From b4ee910b25c78471d3f2aa92d0dc2e11f0980c05 Mon Sep 17 00:00:00 2001
From: Raven <raven@sysadmins.ws>
Date: Thu, 5 Sep 2024 10:34:25 +0600
Subject: [PATCH] openssl3: update to 3.0.15

---
 base/openssl3/0045-FIPS-services-minimize.patch        | 10 +++++-----
 .../0071-AES-GCM-performance-optimization.patch        |  4 ++--
 base/openssl3/0079-Fix-AES-GCM-on-Power-8-CPUs.patch   |  3 ++-
 base/openssl3/openssl3.spec                            |  5 ++++-
 4 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/base/openssl3/0045-FIPS-services-minimize.patch b/base/openssl3/0045-FIPS-services-minimize.patch
index e8e6fd9..c3a19c1 100644
--- a/base/openssl3/0045-FIPS-services-minimize.patch
+++ b/base/openssl3/0045-FIPS-services-minimize.patch
@@ -627,7 +627,7 @@ diff -up openssl-3.0.1/test/recipes/80-test_ssl_old.t.fipsmin3 openssl-3.0.1/tes
 diff -up openssl-3.0.1/test/endecode_test.c.fipsmin3 openssl-3.0.1/test/endecode_test.c
 --- openssl-3.0.1/test/endecode_test.c.fipsmin3	2022-05-06 16:25:57.296926271 +0200
 +++ openssl-3.0.1/test/endecode_test.c	2022-05-06 16:27:42.712850840 +0200
-@@ -1387,6 +1387,7 @@ int setup_tests(void)
+@@ -1410,6 +1410,7 @@
           * so no legacy tests.
           */
  #endif
@@ -635,7 +635,7 @@ diff -up openssl-3.0.1/test/endecode_test.c.fipsmin3 openssl-3.0.1/test/endecode
  #ifndef OPENSSL_NO_DSA
          ADD_TEST_SUITE(DSA);
          ADD_TEST_SUITE_PARAMS(DSA);
-@@ -1397,6 +1398,7 @@ int setup_tests(void)
+@@ -1420,6 +1421,7 @@
          ADD_TEST_SUITE_PROTECTED_PVK(DSA);
  # endif
  #endif
@@ -643,9 +643,9 @@ diff -up openssl-3.0.1/test/endecode_test.c.fipsmin3 openssl-3.0.1/test/endecode
  #ifndef OPENSSL_NO_EC
          ADD_TEST_SUITE(EC);
          ADD_TEST_SUITE_PARAMS(EC);
-@@ -1411,10 +1413,12 @@ int setup_tests(void)
-         ADD_TEST_SUITE(ECExplicitTri2G);
-         ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
+@@ -1440,10 +1442,12 @@
+             ADD_TEST_SUITE(SM2);
+         }
  # endif
 +    if (is_fips == 0) {
          ADD_TEST_SUITE(ED25519);
diff --git a/base/openssl3/0071-AES-GCM-performance-optimization.patch b/base/openssl3/0071-AES-GCM-performance-optimization.patch
index edf40ec..3b641ef 100644
--- a/base/openssl3/0071-AES-GCM-performance-optimization.patch
+++ b/base/openssl3/0071-AES-GCM-performance-optimization.patch
@@ -1468,7 +1468,7 @@ diff --git a/include/crypto/aes_platform.h b/include/crypto/aes_platform.h
 index e95ad5a..0c281a3 100644
 --- a/include/crypto/aes_platform.h
 +++ b/include/crypto/aes_platform.h
-@@ -74,6 +74,26 @@ void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
+@@ -75,6 +75,26 @@
  #   define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
  #   define HWAES_xts_encrypt aes_p8_xts_encrypt
  #   define HWAES_xts_decrypt aes_p8_xts_decrypt
@@ -1492,9 +1492,9 @@ index e95ad5a..0c281a3 100644
 +#   define AES_GCM_ASM(gctx) ((gctx)->ctr==aes_p8_ctr32_encrypt_blocks && \
 +                              (gctx)->gcm.ghash==gcm_ghash_p8)
 +void gcm_ghash_p8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len);
+ #   endif /* OPENSSL_SYS_MACOSX */
  #  endif /* PPC */
  
- #  if (defined(__arm__) || defined(__arm) || defined(__aarch64__))
 diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw.c b/providers/implementations/ciphers/cipher_aes_gcm_hw.c
 index 44fa9d4..789ec12 100644
 --- a/providers/implementations/ciphers/cipher_aes_gcm_hw.c
diff --git a/base/openssl3/0079-Fix-AES-GCM-on-Power-8-CPUs.patch b/base/openssl3/0079-Fix-AES-GCM-on-Power-8-CPUs.patch
index 05c642e..1eb3e61 100644
--- a/base/openssl3/0079-Fix-AES-GCM-on-Power-8-CPUs.patch
+++ b/base/openssl3/0079-Fix-AES-GCM-on-Power-8-CPUs.patch
@@ -18,7 +18,7 @@ diff --git a/include/crypto/aes_platform.h b/include/crypto/aes_platform.h
 index 0c281a366a..6830bad0e9 100644
 --- a/include/crypto/aes_platform.h
 +++ b/include/crypto/aes_platform.h
-@@ -83,16 +83,8 @@ size_t ppc_aes_gcm_encrypt(const unsigned char *in, unsigned char *out,
+@@ -84,16 +84,8 @@
  size_t ppc_aes_gcm_decrypt(const unsigned char *in, unsigned char *out,
                             size_t len, const void *key, unsigned char ivec[16],
                             u64 *Xi);
@@ -35,6 +35,7 @@ index 0c281a366a..6830bad0e9 100644
 +#   define AES_GCM_ASM_PPC(gctx) ((gctx)->ctr==aes_p8_ctr32_encrypt_blocks && \
 +                                 (gctx)->gcm.ghash==gcm_ghash_p8)
  void gcm_ghash_p8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len);
+ #   endif /* OPENSSL_SYS_MACOSX */
  #  endif /* PPC */
  
 diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc b/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc
diff --git a/base/openssl3/openssl3.spec b/base/openssl3/openssl3.spec
index 885f221..e558e81 100644
--- a/base/openssl3/openssl3.spec
+++ b/base/openssl3/openssl3.spec
@@ -20,7 +20,7 @@
 
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl3
-Version: 3.0.14
+Version: 3.0.15
 Release: 1%{?dist}
 Epoch: 1
 
@@ -541,6 +541,9 @@ rm -f %{buildroot}%{_bindir}/{make,renew}-dummy-cert
 %ldconfig_scriptlets libs
 
 %changelog
+* Thu Sep  5 2024 Raven <raven@sysadmins.ws> - 1:3.0.15-1
+- update to 3.0.15
+
 * Fri Jun  7 2024 Raven <raven@sysadmins.ws> - 1:3.0.14-1
 - update to 3.0.14