Update patches for 0.10.64
Test: ./tools/external_updater/updater.sh
Change-Id: I0c5ee3d39eb1c6214bc1b182ae78b140c70ba24f
diff --git a/patches/0001-cfgs.diff b/patches/0001-cfgs.diff
index 6cc5f29..2cf93c1 100644
--- a/patches/0001-cfgs.diff
+++ b/patches/0001-cfgs.diff
@@ -87,145 +87,6 @@
#[cfg(ossl300)]
pub mod lib_ctx;
pub mod md;
-diff --git a/src/pkey.rs b/src/pkey.rs
-index 7d438eb..7eaf068 100644
---- a/src/pkey.rs
-+++ b/src/pkey.rs
-@@ -47,7 +47,7 @@ use crate::dh::Dh;
- use crate::dsa::Dsa;
- use crate::ec::EcKey;
- use crate::error::ErrorStack;
--#[cfg(ossl110)]
-+#[cfg(any(boringssl, ossl110))]
- use crate::pkey_ctx::PkeyCtx;
- use crate::rsa::Rsa;
- use crate::symm::Cipher;
-@@ -89,11 +89,11 @@ impl Id {
- #[cfg(ossl110)]
- pub const HKDF: Id = Id(ffi::EVP_PKEY_HKDF);
-
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- pub const ED25519: Id = Id(ffi::EVP_PKEY_ED25519);
- #[cfg(ossl111)]
- pub const ED448: Id = Id(ffi::EVP_PKEY_ED448);
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- pub const X25519: Id = Id(ffi::EVP_PKEY_X25519);
- #[cfg(ossl111)]
- pub const X448: Id = Id(ffi::EVP_PKEY_X448);
-@@ -243,7 +243,7 @@ where
- /// This function only works for algorithms that support raw public keys.
- /// Currently this is: [`Id::X25519`], [`Id::ED25519`], [`Id::X448`] or [`Id::ED448`].
- #[corresponds(EVP_PKEY_get_raw_public_key)]
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- pub fn raw_public_key(&self) -> Result<Vec<u8>, ErrorStack> {
- unsafe {
- let mut len = 0;
-@@ -294,7 +294,7 @@ where
- /// This function only works for algorithms that support raw private keys.
- /// Currently this is: [`Id::HMAC`], [`Id::X25519`], [`Id::ED25519`], [`Id::X448`] or [`Id::ED448`].
- #[corresponds(EVP_PKEY_get_raw_private_key)]
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- pub fn raw_private_key(&self) -> Result<Vec<u8>, ErrorStack> {
- unsafe {
- let mut len = 0;
-@@ -475,7 +475,7 @@ impl PKey<Private> {
- ctx.keygen()
- }
-
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- fn generate_eddsa(id: Id) -> Result<PKey<Private>, ErrorStack> {
- let mut ctx = PkeyCtx::new_id(id)?;
- ctx.keygen_init()?;
-@@ -505,7 +505,7 @@ impl PKey<Private> {
- /// assert_eq!(secret.len(), 32);
- /// # Ok(()) }
- /// ```
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- pub fn generate_x25519() -> Result<PKey<Private>, ErrorStack> {
- PKey::generate_eddsa(Id::X25519)
- }
-@@ -559,7 +559,7 @@ impl PKey<Private> {
- /// assert_eq!(signature.len(), 64);
- /// # Ok(()) }
- /// ```
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- pub fn generate_ed25519() -> Result<PKey<Private>, ErrorStack> {
- PKey::generate_eddsa(Id::ED25519)
- }
-@@ -709,7 +709,7 @@ impl PKey<Private> {
- ///
- /// Algorithm types that support raw private keys are HMAC, X25519, ED25519, X448 or ED448
- #[corresponds(EVP_PKEY_new_raw_private_key)]
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- pub fn private_key_from_raw_bytes(
- bytes: &[u8],
- key_type: Id,
-@@ -750,7 +750,7 @@ impl PKey<Public> {
- ///
- /// Algorithm types that support raw public keys are X25519, ED25519, X448 or ED448
- #[corresponds(EVP_PKEY_new_raw_public_key)]
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- pub fn public_key_from_raw_bytes(
- bytes: &[u8],
- key_type: Id,
-diff --git a/src/sign.rs b/src/sign.rs
-index 457ff12..4de8ad0 100644
---- a/src/sign.rs
-+++ b/src/sign.rs
-@@ -290,7 +290,7 @@ impl<'a> Signer<'a> {
- self.len_intern()
- }
-
-- #[cfg(not(ossl111))]
-+ #[cfg(not(any(boringssl, ossl111)))]
- fn len_intern(&self) -> Result<usize, ErrorStack> {
- unsafe {
- let mut len = 0;
-@@ -303,7 +303,7 @@ impl<'a> Signer<'a> {
- }
- }
-
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- fn len_intern(&self) -> Result<usize, ErrorStack> {
- unsafe {
- let mut len = 0;
-@@ -360,7 +360,7 @@ impl<'a> Signer<'a> {
- /// OpenSSL documentation at [`EVP_DigestSign`].
- ///
- /// [`EVP_DigestSign`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestSign.html
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- pub fn sign_oneshot(
- &mut self,
- sig_buf: &mut [u8],
-@@ -382,7 +382,7 @@ impl<'a> Signer<'a> {
- /// Returns the signature.
- ///
- /// This is a simple convenience wrapper over `len` and `sign_oneshot`.
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- pub fn sign_oneshot_to_vec(&mut self, data_buf: &[u8]) -> Result<Vec<u8>, ErrorStack> {
- let mut sig_buf = vec![0; self.len()?];
- let len = self.sign_oneshot(&mut sig_buf, data_buf)?;
-@@ -594,7 +594,7 @@ impl<'a> Verifier<'a> {
- /// OpenSSL documentation at [`EVP_DigestVerify`].
- ///
- /// [`EVP_DigestVerify`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestVerify.html
-- #[cfg(ossl111)]
-+ #[cfg(any(boringssl, ossl111))]
- pub fn verify_oneshot(&mut self, signature: &[u8], buf: &[u8]) -> Result<bool, ErrorStack> {
- unsafe {
- let r = ffi::EVP_DigestVerify(
diff --git a/src/symm.rs b/src/symm.rs
index c75bbc0..beff5fc 100644
--- a/src/symm.rs
diff --git a/patches/0007-cfgs.diff b/patches/0007-cfgs.diff
new file mode 100644
index 0000000..0074303
--- /dev/null
+++ b/patches/0007-cfgs.diff
@@ -0,0 +1,398 @@
+diff --git a/src/cipher.rs b/src/cipher.rs
+index 3926412..6869a4b 100644
+--- a/src/cipher.rs
++++ b/src/cipher.rs
+@@ -350,11 +350,13 @@ impl Cipher {
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_BF"))]
++ #[cfg(not(boringssl))]
+ pub fn bf_cfb64() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_bf_cfb64() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_BF"))]
++ #[cfg(not(boringssl))]
+ pub fn bf_ofb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_bf_ofb() as *mut _) }
+ }
+@@ -400,101 +402,121 @@ impl Cipher {
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia128_cfb128() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_128_cfb128() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia128_ecb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_128_ecb() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia128_cbc() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_128_cbc() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia128_ofb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_128_ofb() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia192_cfb128() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_192_cfb128() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia192_ecb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_192_ecb() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia192_cbc() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_192_cbc() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia192_ofb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_192_ofb() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia256_cfb128() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_256_cfb128() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia256_ecb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_256_ecb() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia256_cbc() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_256_cbc() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia256_ofb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_camellia_256_ofb() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAST"))]
++ #[cfg(not(boringssl))]
+ pub fn cast5_cfb64() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_cast5_cfb64() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAST"))]
++ #[cfg(not(boringssl))]
+ pub fn cast5_ecb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_cast5_ecb() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAST"))]
++ #[cfg(not(boringssl))]
+ pub fn cast5_cbc() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_cast5_cbc() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAST"))]
++ #[cfg(not(boringssl))]
+ pub fn cast5_ofb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_cast5_ofb() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_IDEA"))]
++ #[cfg(not(boringssl))]
+ pub fn idea_cfb64() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_idea_cfb64() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_IDEA"))]
++ #[cfg(not(boringssl))]
+ pub fn idea_ecb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_idea_ecb() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_IDEA"))]
++ #[cfg(not(boringssl))]
+ pub fn idea_cbc() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_idea_cbc() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_IDEA"))]
++ #[cfg(not(boringssl))]
+ pub fn idea_ofb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_idea_ofb() as *mut _) }
+ }
+@@ -510,21 +532,25 @@ impl Cipher {
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_SEED"))]
++ #[cfg(not(boringssl))]
+ pub fn seed_cbc() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_seed_cbc() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_SEED"))]
++ #[cfg(not(boringssl))]
+ pub fn seed_cfb128() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_seed_cfb128() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_SEED"))]
++ #[cfg(not(boringssl))]
+ pub fn seed_ecb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_seed_ecb() as *mut _) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_SEED"))]
++ #[cfg(not(boringssl))]
+ pub fn seed_ofb() -> &'static CipherRef {
+ unsafe { CipherRef::from_ptr(ffi::EVP_seed_ofb() as *mut _) }
+ }
+diff --git a/src/ec.rs b/src/ec.rs
+index 67df38f..578cf51 100644
+--- a/src/ec.rs
++++ b/src/ec.rs
+@@ -196,6 +196,7 @@ impl EcGroupRef {
+ /// using a trinomial or pentanomial.
+ #[corresponds(EC_GROUP_get_curve_GF2m)]
+ #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))]
++ #[cfg(not(boringssl))]
+ pub fn components_gf2m(
+ &self,
+ p: &mut BigNumRef,
+@@ -587,6 +588,7 @@ impl EcPointRef {
+ /// `x` and `y` `BigNum`s
+ #[corresponds(EC_POINT_get_affine_coordinates_GF2m)]
+ #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))]
++ #[cfg(not(boringssl))]
+ pub fn affine_coordinates_gf2m(
+ &self,
+ group: &EcGroupRef,
+diff --git a/src/hash.rs b/src/hash.rs
+index 01d7097..4caa251 100644
+--- a/src/hash.rs
++++ b/src/hash.rs
+@@ -158,6 +158,7 @@ impl MessageDigest {
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_RMD160"))]
++ #[cfg(not(boringssl))]
+ pub fn ripemd160() -> MessageDigest {
+ unsafe { MessageDigest(ffi::EVP_ripemd160()) }
+ }
+diff --git a/src/lib.rs b/src/lib.rs
+index aeae361..42f289b 100644
+--- a/src/lib.rs
++++ b/src/lib.rs
+@@ -148,7 +148,7 @@ pub mod base64;
+ pub mod bn;
+ pub mod cipher;
+ pub mod cipher_ctx;
+-#[cfg(all(not(libressl), not(osslconf = "OPENSSL_NO_CMS")))]
++#[cfg(all(not(libressl), not(osslconf = "OPENSSL_NO_CMS"), not(boringssl)))]
+ pub mod cms;
+ pub mod conf;
+ pub mod derive;
+@@ -174,7 +174,7 @@ pub mod md;
+ pub mod md_ctx;
+ pub mod memcmp;
+ pub mod nid;
+-#[cfg(not(osslconf = "OPENSSL_NO_OCSP"))]
++#[cfg(all(not(osslconf = "OPENSSL_NO_OCSP"), not(boringssl)))]
+ pub mod ocsp;
+ pub mod pkcs12;
+ pub mod pkcs5;
+diff --git a/src/md.rs b/src/md.rs
+index 08e4aac..3ce3c25 100644
+--- a/src/md.rs
++++ b/src/md.rs
+@@ -187,6 +187,7 @@ impl Md {
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_RMD160"))]
++ #[cfg(not(boringssl))]
+ #[inline]
+ pub fn ripemd160() -> &'static MdRef {
+ unsafe { MdRef::from_ptr(ffi::EVP_ripemd160() as *mut _) }
+diff --git a/src/symm.rs b/src/symm.rs
+index 4d69996..23b9ce4 100644
+--- a/src/symm.rs
++++ b/src/symm.rs
+@@ -256,11 +256,13 @@ impl Cipher {
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_BF"))]
++ #[cfg(not(boringssl))]
+ pub fn bf_cfb64() -> Cipher {
+ unsafe { Cipher(ffi::EVP_bf_cfb64()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_BF"))]
++ #[cfg(not(boringssl))]
+ pub fn bf_ofb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_bf_ofb()) }
+ }
+@@ -306,81 +308,97 @@ impl Cipher {
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_128_cbc() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_128_cbc()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_128_ecb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_128_ecb()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_128_ofb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_128_ofb()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_128_cfb128() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_128_cfb128()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_192_cbc() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_192_cbc()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_192_ecb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_192_ecb()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_192_ofb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_192_ofb()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_192_cfb128() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_192_cfb128()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_256_cbc() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_256_cbc()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_256_ecb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_256_ecb()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_256_ofb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_256_ofb()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAMELLIA"))]
++ #[cfg(not(boringssl))]
+ pub fn camellia_256_cfb128() -> Cipher {
+ unsafe { Cipher(ffi::EVP_camellia_256_cfb128()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAST"))]
++ #[cfg(not(boringssl))]
+ pub fn cast5_cbc() -> Cipher {
+ unsafe { Cipher(ffi::EVP_cast5_cbc()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAST"))]
++ #[cfg(not(boringssl))]
+ pub fn cast5_ecb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_cast5_ecb()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAST"))]
++ #[cfg(not(boringssl))]
+ pub fn cast5_ofb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_cast5_ofb()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_CAST"))]
++ #[cfg(not(boringssl))]
+ pub fn cast5_cfb64() -> Cipher {
+ unsafe { Cipher(ffi::EVP_cast5_cfb64()) }
+ }
+@@ -398,41 +416,49 @@ impl Cipher {
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_IDEA"))]
++ #[cfg(not(boringssl))]
+ pub fn idea_cbc() -> Cipher {
+ unsafe { Cipher(ffi::EVP_idea_cbc()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_IDEA"))]
++ #[cfg(not(boringssl))]
+ pub fn idea_ecb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_idea_ecb()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_IDEA"))]
++ #[cfg(not(boringssl))]
+ pub fn idea_ofb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_idea_ofb()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_IDEA"))]
++ #[cfg(not(boringssl))]
+ pub fn idea_cfb64() -> Cipher {
+ unsafe { Cipher(ffi::EVP_idea_cfb64()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_SEED"))]
++ #[cfg(not(boringssl))]
+ pub fn seed_cbc() -> Cipher {
+ unsafe { Cipher(ffi::EVP_seed_cbc()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_SEED"))]
++ #[cfg(not(boringssl))]
+ pub fn seed_cfb128() -> Cipher {
+ unsafe { Cipher(ffi::EVP_seed_cfb128()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_SEED"))]
++ #[cfg(not(boringssl))]
+ pub fn seed_ecb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_seed_ecb()) }
+ }
+
+ #[cfg(not(osslconf = "OPENSSL_NO_SEED"))]
++ #[cfg(not(boringssl))]
+ pub fn seed_ofb() -> Cipher {
+ unsafe { Cipher(ffi::EVP_seed_ofb()) }
+ }
diff --git a/patches/0007-pkey_ctx-hkdf.patch b/patches/0007-pkey_ctx-hkdf.patch
deleted file mode 100644
index 6655f0c..0000000
--- a/patches/0007-pkey_ctx-hkdf.patch
+++ /dev/null
@@ -1,89 +0,0 @@
-diff --git a/src/pkey.rs b/src/pkey.rs
-index ebab5fb..21ba711 100644
---- a/src/pkey.rs
-+++ b/src/pkey.rs
-@@ -86,7 +86,7 @@ impl Id {
- pub const DH: Id = Id(ffi::EVP_PKEY_DH);
- pub const EC: Id = Id(ffi::EVP_PKEY_EC);
-
-- #[cfg(ossl110)]
-+ #[cfg(any(boringssl, ossl110))]
- pub const HKDF: Id = Id(ffi::EVP_PKEY_HKDF);
-
- #[cfg(any(boringssl, ossl111))]
-diff --git a/src/pkey_ctx.rs b/src/pkey_ctx.rs
-index f79372f..3d4203f 100644
---- a/src/pkey_ctx.rs
-+++ b/src/pkey_ctx.rs
-@@ -470,7 +470,7 @@ impl<T> PkeyCtxRef<T> {
- ///
- /// Requires OpenSSL 1.1.0 or newer.
- #[corresponds(EVP_PKEY_CTX_set_hkdf_md)]
-- #[cfg(ossl110)]
-+ #[cfg(any(ossl110, boringssl))]
- #[inline]
- pub fn set_hkdf_md(&mut self, digest: &MdRef) -> Result<(), ErrorStack> {
- unsafe {
-@@ -503,10 +503,13 @@ impl<T> PkeyCtxRef<T> {
- ///
- /// Requires OpenSSL 1.1.0 or newer.
- #[corresponds(EVP_PKEY_CTX_set1_hkdf_key)]
-- #[cfg(ossl110)]
-+ #[cfg(any(ossl110, boringssl))]
- #[inline]
- pub fn set_hkdf_key(&mut self, key: &[u8]) -> Result<(), ErrorStack> {
-+ #[cfg(not(boringssl))]
- let len = c_int::try_from(key.len()).unwrap();
-+ #[cfg(boringssl)]
-+ let len = key.len();
-
- unsafe {
- cvt(ffi::EVP_PKEY_CTX_set1_hkdf_key(
-@@ -523,10 +526,13 @@ impl<T> PkeyCtxRef<T> {
- ///
- /// Requires OpenSSL 1.1.0 or newer.
- #[corresponds(EVP_PKEY_CTX_set1_hkdf_salt)]
-- #[cfg(ossl110)]
-+ #[cfg(any(ossl110, boringssl))]
- #[inline]
- pub fn set_hkdf_salt(&mut self, salt: &[u8]) -> Result<(), ErrorStack> {
-+ #[cfg(not(boringssl))]
- let len = c_int::try_from(salt.len()).unwrap();
-+ #[cfg(boringssl)]
-+ let len = salt.len();
-
- unsafe {
- cvt(ffi::EVP_PKEY_CTX_set1_hkdf_salt(
-@@ -543,10 +549,13 @@ impl<T> PkeyCtxRef<T> {
- ///
- /// Requires OpenSSL 1.1.0 or newer.
- #[corresponds(EVP_PKEY_CTX_add1_hkdf_info)]
-- #[cfg(ossl110)]
-+ #[cfg(any(ossl110, boringssl))]
- #[inline]
- pub fn add_hkdf_info(&mut self, info: &[u8]) -> Result<(), ErrorStack> {
-+ #[cfg(not(boringssl))]
- let len = c_int::try_from(info.len()).unwrap();
-+ #[cfg(boringssl)]
-+ let len = info.len();
-
- unsafe {
- cvt(ffi::EVP_PKEY_CTX_add1_hkdf_info(
-@@ -604,7 +613,7 @@ mod test {
- #[cfg(not(boringssl))]
- use crate::cipher::Cipher;
- use crate::ec::{EcGroup, EcKey};
-- #[cfg(any(ossl102, libressl310))]
-+ #[cfg(any(ossl102, libressl310, boringssl))]
- use crate::md::Md;
- use crate::nid::Nid;
- use crate::pkey::PKey;
-@@ -689,7 +698,7 @@ mod test {
- }
-
- #[test]
-- #[cfg(ossl110)]
-+ #[cfg(any(ossl110, boringssl))]
- fn hkdf() {
- let mut ctx = PkeyCtx::new_id(Id::HKDF).unwrap();
- ctx.derive_init().unwrap();
diff --git a/patches/0008-rsa-dsa-etc.patch b/patches/0008-rsa-dsa-etc.patch
deleted file mode 100644
index 7dcfacb..0000000
--- a/patches/0008-rsa-dsa-etc.patch
+++ /dev/null
@@ -1,95 +0,0 @@
-diff --git a/src/asn1.rs b/src/asn1.rs
-index b02f9ac..939a173 100644
---- a/src/asn1.rs
-+++ b/src/asn1.rs
-@@ -651,7 +651,7 @@ impl fmt::Debug for Asn1ObjectRef {
- }
-
- cfg_if! {
-- if #[cfg(any(ossl110, libressl273))] {
-+ if #[cfg(any(ossl110, libressl273, boringssl))] {
- use ffi::ASN1_STRING_get0_data;
- } else {
- #[allow(bad_style)]
-diff --git a/src/dsa.rs b/src/dsa.rs
-index 5f59ba8..0aceeb5 100644
---- a/src/dsa.rs
-+++ b/src/dsa.rs
-@@ -7,6 +7,7 @@
-
- use cfg_if::cfg_if;
- use foreign_types::{ForeignType, ForeignTypeRef};
-+#[cfg(not(boringssl))]
- use libc::c_int;
- use std::fmt;
- use std::mem;
-@@ -283,7 +284,7 @@ impl<T> fmt::Debug for Dsa<T> {
- }
-
- cfg_if! {
-- if #[cfg(any(ossl110, libressl273))] {
-+ if #[cfg(any(ossl110, libressl273, boringssl))] {
- use ffi::{DSA_get0_key, DSA_get0_pqg, DSA_set0_key, DSA_set0_pqg};
- } else {
- #[allow(bad_style)]
-@@ -462,7 +463,7 @@ impl DsaSigRef {
- }
-
- cfg_if! {
-- if #[cfg(any(ossl110, libressl273))] {
-+ if #[cfg(any(ossl110, libressl273, boringssl))] {
- use ffi::{DSA_SIG_set0, DSA_SIG_get0};
- } else {
- #[allow(bad_style)]
-diff --git a/src/ecdsa.rs b/src/ecdsa.rs
-index 0a960e7..f3b27b3 100644
---- a/src/ecdsa.rs
-+++ b/src/ecdsa.rs
-@@ -110,7 +110,7 @@ impl EcdsaSigRef {
- }
-
- cfg_if! {
-- if #[cfg(any(ossl110, libressl273))] {
-+ if #[cfg(any(ossl110, libressl273, boringssl))] {
- use ffi::{ECDSA_SIG_set0, ECDSA_SIG_get0};
- } else {
- #[allow(bad_style)]
-diff --git a/src/hash.rs b/src/hash.rs
-index 8e27505..7f6fa89 100644
---- a/src/hash.rs
-+++ b/src/hash.rs
-@@ -43,7 +43,7 @@ use crate::nid::Nid;
- use crate::{cvt, cvt_p};
-
- cfg_if! {
-- if #[cfg(ossl110)] {
-+ if #[cfg(any(ossl110, boringssl))] {
- use ffi::{EVP_MD_CTX_free, EVP_MD_CTX_new};
- } else {
- use ffi::{EVP_MD_CTX_create as EVP_MD_CTX_new, EVP_MD_CTX_destroy as EVP_MD_CTX_free};
-diff --git a/src/md_ctx.rs b/src/md_ctx.rs
-index c4d3f06..156f3c2 100644
---- a/src/md_ctx.rs
-+++ b/src/md_ctx.rs
-@@ -93,7 +93,7 @@ use std::convert::TryFrom;
- use std::ptr;
-
- cfg_if! {
-- if #[cfg(ossl110)] {
-+ if #[cfg(any(ossl110, boringssl))] {
- use ffi::{EVP_MD_CTX_free, EVP_MD_CTX_new};
- } else {
- use ffi::{EVP_MD_CTX_create as EVP_MD_CTX_new, EVP_MD_CTX_destroy as EVP_MD_CTX_free};
-diff --git a/src/rsa.rs b/src/rsa.rs
-index 68cf64b..f155b12 100644
---- a/src/rsa.rs
-+++ b/src/rsa.rs
-@@ -581,7 +581,7 @@ impl<T> fmt::Debug for Rsa<T> {
- }
-
- cfg_if! {
-- if #[cfg(any(ossl110, libressl273))] {
-+ if #[cfg(any(ossl110, libressl273, boringssl))] {
- use ffi::{
- RSA_get0_key, RSA_get0_factors, RSA_get0_crt_params, RSA_set0_key, RSA_set0_factors,
- RSA_set0_crt_params,
diff --git a/patches/0009-type-safety-fix.diff b/patches/0009-type-safety-fix.diff
deleted file mode 100644
index a21da62..0000000
--- a/patches/0009-type-safety-fix.diff
+++ /dev/null
@@ -1,26 +0,0 @@
-diff --git a/src/x509/store.rs b/src/x509/store.rs
-index a685fa1..418a8f2 100644
---- a/src/x509/store.rs
-+++ b/src/x509/store.rs
-@@ -156,7 +156,9 @@ impl X509Lookup<HashDir> {
- /// directory.
- #[corresponds(X509_LOOKUP_hash_dir)]
- pub fn hash_dir() -> &'static X509LookupMethodRef<HashDir> {
-- unsafe { X509LookupMethodRef::from_ptr(ffi::X509_LOOKUP_hash_dir()) }
-+ // `*mut` cast is needed because BoringSSL returns a `*const`. This is
-+ // ok because we only return an immutable reference.
-+ unsafe { X509LookupMethodRef::from_ptr(ffi::X509_LOOKUP_hash_dir() as *mut _) }
- }
- }
-
-@@ -188,7 +190,9 @@ impl X509Lookup<File> {
- /// into memory at the time the file is added as a lookup source.
- #[corresponds(X509_LOOKUP_file)]
- pub fn file() -> &'static X509LookupMethodRef<File> {
-- unsafe { X509LookupMethodRef::from_ptr(ffi::X509_LOOKUP_file()) }
-+ // `*mut` cast is needed because BoringSSL returns a `*const`. This is
-+ // ok because we only return an immutable reference.
-+ unsafe { X509LookupMethodRef::from_ptr(ffi::X509_LOOKUP_file() as *mut _) }
- }
- }
-
diff --git a/patches/0010-type-safety-fix.diff b/patches/0010-type-safety-fix.diff
deleted file mode 100644
index a3173b4..0000000
--- a/patches/0010-type-safety-fix.diff
+++ /dev/null
@@ -1,67 +0,0 @@
-diff --git a/src/lib.rs b/src/lib.rs
-index e8d07d8..cfc6efc 100644
---- a/src/lib.rs
-+++ b/src/lib.rs
-@@ -210,6 +210,15 @@ fn cvt_p<T>(r: *mut T) -> Result<*mut T, ErrorStack> {
- }
- }
-
-+#[inline]
-+fn cvt_p_const<T>(r: *const T) -> Result<*const T, ErrorStack> {
-+ if r.is_null() {
-+ Err(ErrorStack::get())
-+ } else {
-+ Ok(r)
-+ }
-+}
-+
- #[inline]
- fn cvt(r: c_int) -> Result<c_int, ErrorStack> {
- if r <= 0 {
-diff --git a/src/x509/mod.rs b/src/x509/mod.rs
-index a03a8aa..40e5022 100644
---- a/src/x509/mod.rs
-+++ b/src/x509/mod.rs
-@@ -35,7 +35,7 @@ use crate::ssl::SslRef;
- use crate::stack::{Stack, StackRef, Stackable};
- use crate::string::OpensslString;
- use crate::util::{ForeignTypeExt, ForeignTypeRefExt};
--use crate::{cvt, cvt_n, cvt_p};
-+use crate::{cvt, cvt_n, cvt_p, cvt_p_const};
- use openssl_macros::corresponds;
-
- #[cfg(any(ossl102, libressl261))]
-diff --git a/src/x509/store.rs b/src/x509/store.rs
-index 418a8f2..2219cfc 100644
---- a/src/x509/store.rs
-+++ b/src/x509/store.rs
-@@ -49,6 +49,7 @@ use crate::error::ErrorStack;
- #[cfg(not(boringssl))]
- use crate::ssl::SslFiletype;
- use crate::stack::StackRef;
-+use crate::util::ForeignTypeRefExt;
- #[cfg(any(ossl102, libressl261))]
- use crate::x509::verify::{X509VerifyFlags, X509VerifyParamRef};
- use crate::x509::{X509Object, X509};
-@@ -156,9 +157,7 @@ impl X509Lookup<HashDir> {
- /// directory.
- #[corresponds(X509_LOOKUP_hash_dir)]
- pub fn hash_dir() -> &'static X509LookupMethodRef<HashDir> {
-- // `*mut` cast is needed because BoringSSL returns a `*const`. This is
-- // ok because we only return an immutable reference.
-- unsafe { X509LookupMethodRef::from_ptr(ffi::X509_LOOKUP_hash_dir() as *mut _) }
-+ unsafe { X509LookupMethodRef::from_const_ptr(ffi::X509_LOOKUP_hash_dir()) }
- }
- }
-
-@@ -190,9 +189,7 @@ impl X509Lookup<File> {
- /// into memory at the time the file is added as a lookup source.
- #[corresponds(X509_LOOKUP_file)]
- pub fn file() -> &'static X509LookupMethodRef<File> {
-- // `*mut` cast is needed because BoringSSL returns a `*const`. This is
-- // ok because we only return an immutable reference.
-- unsafe { X509LookupMethodRef::from_ptr(ffi::X509_LOOKUP_file() as *mut _) }
-+ unsafe { X509LookupMethodRef::from_const_ptr(ffi::X509_LOOKUP_file()) }
- }
- }
-
diff --git a/patches/bssl-update-apr23.diff b/patches/bssl-update-apr23.diff
deleted file mode 100644
index edb9f80..0000000
--- a/patches/bssl-update-apr23.diff
+++ /dev/null
@@ -1,68 +0,0 @@
-diff --git a/src/x509/mod.rs b/src/x509/mod.rs
-index 45f2467..a03a8aa 100644
---- a/src/x509/mod.rs
-+++ b/src/x509/mod.rs
-@@ -893,13 +893,13 @@ impl X509NameBuilder {
- pub fn append_entry_by_text(&mut self, field: &str, value: &str) -> Result<(), ErrorStack> {
- unsafe {
- let field = CString::new(field).unwrap();
-- assert!(value.len() <= c_int::max_value() as usize);
-+ assert!(value.len() <= isize::max_value() as usize);
- cvt(ffi::X509_NAME_add_entry_by_txt(
- self.0.as_ptr(),
- field.as_ptr() as *mut _,
- ffi::MBSTRING_UTF8,
- value.as_ptr(),
-- value.len() as c_int,
-+ value.len() as isize,
- -1,
- 0,
- ))
-@@ -920,13 +920,13 @@ impl X509NameBuilder {
- ) -> Result<(), ErrorStack> {
- unsafe {
- let field = CString::new(field).unwrap();
-- assert!(value.len() <= c_int::max_value() as usize);
-+ assert!(value.len() <= isize::max_value() as usize);
- cvt(ffi::X509_NAME_add_entry_by_txt(
- self.0.as_ptr(),
- field.as_ptr() as *mut _,
- ty.as_raw(),
- value.as_ptr(),
-- value.len() as c_int,
-+ value.len() as isize,
- -1,
- 0,
- ))
-@@ -941,13 +941,13 @@ impl X509NameBuilder {
- /// [`X509_NAME_add_entry_by_NID`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_NAME_add_entry_by_NID.html
- pub fn append_entry_by_nid(&mut self, field: Nid, value: &str) -> Result<(), ErrorStack> {
- unsafe {
-- assert!(value.len() <= c_int::max_value() as usize);
-+ assert!(value.len() <= isize::max_value() as usize);
- cvt(ffi::X509_NAME_add_entry_by_NID(
- self.0.as_ptr(),
- field.as_raw(),
- ffi::MBSTRING_UTF8,
- value.as_ptr() as *mut _,
-- value.len() as c_int,
-+ value.len() as isize,
- -1,
- 0,
- ))
-@@ -967,13 +967,13 @@ impl X509NameBuilder {
- ty: Asn1Type,
- ) -> Result<(), ErrorStack> {
- unsafe {
-- assert!(value.len() <= c_int::max_value() as usize);
-+ assert!(value.len() <= isize::max_value() as usize);
- cvt(ffi::X509_NAME_add_entry_by_NID(
- self.0.as_ptr(),
- field.as_raw(),
- ty.as_raw(),
- value.as_ptr() as *mut _,
-- value.len() as c_int,
-+ value.len() as isize,
- -1,
- 0,
- ))
diff --git a/patches/bssl-update.diff b/patches/bssl-update.diff
deleted file mode 100644
index 2eea3ce..0000000
--- a/patches/bssl-update.diff
+++ /dev/null
@@ -1,60 +0,0 @@
-diff --git a/src/bio.rs b/src/bio.rs
-index 6a72552..0324218 100644
---- a/src/bio.rs
-+++ b/src/bio.rs
-@@ -4,7 +4,7 @@ use std::marker::PhantomData;
- use std::ptr;
- use std::slice;
-
--use crate::cvt_p;
-+use crate::{cvt_p, SignedLenType};
- use crate::error::ErrorStack;
-
- pub struct MemBioSlice<'a>(*mut ffi::BIO, PhantomData<&'a [u8]>);
-@@ -25,7 +25,7 @@ impl<'a> MemBioSlice<'a> {
- let bio = unsafe {
- cvt_p(BIO_new_mem_buf(
- buf.as_ptr() as *const _,
-- buf.len() as c_int,
-+ buf.len() as SignedLenType,
- ))?
- };
-
-@@ -78,7 +78,7 @@ cfg_if! {
- use ffi::BIO_new_mem_buf;
- } else {
- #[allow(bad_style)]
-- unsafe fn BIO_new_mem_buf(buf: *const ::libc::c_void, len: ::libc::c_int) -> *mut ffi::BIO {
-+ unsafe fn BIO_new_mem_buf(buf: *const ::libc::c_void, len: SignedLenType) -> *mut ffi::BIO {
- ffi::BIO_new_mem_buf(buf as *mut _, len)
- }
- }
-diff --git a/src/dh.rs b/src/dh.rs
-index 12170b9..e781543 100644
---- a/src/dh.rs
-+++ b/src/dh.rs
-@@ -239,7 +239,7 @@ where
- }
-
- cfg_if! {
-- if #[cfg(any(ossl110, libressl270))] {
-+ if #[cfg(any(ossl110, libressl270, boringssl))] {
- use ffi::{DH_set0_pqg, DH_get0_pqg, DH_get0_key, DH_set0_key};
- } else {
- #[allow(bad_style)]
-diff --git a/src/lib.rs b/src/lib.rs
-index f149bfd..e8d07d8 100644
---- a/src/lib.rs
-+++ b/src/lib.rs
-@@ -196,6 +196,11 @@ type LenType = libc::size_t;
- #[cfg(not(boringssl))]
- type LenType = libc::c_int;
-
-+#[cfg(boringssl)]
-+type SignedLenType = libc::ssize_t;
-+#[cfg(not(boringssl))]
-+type SignedLenType = libc::c_int;
-+
- #[inline]
- fn cvt_p<T>(r: *mut T) -> Result<*mut T, ErrorStack> {
- if r.is_null() {
diff --git a/patches/bssl_to_vec_padded.diff b/patches/bssl_to_vec_padded.diff
deleted file mode 100644
index 2782d50..0000000
--- a/patches/bssl_to_vec_padded.diff
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git a/src/bn.rs b/src/bn.rs
-index 1cd00dd..dbd7ae9 100644
---- a/src/bn.rs
-+++ b/src/bn.rs
-@@ -814,7 +814,7 @@ impl BigNumRef {
- /// assert_eq!(&bn_vec, &[0, 0, 0x45, 0x43]);
- /// ```
- #[corresponds(BN_bn2binpad)]
-- #[cfg(ossl110)]
-+ #[cfg(any(boringssl, ossl110))]
- pub fn to_vec_padded(&self, pad_to: i32) -> Result<Vec<u8>, ErrorStack> {
- let mut v = Vec::with_capacity(pad_to as usize);
- unsafe {
