From daf00da73ab917e4d4581e3aa00c0ee61e0cc58b Mon Sep 17 00:00:00 2001
From: Aleksandar Fabijanic <aleks-f@users.noreply.github.com>
Date: Thu, 8 Mar 2018 09:10:25 -0600
Subject: [PATCH 1/5] Update .gitmodules

---
 .gitmodules | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.gitmodules b/.gitmodules
index a6847177c0..f69cfb292b 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,6 +1,8 @@
 [submodule "openssl"]
 	path = openssl
 	url = https://github.com/pocoproject/openssl
+	branch = master
+
 [submodule "gradle"]
 	path = gradle
 	url = https://github.com/pocoproject/gradle

From cc37a2eac6a797a7afa5fc0086c3cf5eecf65875 Mon Sep 17 00:00:00 2001
From: Dariusz Ozygala <dariusz.ozygala@explaineverything.com>
Date: Mon, 21 May 2018 16:06:15 +0200
Subject: [PATCH 2/5] BorringSSL Fork

---
 .gitmodules                    |  5 ----
 Crypto/src/CipherKeyImpl.cpp   |  8 ++++---
 Crypto/src/DigestEngine.cpp    | 12 ++++++++--
 Crypto/src/PKCS12Container.cpp | 37 +++++++++++++++-------------
 Crypto/src/RSACipherImpl.cpp   |  7 +++++-
 NetSSL_OpenSSL/src/Context.cpp | 44 ++++++++++++++++++++++++----------
 openssl                        |  1 -
 7 files changed, 73 insertions(+), 41 deletions(-)
 delete mode 160000 openssl

diff --git a/.gitmodules b/.gitmodules
index f69cfb292b..02cb217608 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,8 +1,3 @@
-[submodule "openssl"]
-	path = openssl
-	url = https://github.com/pocoproject/openssl
-	branch = master
-
 [submodule "gradle"]
 	path = gradle
 	url = https://github.com/pocoproject/gradle
diff --git a/Crypto/src/CipherKeyImpl.cpp b/Crypto/src/CipherKeyImpl.cpp
index 0bd8c2c329..652271c349 100644
--- a/Crypto/src/CipherKeyImpl.cpp
+++ b/Crypto/src/CipherKeyImpl.cpp
@@ -121,9 +121,11 @@ CipherKeyImpl::Mode CipherKeyImpl::mode() const
 
 	case EVP_CIPH_GCM_MODE:
 		return MODE_GCM;
-
-	case EVP_CIPH_CCM_MODE:
-		return MODE_CCM;
+	//Changed for port OpenSSL -> BoringSSL
+	#if defined(OPENSSL_IS_BORINGSSL)
+	   case EVP_CIPH_CCM_MODE:
+	       return MODE_CCM;
+	#endif
 #endif
 	}
 	throw Poco::IllegalStateException("Unexpected value of EVP_CIPHER_mode()");
diff --git a/Crypto/src/DigestEngine.cpp b/Crypto/src/DigestEngine.cpp
index bac2d44e07..b81827d71a 100644
--- a/Crypto/src/DigestEngine.cpp
+++ b/Crypto/src/DigestEngine.cpp
@@ -12,10 +12,13 @@
 //
 
 
+//Changed for port OpenSSL -> BoringSSL
+#if defined(OPENSSL_IS_BORINGSSL)
+	#include "openssl/digest.h"
+#endif
 #include "Poco/Crypto/DigestEngine.h"
 #include "Poco/Exception.h"
 
-
 namespace Poco {
 namespace Crypto {
 
@@ -37,7 +40,12 @@ DigestEngine::~DigestEngine()
 
 int DigestEngine::nid() const
 {
-	return EVP_MD_nid(EVP_MD_CTX_md(_pContext));
+	//Changed for port OpenSSL -> BoringSSL
+	#if defined(OPENSSL_IS_BORINGSSL)
+		return EVP_MD_type(EVP_MD_CTX_md(_pContext));
+	#else 
+		return EVP_MD_nid(EVP_MD_CTX_md(_pContext));
+	#endif
 }
 
 std::size_t DigestEngine::digestLength() const
diff --git a/Crypto/src/PKCS12Container.cpp b/Crypto/src/PKCS12Container.cpp
index 5c03a9ff85..5483d53157 100644
--- a/Crypto/src/PKCS12Container.cpp
+++ b/Crypto/src/PKCS12Container.cpp
@@ -128,26 +128,31 @@ PKCS12Container::~PKCS12Container()
 
 std::string PKCS12Container::extractFriendlyName(X509* pCert)
 {
-	std::string friendlyName;
-	if(pCert)
-	{
-		STACK_OF(PKCS12_SAFEBAG)*pBags = 0;
-		PKCS12_SAFEBAG*pBag = PKCS12_add_cert(&pBags, pCert);
-		if(pBag)
-		{
-			char* pBuffer = PKCS12_get_friendlyname(pBag);
-			if(pBuffer)
+	//Changed for port OpenSSL -> BoringSSL
+	#if defined(OPENSSL_IS_BORINGSSL)
+    	throw NotImplementedException();
+	#else 
+		std::string friendlyName;
+		f(pCert)
+		{	
+			STACK_OF(PKCS12_SAFEBAG)*pBags = 0;
+			PKCS12_SAFEBAG*pBag = PKCS12_add_cert(&pBags, pCert);
+			if(pBag)
 			{
-				friendlyName = pBuffer;
-				OPENSSL_free(pBuffer);
+				char* pBuffer = PKCS12_get_friendlyname(pBag);
+				if(pBuffer)
+				{
+					friendlyName = pBuffer;
+					OPENSSL_free(pBuffer);
+				}
+				if(pBags) sk_PKCS12_SAFEBAG_pop_free(pBags, PKCS12_SAFEBAG_free);
 			}
-			if(pBags) sk_PKCS12_SAFEBAG_pop_free(pBags, PKCS12_SAFEBAG_free);
+			else throw OpenSSLException("PKCS12Container::extractFriendlyName()");
 		}
-		else throw OpenSSLException("PKCS12Container::extractFriendlyName()");
-	}
-	else throw NullPointerException("PKCS12Container::extractFriendlyName()");
+		else throw NullPointerException("PKCS12Container::extractFriendlyName()");
 
-	return friendlyName;
+		return friendlyName;
+	#endif
 }
 
 
diff --git a/Crypto/src/RSACipherImpl.cpp b/Crypto/src/RSACipherImpl.cpp
index 5c2e493ed0..27e4a392a4 100644
--- a/Crypto/src/RSACipherImpl.cpp
+++ b/Crypto/src/RSACipherImpl.cpp
@@ -51,7 +51,12 @@ namespace
 		case RSA_PADDING_PKCS1_OAEP:
 			return RSA_PKCS1_OAEP_PADDING;
 		case RSA_PADDING_SSLV23:
-			return RSA_SSLV23_PADDING;
+		//Changed for port OpenSSL -> BoringSSL
+			#if defined(OPENSSL_IS_BORINGSSL)
+				throw NotImplementedException();
+			#else 
+				return RSA_SSLV23_PADDING;
+			#endif			
 		case RSA_PADDING_NONE:
 			return RSA_NO_PADDING;
 		default:
diff --git a/NetSSL_OpenSSL/src/Context.cpp b/NetSSL_OpenSSL/src/Context.cpp
index 8815f6d25a..f15c175a0c 100644
--- a/NetSSL_OpenSSL/src/Context.cpp
+++ b/NetSSL_OpenSSL/src/Context.cpp
@@ -198,7 +198,13 @@ void Context::useCertificate(const Poco::Crypto::X509Certificate& certificate)
 
 void Context::addChainCertificate(const Poco::Crypto::X509Certificate& certificate)
 {
-	int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, certificate.certificate());
+	//Changed for port OpenSSL -> BoringSSL
+	#if defined(OPENSSL_IS_BORINGSSL)
+		int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, const_cast<X509*>(certificate.certificate()));
+	#else 
+		int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, certificate.certificate());
+	#endif
+	
 	if (errCode != 1)
 	{
 		std::string msg = Utility::getLastError();
@@ -511,25 +517,37 @@ void Context::initDH(const std::string& dhParamsFile)
 			std::string msg = Utility::getLastError();
 			throw SSLContextException("Error creating Diffie-Hellman parameters", msg);
 		}
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-		BIGNUM* p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
-		BIGNUM* g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
-		DH_set0_pqg(dh, p, 0, g);
-		DH_set_length(dh, 160);
-		if (!p || !g)
-		{
-			DH_free(dh);
-			throw SSLContextException("Error creating Diffie-Hellman parameters");
-		}
-#else
+
+//Changed for port OpenSSL -> BoringSSL	
+#if defined(OPENSSL_IS_BORINGSSL)
 		dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
 		dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
-		dh->length = 160;
 		if ((!dh->p) || (!dh->g))
 		{
 			DH_free(dh);
 			throw SSLContextException("Error creating Diffie-Hellman parameters");
 		}
+#else
+	#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+			BIGNUM* p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
+			BIGNUM* g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
+			DH_set0_pqg(dh, p, 0, g);
+			DH_set_length(dh, 160);
+			if (!p || !g)
+			{
+				DH_free(dh);
+				throw SSLContextException("Error creating Diffie-Hellman parameters");
+			}
+	#else
+			dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
+			dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
+			dh->length = 160;
+			if ((!dh->p) || (!dh->g))
+			{
+				DH_free(dh);
+				throw SSLContextException("Error creating Diffie-Hellman parameters");
+			}
+	#endif
 #endif
 	}
 	SSL_CTX_set_tmp_dh(_pSSLContext, dh);
diff --git a/openssl b/openssl
deleted file mode 160000
index 26b1673caa..0000000000
--- a/openssl
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 26b1673caad94a702b6d694f48f917a283b30777

From 5514783ae188360d4e158a118d5a388942014f42 Mon Sep 17 00:00:00 2001
From: Dariusz <dariusz.ozygala@gmail.com>
Date: Mon, 21 May 2018 16:31:45 +0200
Subject: [PATCH 3/5] Update .gitmodules

---
 .gitmodules | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.gitmodules b/.gitmodules
index 02cb217608..a6847177c0 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,6 @@
+[submodule "openssl"]
+	path = openssl
+	url = https://github.com/pocoproject/openssl
 [submodule "gradle"]
 	path = gradle
 	url = https://github.com/pocoproject/gradle

From 734d20a4cfcf303c6abb877e3d544b8696c7600a Mon Sep 17 00:00:00 2001
From: Dariusz <dariusz.ozygala@gmail.com>
Date: Mon, 21 May 2018 16:32:13 +0200
Subject: [PATCH 4/5] Update .gitmodules

---
 .gitmodules | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.gitmodules b/.gitmodules
index a6847177c0..f434b79f0b 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,6 +1,8 @@
 [submodule "openssl"]
 	path = openssl
 	url = https://github.com/pocoproject/openssl
+	branch = master
+	
 [submodule "gradle"]
 	path = gradle
 	url = https://github.com/pocoproject/gradle

From ee8bdd4251f9232d9999a82927ec6db3a34bfcc3 Mon Sep 17 00:00:00 2001
From: Dariusz Ozygala <dariusz.ozygala@explaineverything.com>
Date: Tue, 22 Oct 2019 16:14:29 +0200
Subject: [PATCH 5/5] poco fork

---
 Crypto/src/CipherKeyImpl.cpp | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/Crypto/src/CipherKeyImpl.cpp b/Crypto/src/CipherKeyImpl.cpp
index 652271c349..5a547f4abf 100644
--- a/Crypto/src/CipherKeyImpl.cpp
+++ b/Crypto/src/CipherKeyImpl.cpp
@@ -121,11 +121,6 @@ CipherKeyImpl::Mode CipherKeyImpl::mode() const
 
 	case EVP_CIPH_GCM_MODE:
 		return MODE_GCM;
-	//Changed for port OpenSSL -> BoringSSL
-	#if defined(OPENSSL_IS_BORINGSSL)
-	   case EVP_CIPH_CCM_MODE:
-	       return MODE_CCM;
-	#endif
 #endif
 	}
 	throw Poco::IllegalStateException("Unexpected value of EVP_CIPHER_mode()");