From fc996b19289f69b16f34e84f45fc06ea13749759 Mon Sep 17 00:00:00 2001
From: Wang Mingyu <wangmy@fujitsu.com>
Date: Tue, 19 Mar 2024 13:45:04 +0800
Subject: opensc: upgrade 0.24.0 -> 0.25.0

Changelog:
============
## Security
* [CVE-2023-5992]: Side-channel leaks while stripping encryption PKCS#1.5 padding in OpenSC
* [CVE-2024-1454]: Potential use-after-free in AuthentIC driver during card enrollment in pkcs15init

## General improvements
* Update OpenSSL 1.1.1 to 3.0 in MacOS build
* Remove support for old card drivers Akis, GPK, Incrypto34 and Westcos, disable Cyberflex driver
* Fix 64b to 32b conversions
* Improvements for the p11test
* Fix reader initialization without SCardControl
* Make RSA PKCS#1 v1.5 depadding constant-time
* Add option for disabling PKCS#1 v1.5 depadding (type 01 and 02) on the card
* Enable MSI signing via Signpath CI integration for Windows
* Fixed various issues reported by OSS-Fuzz and Coverity in drivers

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-oe/recipes-support/opensc/opensc_0.24.0.bb | 50 -------------------------
 meta-oe/recipes-support/opensc/opensc_0.25.0.bb | 50 +++++++++++++++++++++++++
 2 files changed, 50 insertions(+), 50 deletions(-)
 delete mode 100644 meta-oe/recipes-support/opensc/opensc_0.24.0.bb
 create mode 100644 meta-oe/recipes-support/opensc/opensc_0.25.0.bb

(limited to 'meta-oe/recipes-support')

diff --git a/meta-oe/recipes-support/opensc/opensc_0.24.0.bb b/meta-oe/recipes-support/opensc/opensc_0.24.0.bb
deleted file mode 100644
index fd64cf9e8..000000000
--- a/meta-oe/recipes-support/opensc/opensc_0.24.0.bb
+++ /dev/null
@@ -1,50 +0,0 @@
-SUMMARY = "Smart card library and applications"
-DESCRIPTION = "OpenSC is a tool for accessing smart card devices. Basic\
-functionality (e.g. SELECT FILE, READ BINARY) should work on any ISO\
-7816-4 compatible smart card. Encryption and decryption using private\
-keys on the smart card is possible with PKCS\
-such as the FINEID (Finnish Electronic IDentity) card. Swedish Posten\
-eID cards have also been confirmed to work."
-
-HOMEPAGE = "https://github.com/OpenSC/OpenSC/wiki"
-SECTION = "System Environment/Libraries"
-LICENSE = "LGPL-2.0-or-later"
-LIC_FILES_CHKSUM = "file://COPYING;md5=cb8aedd3bced19bd8026d96a8b6876d7"
-
-#v0.21.0
-SRCREV = "f15d0c5295f3247ae56bf976cf411fec4b47b6ec"
-SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \
-          "
-DEPENDS = "virtual/libiconv openssl"
-
-S = "${WORKDIR}/git"
-inherit autotools pkgconfig bash-completion
-
-EXTRA_OECONF = " \
-    --disable-static \
-    --disable-ctapi \
-    --disable-doc \
-    --disable-strict \
-"
-EXTRA_OEMAKE = "DESTDIR=${D}"
-
-PACKAGECONFIG ??= "pcsc"
-
-PACKAGECONFIG[openct] = "--enable-openct,--disable-openct,openct"
-PACKAGECONFIG[pcsc] = "--enable-pcsc,--disable-pcsc,pcsc-lite,pcsc-lite pcsc-lite-lib"
-
-RDEPENDS:${PN} = "readline"
-
-FILES:${PN} += "\
-    ${libdir}/opensc-pkcs11.so \
-    ${libdir}/onepin-opensc-pkcs11.so \
-    ${libdir}/pkcs11-spy.so \
-"
-FILES:${PN}-dev += "\
-    ${libdir}/onepin-opensc-pkcs11.so \
-    ${libdir}/pkcs11/opensc-pkcs11.so \
-    ${libdir}/pkcs11/onepin-opensc-pkcs11.so \
-    ${libdir}/pkcs11/pkcs11-spy.so \
-"
-
-BBCLASSEXTEND = "native"
diff --git a/meta-oe/recipes-support/opensc/opensc_0.25.0.bb b/meta-oe/recipes-support/opensc/opensc_0.25.0.bb
new file mode 100644
index 000000000..02c9c7e80
--- /dev/null
+++ b/meta-oe/recipes-support/opensc/opensc_0.25.0.bb
@@ -0,0 +1,50 @@
+SUMMARY = "Smart card library and applications"
+DESCRIPTION = "OpenSC is a tool for accessing smart card devices. Basic\
+functionality (e.g. SELECT FILE, READ BINARY) should work on any ISO\
+7816-4 compatible smart card. Encryption and decryption using private\
+keys on the smart card is possible with PKCS\
+such as the FINEID (Finnish Electronic IDentity) card. Swedish Posten\
+eID cards have also been confirmed to work."
+
+HOMEPAGE = "https://github.com/OpenSC/OpenSC/wiki"
+SECTION = "System Environment/Libraries"
+LICENSE = "LGPL-2.0-or-later"
+LIC_FILES_CHKSUM = "file://COPYING;md5=cb8aedd3bced19bd8026d96a8b6876d7"
+
+#v0.21.0
+SRCREV = "67986eda93a3a359a897f0b0be97f4315dde8d42"
+SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \
+          "
+DEPENDS = "virtual/libiconv openssl"
+
+S = "${WORKDIR}/git"
+inherit autotools pkgconfig bash-completion
+
+EXTRA_OECONF = " \
+    --disable-static \
+    --disable-ctapi \
+    --disable-doc \
+    --disable-strict \
+"
+EXTRA_OEMAKE = "DESTDIR=${D}"
+
+PACKAGECONFIG ??= "pcsc"
+
+PACKAGECONFIG[openct] = "--enable-openct,--disable-openct,openct"
+PACKAGECONFIG[pcsc] = "--enable-pcsc,--disable-pcsc,pcsc-lite,pcsc-lite pcsc-lite-lib"
+
+RDEPENDS:${PN} = "readline"
+
+FILES:${PN} += "\
+    ${libdir}/opensc-pkcs11.so \
+    ${libdir}/onepin-opensc-pkcs11.so \
+    ${libdir}/pkcs11-spy.so \
+"
+FILES:${PN}-dev += "\
+    ${libdir}/onepin-opensc-pkcs11.so \
+    ${libdir}/pkcs11/opensc-pkcs11.so \
+    ${libdir}/pkcs11/onepin-opensc-pkcs11.so \
+    ${libdir}/pkcs11/pkcs11-spy.so \
+"
+
+BBCLASSEXTEND = "native"
-- 
cgit v1.2.3-54-g00ecf