From d02e1bc48f0a52756457683ec5955c343edd5d62 Mon Sep 17 00:00:00 2001
From: lbermes <l.bermes@asctechnologies.com>
Date: Mon, 17 Apr 2023 09:57:45 +0200
Subject: [PATCH 01/11] Added option to enable fips build for openssl

I only implement and tested it for windows as I have no option to do this under linux
---
 ports/openssl/portfile.cmake         | 11 +++++++++++
 ports/openssl/vcpkg.json             |  7 ++++++-
 ports/openssl/windows/portfile.cmake |  7 ++++++-
 3 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/ports/openssl/portfile.cmake b/ports/openssl/portfile.cmake
index ea61abf1b90e7c..90f2f3ff95d6b9 100644
--- a/ports/openssl/portfile.cmake
+++ b/ports/openssl/portfile.cmake
@@ -31,6 +31,12 @@ vcpkg_from_github(
         unix/no-static-libs-for-shared.patch
 )
 
+vcpkg_check_features(OUT_FEATURE_OPTIONS FEATURE_CORE_OPTIONS
+FEATURES
+    "fips"    FEATURE_fips
+    )
+
+
 vcpkg_list(SET CONFIGURE_OPTIONS
     enable-static-engine
     enable-capieng
@@ -39,6 +45,11 @@ vcpkg_list(SET CONFIGURE_OPTIONS
     no-tests
 )
 
+if("fips" IN_LIST FEATURES)
+    vcpkg_list(APPEND INSTALL_FIPS install_fips)
+    vcpkg_list(APPEND CONFIGURE_OPTIONS enable-fips)
+endif()
+
 if(VCPKG_LIBRARY_LINKAGE STREQUAL "dynamic")
     vcpkg_list(APPEND CONFIGURE_OPTIONS shared)
 else()
diff --git a/ports/openssl/vcpkg.json b/ports/openssl/vcpkg.json
index 790c240aea6eb1..96aecd3576a841 100644
--- a/ports/openssl/vcpkg.json
+++ b/ports/openssl/vcpkg.json
@@ -19,5 +19,10 @@
       "host": true,
       "platform": "windows & !mingw"
     }
-  ]
+  ],
+  "features": {
+    "fips": {
+      "description": "Enable fips"
+    }
+  }
 }
diff --git a/ports/openssl/windows/portfile.cmake b/ports/openssl/windows/portfile.cmake
index 3b7d6202ae9804..4d15992c99a29e 100644
--- a/ports/openssl/windows/portfile.cmake
+++ b/ports/openssl/windows/portfile.cmake
@@ -77,7 +77,7 @@ vcpkg_build_nmake(
         "LD=${ld}"
         "LDFLAGS=${VCPKG_COMBINED_SHARED_LINKER_FLAGS_DEBUG}"
     PROJECT_NAME "makefile"
-    TARGET install_dev install_modules
+    TARGET install_dev install_modules ${INSTALL_FIPS}
     LOGFILE_ROOT install
     OPTIONS
         "INSTALL_PDBS=${OPENSSL_BUILD_MAKES_PDBS}" # install-pdbs.patch
@@ -87,6 +87,10 @@ vcpkg_build_nmake(
 
 file(MAKE_DIRECTORY "${CURRENT_PACKAGES_DIR}/tools/${PORT}")
 file(RENAME "${CURRENT_PACKAGES_DIR}/openssl.cnf" "${CURRENT_PACKAGES_DIR}/tools/${PORT}/openssl.cnf")
+if(EXISTS "${CURRENT_PACKAGES_DIR}/fipsmodule.cnf")
+	file(RENAME "${CURRENT_PACKAGES_DIR}/fipsmodule.cnf" "${CURRENT_PACKAGES_DIR}/tools/${PORT}/fipsmodule.cnf")
+endif()
+
 if(NOT VCPKG_TARGET_IS_UWP)
     foreach(script IN ITEMS "bin/c_rehash.pl" "misc/CA.pl" "misc/tsget.pl")
         file(COPY "${CURRENT_PACKAGES_DIR}/${script}" DESTINATION "${CURRENT_PACKAGES_DIR}/tools/${PORT}")
@@ -116,4 +120,5 @@ file(REMOVE
     "${CURRENT_PACKAGES_DIR}/debug/ct_log_list.cnf.dist"
     "${CURRENT_PACKAGES_DIR}/debug/openssl.cnf"
     "${CURRENT_PACKAGES_DIR}/debug/openssl.cnf.dist"
+    "${CURRENT_PACKAGES_DIR}/debug/fipsmodule.cnf"
 )

From a7533a93d97f2ca0afc086c393d90f7df2225f91 Mon Sep 17 00:00:00 2001
From: lbermes <l.bermes@asctechnologies.com>
Date: Mon, 17 Apr 2023 10:26:39 +0200
Subject: [PATCH 02/11] Adjusted port version

---
 ports/openssl/vcpkg.json | 2 +-
 versions/baseline.json   | 5 +++--
 versions/o-/openssl.json | 5 +++++
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/ports/openssl/vcpkg.json b/ports/openssl/vcpkg.json
index 96aecd3576a841..21475e2bfd78c4 100644
--- a/ports/openssl/vcpkg.json
+++ b/ports/openssl/vcpkg.json
@@ -1,7 +1,7 @@
 {
   "name": "openssl",
   "version": "3.0.8",
-  "port-version": 1,
+  "port-version": 2,
   "description": "OpenSSL is an open source project that provides a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.",
   "homepage": "https://www.openssl.org",
   "license": "Apache-2.0",
diff --git a/versions/baseline.json b/versions/baseline.json
index 42e34c6e7349c1..45fa6d866263b3 100644
--- a/versions/baseline.json
+++ b/versions/baseline.json
@@ -3833,7 +3833,8 @@
       "port-version": 6
     },
     "libdeflate": {
-      "baseline": "1.17"
+      "baseline": "1.17",
+      "port-version": 0
     },
     "libdisasm": {
       "baseline": "0.23",
@@ -5773,7 +5774,7 @@
     },
     "openssl": {
       "baseline": "3.0.8",
-      "port-version": 1
+      "port-version": 2
     },
     "openssl-unix": {
       "baseline": "deprecated",
diff --git a/versions/o-/openssl.json b/versions/o-/openssl.json
index 4d0005e41a989a..463a27fbd6bc1a 100644
--- a/versions/o-/openssl.json
+++ b/versions/o-/openssl.json
@@ -1,5 +1,10 @@
 {
   "versions": [
+    {
+      "git-tree": "c4786d489de3060e9a92609b045bedaf7042e79c",
+      "version": "3.0.8",
+      "port-version": 2
+    },
     {
       "git-tree": "17ce011827417025d6a29924ace0a474f1689c65",
       "version": "3.0.8",

From fdb8ff7e3367c6e2ccf96b412e2d1480a9c2252f Mon Sep 17 00:00:00 2001
From: lbermes <l.bermes@asctechnologies.com>
Date: Mon, 17 Apr 2023 10:31:09 +0200
Subject: [PATCH 03/11] Updated to support only for Windows

---
 ports/openssl/vcpkg.json | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ports/openssl/vcpkg.json b/ports/openssl/vcpkg.json
index 21475e2bfd78c4..391fa8dfa4c2d8 100644
--- a/ports/openssl/vcpkg.json
+++ b/ports/openssl/vcpkg.json
@@ -22,7 +22,8 @@
   ],
   "features": {
     "fips": {
-      "description": "Enable fips"
-    }
+      "description": "Enable fips",
+	  "supports": "windows"
+	}
   }
 }

From 9eaef0929642bb72c29d72c940bf8db268d74eff Mon Sep 17 00:00:00 2001
From: lbermes <l.bermes@asctechnologies.com>
Date: Mon, 17 Apr 2023 12:18:52 +0200
Subject: [PATCH 04/11] Corrected Formatting

---
 ports/openssl/vcpkg.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ports/openssl/vcpkg.json b/ports/openssl/vcpkg.json
index c1b721961255de..21fa7a0ff19f89 100644
--- a/ports/openssl/vcpkg.json
+++ b/ports/openssl/vcpkg.json
@@ -22,7 +22,7 @@
   "features": {
     "fips": {
       "description": "Enable fips",
-	  "supports": "windows"
+      "supports": "windows"
     },
     "tools": {
       "description": "Install openssl executable and scripts",

From 7ee8e128fbda392e2552668b74fc21a5fe5715ab Mon Sep 17 00:00:00 2001
From: lbermes <l.bermes@asctechnologies.com>
Date: Mon, 17 Apr 2023 12:22:56 +0200
Subject: [PATCH 05/11] Corrected SHA for vcpkg x-add-version --all

---
 versions/o-/openssl.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/versions/o-/openssl.json b/versions/o-/openssl.json
index 69f5542510f5da..07da3f0b325efc 100644
--- a/versions/o-/openssl.json
+++ b/versions/o-/openssl.json
@@ -1,7 +1,7 @@
 {
   "versions": [
     {
-      "git-tree": "c4786d489de3060e9a92609b045bedaf7042e79c",
+      "git-tree": "69da0628c4cec1ef47050bd170adb3d41a205f7d",
       "version": "3.1.0",
       "port-version": 2
     },

From 04417814d9a4661a41ea22737994f3139ce5da3a Mon Sep 17 00:00:00 2001
From: lbermes <l.bermes@asctechnologies.com>
Date: Wed, 19 Apr 2023 08:22:22 +0200
Subject: [PATCH 06/11] Changes requested by review

Removed the not needed FEATURE FIPS
Initialize INSTALL_FIPS as empty
---
 ports/openssl/portfile.cmake | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/ports/openssl/portfile.cmake b/ports/openssl/portfile.cmake
index bcc5c1eaec1735..20203624309a9f 100644
--- a/ports/openssl/portfile.cmake
+++ b/ports/openssl/portfile.cmake
@@ -32,12 +32,6 @@ vcpkg_from_github(
         unix/no-static-libs-for-shared.patch
 )
 
-vcpkg_check_features(OUT_FEATURE_OPTIONS FEATURE_CORE_OPTIONS
-FEATURES
-    "fips"    FEATURE_fips
-    )
-
-
 vcpkg_list(SET CONFIGURE_OPTIONS
     enable-static-engine
     enable-capieng
@@ -46,6 +40,7 @@ vcpkg_list(SET CONFIGURE_OPTIONS
     no-tests
 )
 
+set(INSTALL_FIPS "")
 if("fips" IN_LIST FEATURES)
     vcpkg_list(APPEND INSTALL_FIPS install_fips)
     vcpkg_list(APPEND CONFIGURE_OPTIONS enable-fips)

From 741e8536e58bca865190595bb5a204bceb3d632d Mon Sep 17 00:00:00 2001
From: lbermes <l.bermes@asctechnologies.com>
Date: Wed, 19 Apr 2023 08:23:46 +0200
Subject: [PATCH 07/11] Corrected SHA for vcpkg x-add-version --all

---
 versions/o-/openssl.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/versions/o-/openssl.json b/versions/o-/openssl.json
index 07da3f0b325efc..b205d9bab8014c 100644
--- a/versions/o-/openssl.json
+++ b/versions/o-/openssl.json
@@ -1,7 +1,7 @@
 {
   "versions": [
     {
-      "git-tree": "69da0628c4cec1ef47050bd170adb3d41a205f7d",
+      "git-tree": "529388ac677551da3db180680d055cfdd0bb266c",
       "version": "3.1.0",
       "port-version": 2
     },

From 1b911b1ccbe1e4509807d6e67f9dbd81cb63152d Mon Sep 17 00:00:00 2001
From: lbermes <l.bermes@asctechnologies.com>
Date: Wed, 19 Apr 2023 09:11:12 +0200
Subject: [PATCH 08/11] Removed Windows only support

---
 ports/openssl/vcpkg.json | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/ports/openssl/vcpkg.json b/ports/openssl/vcpkg.json
index 21fa7a0ff19f89..cd514ea574755c 100644
--- a/ports/openssl/vcpkg.json
+++ b/ports/openssl/vcpkg.json
@@ -21,8 +21,7 @@
   ],
   "features": {
     "fips": {
-      "description": "Enable fips",
-      "supports": "windows"
+      "description": "Enable fips"
     },
     "tools": {
       "description": "Install openssl executable and scripts",

From cc72e43013de27bc3ca1e7a5e234a9a4ae25d936 Mon Sep 17 00:00:00 2001
From: lbermes <l.bermes@asctechnologies.com>
Date: Wed, 19 Apr 2023 09:11:42 +0200
Subject: [PATCH 09/11] Corrected SHA for vcpkg x-add-version --all

---
 versions/o-/openssl.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/versions/o-/openssl.json b/versions/o-/openssl.json
index b205d9bab8014c..21650e2bf882fb 100644
--- a/versions/o-/openssl.json
+++ b/versions/o-/openssl.json
@@ -1,7 +1,7 @@
 {
   "versions": [
     {
-      "git-tree": "529388ac677551da3db180680d055cfdd0bb266c",
+      "git-tree": "58585ef992f093c3ea47f2e64b5a48763e024e45",
       "version": "3.1.0",
       "port-version": 2
     },

From 84a3a5469c115c6c1ac79f6194415b039d543c07 Mon Sep 17 00:00:00 2001
From: lbermes <l.bermes@asctechnologies.com>
Date: Thu, 20 Apr 2023 05:08:29 +0200
Subject: [PATCH 10/11] Added "supports": "!static"

As the provider conecpts needs dynamic linkage
---
 ports/openssl/vcpkg.json | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ports/openssl/vcpkg.json b/ports/openssl/vcpkg.json
index cd514ea574755c..31fafaceb04ed1 100644
--- a/ports/openssl/vcpkg.json
+++ b/ports/openssl/vcpkg.json
@@ -21,7 +21,8 @@
   ],
   "features": {
     "fips": {
-      "description": "Enable fips"
+      "description": "Enable fips",
+      "supports": "!static"
     },
     "tools": {
       "description": "Install openssl executable and scripts",

From 73ce04bdc89ec8023df86236da3221198154677f Mon Sep 17 00:00:00 2001
From: lbermes <l.bermes@asctechnologies.com>
Date: Thu, 20 Apr 2023 05:09:23 +0200
Subject: [PATCH 11/11] Corrected SHA for vcpkg x-add-version --all

---
 versions/o-/openssl.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/versions/o-/openssl.json b/versions/o-/openssl.json
index 21650e2bf882fb..4a3a2cb5d28f00 100644
--- a/versions/o-/openssl.json
+++ b/versions/o-/openssl.json
@@ -1,7 +1,7 @@
 {
   "versions": [
     {
-      "git-tree": "58585ef992f093c3ea47f2e64b5a48763e024e45",
+      "git-tree": "64fc47730d346ecacc9f948c2c3138363ed8f702",
       "version": "3.1.0",
       "port-version": 2
     },