commit 72c1f2b4fde0477c9e1d02803fe8c5ffef116f42
author Serge Bazanski <serge@monogon.tech> Tue Jun 04 13:42:48 2024 +0000
committer Serge Bazanski <serge@monogon.tech> Tue Jun 11 17:01:21 2024 +0000
tree 1b7ef9cd58d07415af303a392e221e8844ec1618
parent 00986a95f02c76d1a5691170ddc7688a48c880aa

third_party: add boringssl, libtpms, swtpm

This isn't yet used, but will soon be used as the main swtpm
implementation (instead of whatever is provided by the ambient
environment and/or sandbox).

Change-Id: I8c8cc7fd7841f10e14d6390595805a8b905d4f4e
Reviewed-on: https://review.monogon.dev/c/monogon/+/3127
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Tested-by: Jenkins CI

third_party/libtpms/patches/0002-boringssl-compat-removed-const_DES_cblock.patch

diff --git a/third_party/libtpms/patches/0002-boringssl-compat-removed-const_DES_cblock.patch b/third_party/libtpms/patches/0002-boringssl-compat-removed-const_DES_cblock.patch
new file mode 100644
index 0000000..555ded5
--- /dev/null
+++ b/third_party/libtpms/patches/0002-boringssl-compat-removed-const_DES_cblock.patch
@@ -0,0 +1,54 @@
+From 42c0bd4522b06361bdbbb1fec182bdc363db9982 Mon Sep 17 00:00:00 2001
+From: Serge Bazanski <serge@monogon.tech>
+Date: Tue, 4 Jun 2024 12:58:37 +0200
+Subject: [PATCH 2/6] boringssl compat: removed const_DES_cblock
+
+This was some kind of hack for GCC 2.8.1 that never made it into
+BoringSSL.
+---
+ src/tpm2/crypto/openssl/TpmToOsslDesSupport.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/tpm2/crypto/openssl/TpmToOsslDesSupport.c b/src/tpm2/crypto/openssl/TpmToOsslDesSupport.c
+index d27aad2..9f972d6 100644
+--- a/src/tpm2/crypto/openssl/TpmToOsslDesSupport.c
++++ b/src/tpm2/crypto/openssl/TpmToOsslDesSupport.c
+@@ -78,14 +78,14 @@ TDES_set_encrypt_key(
+ 		     tpmKeyScheduleTDES          *keySchedule
+ 		     )
+ {
+-    DES_set_key_unchecked((const_DES_cblock *)key, &keySchedule[0]);
+-    DES_set_key_unchecked((const_DES_cblock *)&key[8], &keySchedule[1]);
++    DES_set_key_unchecked((const DES_cblock *)key, &keySchedule[0]);
++    DES_set_key_unchecked((const DES_cblock *)&key[8], &keySchedule[1]);
+     // If is two-key, copy the schedule for K1 into K3, otherwise, compute the
+     // the schedule for K3
+     if(keySizeInBits == 128)
+ 	keySchedule[2] = keySchedule[0];
+     else
+-	DES_set_key_unchecked((const_DES_cblock *)&key[16],
++	DES_set_key_unchecked((const DES_cblock *)&key[16],
+ 			      &keySchedule[2]);
+ }
+ /* B.2.3.1.3.2. TDES_encyrpt() */
+@@ -97,7 +97,7 @@ void TDES_encrypt(
+ 		  tpmKeyScheduleTDES      *ks
+ 		  )
+ {
+-    DES_ecb3_encrypt((const_DES_cblock *)in, (DES_cblock *)out,
++    DES_ecb3_encrypt((const DES_cblock *)in, (DES_cblock *)out,
+ 		     &ks[0], &ks[1], &ks[2],
+ 		     DES_ENCRYPT);
+ }
+@@ -111,7 +111,7 @@ void TDES_decrypt(
+ 		  tpmKeyScheduleTDES   *ks
+ 		  )
+ {
+-    DES_ecb3_encrypt((const_DES_cblock *)in, (DES_cblock *)out,
++    DES_ecb3_encrypt((const DES_cblock *)in, (DES_cblock *)out,
+ 		     &ks[0], &ks[1], &ks[2],
+ 		     DES_DECRYPT);
+ }
+-- 
+2.42.0
+