Bug#997511: softhsm2: diff for NMU version 2.6.1-2.1
On 2022-05-21 00:10:47 +0200, Ondřej Surý wrote: > Hi, > > feel free to upload the NMU directly, I think I do have lowNMU threshold set > (somewhere) Thanks, done! Cheers > > -- > Ondřej Surý (He/Him) > > > On 20. 5. 2022, at 23:27, Sebastian Ramacher wrote: > > > > Control: tags 997511 + patch > > Control: tags 997511 + pending > > > > Dear maintainer, > > > > I've prepared an NMU for softhsm2 (versioned as 2.6.1-2.1) and > > uploaded it to DELAYED/2. Please feel free to tell me if I > > should delay it longer. > > > > Cheers > > -- > > Sebastian Ramacher > diff -Nru softhsm2-2.6.1/debian/changelog softhsm2-2.6.1/debian/changelog > --- softhsm2-2.6.1/debian/changelog 2020-05-15 11:41:43.0 +0200 > +++ softhsm2-2.6.1/debian/changelog 2022-05-20 23:23:22.0 +0200 > @@ -1,3 +1,10 @@ > +softhsm2 (2.6.1-2.1) unstable; urgency=medium > + > + [ William 'jawn-smith' Wilson ] > + * Disable some tests that are failing with openssl v3 (Closes: #997511) > + > + -- Sebastian Ramacher Fri, 20 May 2022 23:23:22 > +0200 > + > softhsm2 (2.6.1-2) unstable; urgency=medium > >* Explicitly enable ECC and EDDSA curves (Closes: #942419) > diff -Nru softhsm2-2.6.1/debian/patches/0003-fix-ftbfs-with-opensslv3.patch > softhsm2-2.6.1/debian/patches/0003-fix-ftbfs-with-opensslv3.patch > --- softhsm2-2.6.1/debian/patches/0003-fix-ftbfs-with-opensslv3.patch > 1970-01-01 01:00:00.0 +0100 > +++ softhsm2-2.6.1/debian/patches/0003-fix-ftbfs-with-opensslv3.patch > 2022-05-20 23:14:03.0 +0200 > @@ -0,0 +1,1103 @@ > +From 643f061e6fbe04552a2c49bd00528e61a9a77064 Mon Sep 17 00:00:00 2001 > +From: Alexander Bokovoy > +Date: Wed, 26 May 2021 20:03:25 +0300 > +Subject: [PATCH 1/4] openssl 3.0: Run DES tests only if OpenSSL allows it > + > +OpenSSL 3.0 moves DES into a legacy provider which has to be loaded > +explicitly. By default, it will not be loaded and DES methods in tests > +will fail. Nest test blocks under successful initialization. > + > +Signed-off-by: Alexander Bokovoy > +--- > + src/lib/crypto/test/DESTests.cpp | 350 --- > + 1 file changed, 182 insertions(+), 168 deletions(-) > + > +Index: softhsm2-2.6.1/src/lib/crypto/test/DESTests.cpp > +=== > +--- softhsm2-2.6.1.orig/src/lib/crypto/test/DESTests.cpp > softhsm2-2.6.1/src/lib/crypto/test/DESTests.cpp > +@@ -259,54 +259,58 @@ > + > + // Now, do the same thing using our DES implementation > + shsmCipherText.wipe(); > +-CPPUNIT_ASSERT(des->encryptInit(, > SymMode::CBC, IV)); > ++if (des->encryptInit(, SymMode::CBC, IV)) { > + > +-CPPUNIT_ASSERT(des->encryptUpdate(plainText, OB)); > +-shsmCipherText += OB; > ++CPPUNIT_ASSERT(des->encryptUpdate(plainText, > OB)); > ++shsmCipherText += OB; > + > +-CPPUNIT_ASSERT(des->encryptFinal(OB)); > +-shsmCipherText += OB; > ++CPPUNIT_ASSERT(des->encryptFinal(OB)); > ++shsmCipherText += OB; > + > +-CPPUNIT_ASSERT(shsmCipherText == cipherText); > ++CPPUNIT_ASSERT(shsmCipherText == cipherText); > + > +-// Check that we can get the plain text > +-shsmPlainText.wipe(); > +-CPPUNIT_ASSERT(des->decryptInit(, > SymMode::CBC, IV)); > ++// Check that we can get the plain text > ++shsmPlainText.wipe(); > ++CPPUNIT_ASSERT(des->decryptInit(, > SymMode::CBC, IV)); > + > +-CPPUNIT_ASSERT(des->decryptUpdate(shsmCipherText, OB)); > +-shsmPlainText += OB; > ++ > CPPUNIT_ASSERT(des->decryptUpdate(shsmCipherText, OB)); > ++shsmPlainText += OB; > + > +-CPPUNIT_ASSERT(des->decryptFinal(OB)); > +-shsmPlainText += OB; > ++CPPUNIT_ASSERT(des->decryptFinal(OB)); > ++shsmPlainText += OB; > + > +-CPPUNIT_ASSERT(shsmPlainText == plainText); > ++CPPUNIT_ASSERT(shsmPlainText == plainText); > ++ > ++} > + > + // Test 112-bit key > + cipherText = ByteString(testResult[i][j][1]); > + > + // Now, do the same thing using our DES implementation > + shsmCipherText.wipe(); > +-CPPUNIT_ASSERT(des->encryptInit(, > SymMode::CBC, IV)); > ++if (des->encryptInit(, SymMode::CBC, IV)) { > + > +-CPPUNIT_ASSERT(des->encryptUpdate(plainText, OB)); > +-
Bug#997511: softhsm2: diff for NMU version 2.6.1-2.1
Hi, feel free to upload the NMU directly, I think I do have lowNMU threshold set (somewhere) -- Ondřej Surý (He/Him) > On 20. 5. 2022, at 23:27, Sebastian Ramacher wrote: > > Control: tags 997511 + patch > Control: tags 997511 + pending > > Dear maintainer, > > I've prepared an NMU for softhsm2 (versioned as 2.6.1-2.1) and > uploaded it to DELAYED/2. Please feel free to tell me if I > should delay it longer. > > Cheers > -- > Sebastian Ramacher softhsm2-2.6.1-2.1-nmu.diff Description: Binary data signature.asc Description: Binary data
Bug#997511: softhsm2: diff for NMU version 2.6.1-2.1
Control: tags 997511 + patch Control: tags 997511 + pending Dear maintainer, I've prepared an NMU for softhsm2 (versioned as 2.6.1-2.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Cheers -- Sebastian Ramacher diff -Nru softhsm2-2.6.1/debian/changelog softhsm2-2.6.1/debian/changelog --- softhsm2-2.6.1/debian/changelog 2020-05-15 11:41:43.0 +0200 +++ softhsm2-2.6.1/debian/changelog 2022-05-20 23:23:22.0 +0200 @@ -1,3 +1,10 @@ +softhsm2 (2.6.1-2.1) unstable; urgency=medium + + [ William 'jawn-smith' Wilson ] + * Disable some tests that are failing with openssl v3 (Closes: #997511) + + -- Sebastian Ramacher Fri, 20 May 2022 23:23:22 +0200 + softhsm2 (2.6.1-2) unstable; urgency=medium * Explicitly enable ECC and EDDSA curves (Closes: #942419) diff -Nru softhsm2-2.6.1/debian/patches/0003-fix-ftbfs-with-opensslv3.patch softhsm2-2.6.1/debian/patches/0003-fix-ftbfs-with-opensslv3.patch --- softhsm2-2.6.1/debian/patches/0003-fix-ftbfs-with-opensslv3.patch 1970-01-01 01:00:00.0 +0100 +++ softhsm2-2.6.1/debian/patches/0003-fix-ftbfs-with-opensslv3.patch 2022-05-20 23:14:03.0 +0200 @@ -0,0 +1,1103 @@ +From 643f061e6fbe04552a2c49bd00528e61a9a77064 Mon Sep 17 00:00:00 2001 +From: Alexander Bokovoy +Date: Wed, 26 May 2021 20:03:25 +0300 +Subject: [PATCH 1/4] openssl 3.0: Run DES tests only if OpenSSL allows it + +OpenSSL 3.0 moves DES into a legacy provider which has to be loaded +explicitly. By default, it will not be loaded and DES methods in tests +will fail. Nest test blocks under successful initialization. + +Signed-off-by: Alexander Bokovoy +--- + src/lib/crypto/test/DESTests.cpp | 350 --- + 1 file changed, 182 insertions(+), 168 deletions(-) + +Index: softhsm2-2.6.1/src/lib/crypto/test/DESTests.cpp +=== +--- softhsm2-2.6.1.orig/src/lib/crypto/test/DESTests.cpp softhsm2-2.6.1/src/lib/crypto/test/DESTests.cpp +@@ -259,54 +259,58 @@ + + // Now, do the same thing using our DES implementation + shsmCipherText.wipe(); +- CPPUNIT_ASSERT(des->encryptInit(, SymMode::CBC, IV)); ++ if (des->encryptInit(, SymMode::CBC, IV)) { + +- CPPUNIT_ASSERT(des->encryptUpdate(plainText, OB)); +- shsmCipherText += OB; ++CPPUNIT_ASSERT(des->encryptUpdate(plainText, OB)); ++shsmCipherText += OB; + +- CPPUNIT_ASSERT(des->encryptFinal(OB)); +- shsmCipherText += OB; ++CPPUNIT_ASSERT(des->encryptFinal(OB)); ++shsmCipherText += OB; + +- CPPUNIT_ASSERT(shsmCipherText == cipherText); ++CPPUNIT_ASSERT(shsmCipherText == cipherText); + +- // Check that we can get the plain text +- shsmPlainText.wipe(); +- CPPUNIT_ASSERT(des->decryptInit(, SymMode::CBC, IV)); ++// Check that we can get the plain text ++shsmPlainText.wipe(); ++CPPUNIT_ASSERT(des->decryptInit(, SymMode::CBC, IV)); + +- CPPUNIT_ASSERT(des->decryptUpdate(shsmCipherText, OB)); +- shsmPlainText += OB; ++CPPUNIT_ASSERT(des->decryptUpdate(shsmCipherText, OB)); ++shsmPlainText += OB; + +- CPPUNIT_ASSERT(des->decryptFinal(OB)); +- shsmPlainText += OB; ++CPPUNIT_ASSERT(des->decryptFinal(OB)); ++shsmPlainText += OB; + +- CPPUNIT_ASSERT(shsmPlainText == plainText); ++CPPUNIT_ASSERT(shsmPlainText == plainText); ++ ++ } + + // Test 112-bit key + cipherText = ByteString(testResult[i][j][1]); + + // Now, do the same thing using our DES implementation + shsmCipherText.wipe(); +- CPPUNIT_ASSERT(des->encryptInit(, SymMode::CBC, IV)); ++ if (des->encryptInit(, SymMode::CBC, IV)) { + +- CPPUNIT_ASSERT(des->encryptUpdate(plainText, OB)); +- shsmCipherText += OB; ++CPPUNIT_ASSERT(des->encryptUpdate(plainText, OB)); ++shsmCipherText += OB; + +- CPPUNIT_ASSERT(des->encryptFinal(OB)); +- shsmCipherText += OB; ++CPPUNIT_ASSERT(des->encryptFinal(OB)); ++shsmCipherText += OB; + +- CPPUNIT_ASSERT(shsmCipherText == cipherText); ++CPPUNIT_ASSERT(shsmCipherText == cipherText); + +- // Check that we can get the plain text +- shsmPlainText.wipe(); +- CPPUNIT_ASSERT(des->decryptInit(, SymMode::CBC, IV)); ++// Check that we can get the plain text ++shsmPlainText.wipe(); ++CPPUNIT_ASSERT(des->decryptInit(, SymMode::CBC, IV)); + +- CPPUNIT_ASSERT(des->decryptUpdate(shsmCipherText, OB)); +- shsmPlainText += OB; ++CPPUNIT_ASSERT(des->decryptUpdate(shsmCipherText, OB)); ++shsmPlainText += OB; + +- CPPUNIT_ASSERT(des->decryptFinal(OB)); +- shsmPlainText += OB; ++CPPUNIT_ASSERT(des->decryptFinal(OB)); ++shsmPlainText += OB; ++ ++CPPUNIT_ASSERT(shsmPlainText == plainText); ++ } + +- CPPUNIT_ASSERT(shsmPlainText == plainText); + #endif + + // Test 168-bit key +@@ -314,27 +318,28 @@ + + // Now, do the same thing using our DES implementation + shsmCipherText.wipe(); +- CPPUNIT_ASSERT(des->encryptInit(, SymMode::CBC, IV)); ++ if