Neither the name of Google Inc. nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/gbp.conf b/gbp.conf new file mode 100644 index 0000000..5474c60 --- /dev/null +++ b/gbp.conf @@ -0,0 +1,3 @@ +[DEFAULT] +pristine-tar = True +sign-tags = True diff --git a/libcrypto.mk b/libcrypto.mk new file mode 100644 index 0000000..4c0268e --- /dev/null +++ b/libcrypto.mk @@ -0,0 +1,31 @@ +include sources.mk + +NAME = libcrypto +SOURCES = $(crypto_sources) + +amd64_SOURCES = $(linux_x86_64_sources) +arm64_SOURCES = $(linux_aarch64_sources) +armel_SOURCES = $(linux_arm_sources) +armhf_SOURCES = $(linux_arm_sources) +i386_SOURCES = $(linux_x86_sources) +ppcel64_SOURCES = $(linux_ppc64le_sources) + +SOURCES += $($(DEB_HOST_ARCH)_SOURCES) + +CFLAGS+= \ + -D_XOPEN_SOURCE=700 \ + -DBORINGSSL_ANDROID_SYSTEM \ + -DBORINGSSL_IMPLEMENTATION \ + -DBORINGSSL_SHARED_LIBRARY \ + -DOPENSSL_SMALL \ + -fvisibility=hidden \ + -Wa,--noexecstack # Fixes `shlib-with-executable-stack`, see `src/util/BUILD.toplevel` + +CPPFLAGS += -Isrc/include -Isrc/crypto + +LDFLAGS += -shared -Wl,-soname,$(NAME).so.0 -lpthread + +build: $(SOURCES) + mkdir --parents debian/out + $(CC) $^ -o debian/out/$(NAME).so.0 $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) + ln -s $(NAME).so.0 debian/out/$(NAME).so \ No newline at end of file diff --git a/libssl.mk b/libssl.mk new file mode 100644 index 0000000..7eba91b --- /dev/null +++ b/libssl.mk @@ -0,0 +1,57 @@ +NAME = libssl +SOURCES = \ + src/ssl/bio_ssl.cc \ + src/ssl/d1_both.cc \ + src/ssl/d1_lib.cc \ + src/ssl/d1_pkt.cc \ + src/ssl/d1_srtp.cc \ + src/ssl/dtls_method.cc \ + src/ssl/dtls_record.cc \ + src/ssl/handoff.cc \ + src/ssl/handshake.cc \ + src/ssl/handshake_client.cc \ + src/ssl/handshake_server.cc \ + src/ssl/s3_both.cc \ + src/ssl/s3_lib.cc \ + src/ssl/s3_pkt.cc \ + src/ssl/ssl_aead_ctx.cc \ + src/ssl/ssl_asn1.cc \ + src/ssl/ssl_buffer.cc \ + src/ssl/ssl_cert.cc \ + src/ssl/ssl_cipher.cc \ + src/ssl/ssl_file.cc \ + src/ssl/ssl_key_share.cc \ + src/ssl/ssl_lib.cc \ + src/ssl/ssl_privkey.cc \ + src/ssl/ssl_session.cc \ + src/ssl/ssl_stat.cc \ + src/ssl/ssl_transcript.cc \ + src/ssl/ssl_versions.cc \ + src/ssl/ssl_x509.cc \ + src/ssl/t1_enc.cc \ + src/ssl/t1_lib.cc \ + src/ssl/tls13_both.cc \ + src/ssl/tls13_client.cc \ + src/ssl/tls13_enc.cc \ + src/ssl/tls13_server.cc \ + src/ssl/tls_method.cc \ + src/ssl/tls_record.cc \ + +CXXFLAGS += \ + -D_XOPEN_SOURCE=700 \ + -DBORINGSSL_ANDROID_SYSTEM \ + -DBORINGSSL_IMPLEMENTATION \ + -DBORINGSSL_SHARED_LIBRARY \ + -DOPENSSL_SMALL \ + -fvisibility=hidden \ + +CPPFLAGS += -Isrc/include + +LDFLAGS += -shared -Wl,-soname,$(NAME).so.0 \ + -Wl,-rpath=/usr/lib/$(DEB_HOST_MULTIARCH)/android \ + -lpthread -Ldebian/out -lcrypto + +build: $(SOURCES) + mkdir --parents debian/out + $(CXX) $^ -o debian/out/$(NAME).so.0 $(CXXFLAGS) $(CPPFLAGS) $(LDFLAGS) + ln -s $(NAME).so.0 debian/out/$(NAME).so diff --git a/patches/armv6.patch b/patches/armv6.patch new file mode 100644 index 0000000..2dd5612 --- /dev/null +++ b/patches/armv6.patch @@ -0,0 +1,392 @@ +Description: Mark asm as armv6 to avoid setting off armv7 contamination checker. +Author: Peter Michael Green + +Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/chacha/chacha-armv4.S +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/chacha/chacha-armv4.S ++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/chacha/chacha-armv4.S +@@ -16,7 +16,7 @@ + + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. +-.arch armv7-a ++.arch armv6 + + .text + #if defined(__thumb2__) || defined(__clang__) +@@ -808,7 +808,7 @@ ChaCha20_ctr32: + ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,pc} + .size ChaCha20_ctr32,.-ChaCha20_ctr32 + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .type ChaCha20_neon,%function +Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/aes-armv4.S +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/aes-armv4.S ++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/aes-armv4.S +@@ -61,7 +61,7 @@ + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. (ARMv8 AES + @ instructions are in aesv8-armx.pl.) +-.arch armv7-a ++.arch armv6 + + .text + #if defined(__thumb2__) && !defined(__APPLE__) +Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/aesv8-armx32.S +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/aesv8-armx32.S ++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/aesv8-armx32.S +@@ -16,7 +16,7 @@ + + #if __ARM_MAX_ARCH__>=7 + .text +-.arch armv7-a @ don't confuse not-so-latest binutils with argv8 :-) ++.arch armv6 @ don't confuse not-so-latest binutils with argv8 :-) + .fpu neon + .code 32 + #undef __thumb2__ +Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/armv4-mont.S +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/armv4-mont.S ++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/armv4-mont.S +@@ -16,7 +16,7 @@ + + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. +-.arch armv7-a ++.arch armv6 + + .text + #if defined(__thumb2__) +@@ -210,7 +210,7 @@ bn_mul_mont: + #endif + .size bn_mul_mont,.-bn_mul_mont + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .type bn_mul8x_mont_neon,%function +Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/bsaes-armv7.S +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/bsaes-armv7.S ++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/bsaes-armv7.S +@@ -84,7 +84,7 @@ + #endif + + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .text +Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/ghash-armv4.S +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/ghash-armv4.S ++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/ghash-armv4.S +@@ -17,7 +17,7 @@ + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. (ARMv8 PMULL + @ instructions are in aesv8-armx.pl.) +-.arch armv7-a ++.arch armv6 + + .text + #if defined(__thumb2__) || defined(__clang__) +@@ -367,7 +367,7 @@ gcm_gmult_4bit: + #endif + .size gcm_gmult_4bit,.-gcm_gmult_4bit + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .globl gcm_init_neon +Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha1-armv4-large.S +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/sha1-armv4-large.S ++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha1-armv4-large.S +@@ -506,7 +506,7 @@ sha1_block_data_order: + .align 2 + .align 5 + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .type sha1_block_data_order_neon,%function +Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha256-armv4.S +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/sha256-armv4.S ++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha256-armv4.S +@@ -67,7 +67,7 @@ + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors. It does have ARMv8-only code, but those + @ instructions are manually-encoded. (See unsha256.) +-.arch armv7-a ++.arch armv6 + + .text + #if defined(__thumb2__) +@@ -1892,7 +1892,7 @@ sha256_block_data_order: + #endif + .size sha256_block_data_order,.-sha256_block_data_order + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .globl sha256_block_data_order_neon +Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha512-armv4.S +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/fipsmodule/sha512-armv4.S ++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/fipsmodule/sha512-armv4.S +@@ -79,7 +79,7 @@ + + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. +-.arch armv7-a ++.arch armv6 + + #ifdef __ARMEL__ + # define LO 0 +@@ -550,7 +550,7 @@ sha512_block_data_order: + #endif + .size sha512_block_data_order,.-sha512_block_data_order + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .globl sha512_block_data_order_neon +Index: android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/test/trampoline-armv4.S +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/linux-arm/crypto/test/trampoline-armv4.S ++++ android-platform-external-boringssl-10.0.0+r36/linux-arm/crypto/test/trampoline-armv4.S +@@ -14,7 +14,7 @@ + #endif + .syntax unified + +-.arch armv7-a ++.arch armv6 + .fpu vfp + + .text +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/chacha/asm/chacha-armv4.pl +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/chacha/asm/chacha-armv4.pl ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/chacha/asm/chacha-armv4.pl +@@ -173,7 +173,7 @@ $code.=<<___; + + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. +-.arch armv7-a ++.arch armv6 + + .text + #if defined(__thumb2__) || defined(__clang__) +@@ -665,7 +665,7 @@ my ($a,$b,$c,$d,$t)=@_; + + $code.=<<___; + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .type ChaCha20_neon,%function +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/aes-armv4.pl +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/aes/asm/aes-armv4.pl ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/aes-armv4.pl +@@ -79,7 +79,7 @@ $code=<<___; + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. (ARMv8 AES + @ instructions are in aesv8-armx.pl.) +-.arch armv7-a ++.arch armv6 + + .text + #if defined(__thumb2__) && !defined(__APPLE__) +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/aesv8-armx.pl +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/aes/asm/aesv8-armx.pl ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/aesv8-armx.pl +@@ -60,7 +60,7 @@ $code=<<___; + ___ + $code.=".arch armv8-a+crypto\n" if ($flavour =~ /64/); + $code.=<<___ if ($flavour !~ /64/); +-.arch armv7-a // don't confuse not-so-latest binutils with argv8 :-) ++.arch armv6 // don't confuse not-so-latest binutils with argv8 :-) + .fpu neon + .code 32 + #undef __thumb2__ +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/bsaes-armv7.pl +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/aes/asm/bsaes-armv7.pl ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/asm/bsaes-armv7.pl +@@ -725,7 +725,7 @@ $code.=<<___; + #endif + + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .text +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/bn/asm/armv4-mont.pl +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/bn/asm/armv4-mont.pl ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/bn/asm/armv4-mont.pl +@@ -99,7 +99,7 @@ $code=<<___; + + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. +-.arch armv7-a ++.arch armv6 + + .text + #if defined(__thumb2__) +@@ -306,7 +306,7 @@ my ($tinptr,$toutptr,$inner,$outer,$bnpt + + $code.=<<___; + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .type bn_mul8x_mont_neon,%function +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/modes/asm/ghash-armv4.pl +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/modes/asm/ghash-armv4.pl ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/modes/asm/ghash-armv4.pl +@@ -145,7 +145,7 @@ $code=<<___; + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. (ARMv8 PMULL + @ instructions are in aesv8-armx.pl.) +-.arch armv7-a ++.arch armv6 + + .text + #if defined(__thumb2__) || defined(__clang__) +@@ -429,7 +429,7 @@ ___ + + $code.=<<___; + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .global gcm_init_neon +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha1-armv4-large.pl +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/sha/asm/sha1-armv4-large.pl ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha1-armv4-large.pl +@@ -525,7 +525,7 @@ sub Xloop() + + $code.=<<___; + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .type sha1_block_data_order_neon,%function +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha256-armv4.pl +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/sha/asm/sha256-armv4.pl ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha256-armv4.pl +@@ -184,7 +184,7 @@ $code=<<___; + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors. It does have ARMv8-only code, but those + @ instructions are manually-encoded. (See unsha256.) +-.arch armv7-a ++.arch armv6 + + .text + #if defined(__thumb2__) +@@ -475,7 +475,7 @@ sub body_00_15 () { + + $code.=<<___; + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .global sha256_block_data_order_neon +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha512-armv4.pl +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/sha/asm/sha512-armv4.pl ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/sha/asm/sha512-armv4.pl +@@ -210,7 +210,7 @@ $code=<<___; + + @ Silence ARMv8 deprecated IT instruction warnings. This file is used by both + @ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. +-.arch armv7-a ++.arch armv6 + + #ifdef __ARMEL__ + # define LO 0 +@@ -606,7 +606,7 @@ ___ + + $code.=<<___; + #if __ARM_MAX_ARCH__>=7 +-.arch armv7-a ++.arch armv6 + .fpu neon + + .global sha512_block_data_order_neon +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/test/asm/trampoline-armv4.pl +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/test/asm/trampoline-armv4.pl ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/test/asm/trampoline-armv4.pl +@@ -49,7 +49,7 @@ my ($func, $state, $argv, $argc) = ("r0" + my $code = <<____; + .syntax unified + +-.arch armv7-a ++.arch armv6 + .fpu vfp + + .text +Index: android-platform-external-boringssl-10.0.0+r36/src/include/openssl/arm_arch.h +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/include/openssl/arm_arch.h ++++ android-platform-external-boringssl-10.0.0+r36/src/include/openssl/arm_arch.h +@@ -100,7 +100,7 @@ + + // Even when building for 32-bit ARM, support for aarch64 crypto instructions + // will be included. +-#define __ARM_MAX_ARCH__ 8 ++#define __ARM_MAX_ARCH__ 6 + + // ARMV7_NEON is true when a NEON unit is present in the current CPU. + #define ARMV7_NEON (1 << 0) +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/internal.h +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/aes/internal.h ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/aes/internal.h +@@ -42,7 +42,7 @@ OPENSSL_INLINE int vpaes_capable(void) { + return (OPENSSL_ia32cap_get()[1] & (1 << (41 - 32))) != 0; + } + +-#elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) ++#elif false + #define HWAES + + OPENSSL_INLINE int hwaes_capable(void) { return CRYPTO_is_ARMv8_AES_capable(); } +Index: android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/modes/internal.h +=================================================================== +--- android-platform-external-boringssl-10.0.0+r36.orig/src/crypto/fipsmodule/modes/internal.h ++++ android-platform-external-boringssl-10.0.0+r36/src/crypto/fipsmodule/modes/internal.h +@@ -314,7 +314,7 @@ void gcm_ghash_4bit_mmx(uint64_t Xi[2], + size_t len); + #endif // OPENSSL_X86 + +-#elif defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) ++#elif false + #define GHASH_ASM_ARM + #define GCM_FUNCREF_4BIT + diff --git a/patches/series b/patches/series new file mode 100644 index 0000000..ebe53ce --- /dev/null +++ b/patches/series @@ -0,0 +1 @@ +armv6.patch diff --git a/rules b/rules new file mode 100755 index 0000000..e15c3a1 --- /dev/null +++ b/rules @@ -0,0 +1,13 @@ +#!/usr/bin/make -f + +include /usr/share/dpkg/architecture.mk +include /usr/share/dpkg/pkg-info.mk + +export DEB_LDFLAGS_MAINT_APPEND = -fPIC +export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +%: + dh $@ +override_dh_auto_build: + dh_auto_build --buildsystem=makefile -- -f debian/libcrypto.mk + dh_auto_build --buildsystem=makefile -- -f debian/libssl.mk diff --git a/source/format b/source/format new file mode 100644 index 0000000..46ebe02 --- /dev/null +++ b/source/format @@ -0,0 +1 @@ +3.0 (quilt) \ No newline at end of file diff --git a/source/lintian-overrides b/source/lintian-overrides new file mode 100644 index 0000000..c6344f5 --- /dev/null +++ b/source/lintian-overrides @@ -0,0 +1,5 @@ +# These are only test files for the ar implementation in Go. +source: source-is-missing src/util/ar/testdata/linux/bar.cc.o +source: source-is-missing src/util/ar/testdata/linux/foo.c.o +source: source-contains-prebuilt-binary src/util/ar/testdata/linux/bar.cc.o +source: source-contains-prebuilt-binary src/util/ar/testdata/linux/foo.c.o diff --git a/watch b/watch new file mode 100644 index 0000000..bb69267 --- /dev/null +++ b/watch @@ -0,0 +1,6 @@ +version=4 +opts="pagemangle=s%\">android-%\.tar\.gz\">android-%g;s%/\+/refs/tags/%/+archive/%g, \ + uversionmangle=s%\.(\d+)\.\.tar\.gz%\+r$1%, \ + filenamemangle=s%[\w\/]+\+archive\/android-%@PACKAGE@-%" \ +https://android.googlesource.com/platform/external/boringssl/+refs \ + [\w\/]+\+archive\/android-([0-9\.]+)_r(\d+|\d+\.\d+|\w)(\.tar\.gz) debian uupdate -- 2.30.2