diff options
| author | Armin Kuster <akuster808@gmail.com> | 2018-09-15 09:27:00 -0700 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2018-09-17 21:08:19 -0700 |
| commit | 3bae06e29b60d71177cb63ad0b85bc5c46f7a144 (patch) | |
| tree | 86855c6a7415f197128cf82b0481a2a1d0e0cd48 | |
| parent | 49a7a7a8e115cee161848f2af0ded494f3162cf3 (diff) | |
| download | meta-security-3bae06e29b60d71177cb63ad0b85bc5c46f7a144.tar.gz | |
openssl-tpm-engine: update SRC_URI and update to 0.5.0
change to a fork that is being maintained and that enabled openssl 1.1
Refresh patches
Drop one no longer needed
Signed-off-by: Armin Kuster <akuster808@gmail.com>
| -rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch | 24 | ||||
| -rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch | 14 | ||||
| -rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-Fix-not-building-libtpm.la.patch | 25 | ||||
| -rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch | 41 | ||||
| -rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch | 13 | ||||
| -rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/openssl11_build_fix.patch | 34 | ||||
| -rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.5.0.bb (renamed from meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.4.2.bb) | 41 |
7 files changed, 91 insertions, 101 deletions
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch index 67071b6..bed8b92 100644 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch | |||
| @@ -8,20 +8,20 @@ Add "-z" option to select well known password in create_tpm_key tool. | |||
| 8 | 8 | ||
| 9 | Signed-off-by: Junxian.Xiao <Junxian.Xiao@windriver.com> | 9 | Signed-off-by: Junxian.Xiao <Junxian.Xiao@windriver.com> |
| 10 | 10 | ||
| 11 | diff --git a/create_tpm_key.c b/create_tpm_key.c | 11 | Index: git/src/create_tpm_key.c |
| 12 | index fee917f..7b94d62 100644 | 12 | =================================================================== |
| 13 | --- a/create_tpm_key.c | 13 | --- git.orig/src/create_tpm_key.c |
| 14 | +++ b/create_tpm_key.c | 14 | +++ git/src/create_tpm_key.c |
| 15 | @@ -46,6 +46,8 @@ | 15 | @@ -48,6 +48,8 @@ |
| 16 | #include <trousers/tss.h> | 16 | |
| 17 | #include <trousers/trousers.h> | 17 | #include "ssl_compat.h" |
| 18 | 18 | ||
| 19 | +#define TPM_WELL_KNOWN_KEY_LEN 20 /*well know key length is 20 bytes zero*/ | 19 | +#define TPM_WELL_KNOWN_KEY_LEN 20 /*well know key length is 20 bytes zero*/ |
| 20 | + | 20 | + |
| 21 | #define print_error(a,b) \ | 21 | #define print_error(a,b) \ |
| 22 | fprintf(stderr, "%s:%d %s result: 0x%x (%s)\n", __FILE__, __LINE__, \ | 22 | fprintf(stderr, "%s:%d %s result: 0x%x (%s)\n", __FILE__, __LINE__, \ |
| 23 | a, b, Trspi_Error_String(b)) | 23 | a, b, Trspi_Error_String(b)) |
| 24 | @@ -70,6 +72,7 @@ usage(char *argv0) | 24 | @@ -72,6 +74,7 @@ usage(char *argv0) |
| 25 | "\t\t-e|--enc-scheme encryption scheme to use [PKCSV15] or OAEP\n" | 25 | "\t\t-e|--enc-scheme encryption scheme to use [PKCSV15] or OAEP\n" |
| 26 | "\t\t-q|--sig-scheme signature scheme to use [DER] or SHA1\n" | 26 | "\t\t-q|--sig-scheme signature scheme to use [DER] or SHA1\n" |
| 27 | "\t\t-s|--key-size key size in bits [2048]\n" | 27 | "\t\t-s|--key-size key size in bits [2048]\n" |
| @@ -29,7 +29,7 @@ index fee917f..7b94d62 100644 | |||
| 29 | "\t\t-a|--auth require a password for the key [NO]\n" | 29 | "\t\t-a|--auth require a password for the key [NO]\n" |
| 30 | "\t\t-p|--popup use TSS GUI popup dialogs to get the password " | 30 | "\t\t-p|--popup use TSS GUI popup dialogs to get the password " |
| 31 | "for the\n\t\t\t\t key [NO] (implies --auth)\n" | 31 | "for the\n\t\t\t\t key [NO] (implies --auth)\n" |
| 32 | @@ -147,6 +150,7 @@ int main(int argc, char **argv) | 32 | @@ -154,6 +157,7 @@ int main(int argc, char **argv) |
| 33 | int asn1_len; | 33 | int asn1_len; |
| 34 | char *filename, c, *openssl_key = NULL; | 34 | char *filename, c, *openssl_key = NULL; |
| 35 | int option_index, auth = 0, popup = 0, wrap = 0; | 35 | int option_index, auth = 0, popup = 0, wrap = 0; |
| @@ -37,7 +37,7 @@ index fee917f..7b94d62 100644 | |||
| 37 | UINT32 enc_scheme = TSS_ES_RSAESPKCSV15; | 37 | UINT32 enc_scheme = TSS_ES_RSAESPKCSV15; |
| 38 | UINT32 sig_scheme = TSS_SS_RSASSAPKCS1V15_DER; | 38 | UINT32 sig_scheme = TSS_SS_RSASSAPKCS1V15_DER; |
| 39 | UINT32 key_size = 2048; | 39 | UINT32 key_size = 2048; |
| 40 | @@ -154,12 +158,15 @@ int main(int argc, char **argv) | 40 | @@ -161,12 +165,15 @@ int main(int argc, char **argv) |
| 41 | 41 | ||
| 42 | while (1) { | 42 | while (1) { |
| 43 | option_index = 0; | 43 | option_index = 0; |
| @@ -54,7 +54,7 @@ index fee917f..7b94d62 100644 | |||
| 54 | case 'a': | 54 | case 'a': |
| 55 | initFlags |= TSS_KEY_AUTHORIZATION; | 55 | initFlags |= TSS_KEY_AUTHORIZATION; |
| 56 | auth = 1; | 56 | auth = 1; |
| 57 | @@ -293,6 +300,8 @@ int main(int argc, char **argv) | 57 | @@ -300,6 +307,8 @@ int main(int argc, char **argv) |
| 58 | 58 | ||
| 59 | if (srk_authusage) { | 59 | if (srk_authusage) { |
| 60 | char *authdata = calloc(1, 128); | 60 | char *authdata = calloc(1, 128); |
| @@ -63,7 +63,7 @@ index fee917f..7b94d62 100644 | |||
| 63 | 63 | ||
| 64 | if (!authdata) { | 64 | if (!authdata) { |
| 65 | fprintf(stderr, "malloc failed.\n"); | 65 | fprintf(stderr, "malloc failed.\n"); |
| 66 | @@ -309,17 +318,26 @@ int main(int argc, char **argv) | 66 | @@ -316,17 +325,26 @@ int main(int argc, char **argv) |
| 67 | exit(result); | 67 | exit(result); |
| 68 | } | 68 | } |
| 69 | 69 | ||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch index f718f2e..2caaaf0 100644 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch | |||
| @@ -9,20 +9,20 @@ use "env TPM_SRK_PW=#WELLKNOWN#" to set well known password. | |||
| 9 | 9 | ||
| 10 | Signed-off-by: Junxian.Xiao <Junxian.Xiao@windriver.com> | 10 | Signed-off-by: Junxian.Xiao <Junxian.Xiao@windriver.com> |
| 11 | 11 | ||
| 12 | diff --git a/e_tpm.c b/e_tpm.c | 12 | Index: git/src/e_tpm.c |
| 13 | index f3e8bcf..7dcb75a 100644 | 13 | =================================================================== |
| 14 | --- a/e_tpm.c | 14 | --- git.orig/src/e_tpm.c |
| 15 | +++ b/e_tpm.c | 15 | +++ git/src/e_tpm.c |
| 16 | @@ -38,6 +38,8 @@ | 16 | @@ -38,6 +38,8 @@ |
| 17 | |||
| 18 | #include "e_tpm.h" | 17 | #include "e_tpm.h" |
| 18 | #include "ssl_compat.h" | ||
| 19 | 19 | ||
| 20 | +#define TPM_WELL_KNOWN_KEY_LEN 20 /*well know key length is 20 bytes zero*/ | 20 | +#define TPM_WELL_KNOWN_KEY_LEN 20 /*well know key length is 20 bytes zero*/ |
| 21 | + | 21 | + |
| 22 | //#define DLOPEN_TSPI | 22 | //#define DLOPEN_TSPI |
| 23 | 23 | ||
| 24 | #ifndef OPENSSL_NO_HW | 24 | #ifndef OPENSSL_NO_HW |
| 25 | @@ -248,6 +250,10 @@ int tpm_load_srk(UI_METHOD *ui, void *cb_data) | 25 | @@ -262,6 +264,10 @@ int tpm_load_srk(UI_METHOD *ui, void *cb |
| 26 | TSS_RESULT result; | 26 | TSS_RESULT result; |
| 27 | UINT32 authusage; | 27 | UINT32 authusage; |
| 28 | BYTE *auth; | 28 | BYTE *auth; |
| @@ -33,7 +33,7 @@ index f3e8bcf..7dcb75a 100644 | |||
| 33 | 33 | ||
| 34 | if (hSRK != NULL_HKEY) { | 34 | if (hSRK != NULL_HKEY) { |
| 35 | DBGFN("SRK is already loaded."); | 35 | DBGFN("SRK is already loaded."); |
| 36 | @@ -299,18 +305,36 @@ int tpm_load_srk(UI_METHOD *ui, void *cb_data) | 36 | @@ -313,18 +319,36 @@ int tpm_load_srk(UI_METHOD *ui, void *cb |
| 37 | return 0; | 37 | return 0; |
| 38 | } | 38 | } |
| 39 | 39 | ||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-Fix-not-building-libtpm.la.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-Fix-not-building-libtpm.la.patch deleted file mode 100644 index d24a150..0000000 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-Fix-not-building-libtpm.la.patch +++ /dev/null | |||
| @@ -1,25 +0,0 @@ | |||
| 1 | From 7848445a1f4c750ef73bf96f5e89d402f87a1756 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Lans Zhang <jia.zhang@windriver.com> | ||
| 3 | Date: Mon, 19 Jun 2017 14:54:28 +0800 | ||
| 4 | Subject: [PATCH] Fix not building libtpm.la | ||
| 5 | |||
| 6 | Signed-off-by: Lans Zhang <jia.zhang@windriver.com> | ||
| 7 | --- | ||
| 8 | Makefile.am | 4 +++- | ||
| 9 | 1 file changed, 3 insertions(+), 1 deletion(-) | ||
| 10 | |||
| 11 | diff --git a/Makefile.am b/Makefile.am | ||
| 12 | index 6695656..634a7e6 100644 | ||
| 13 | --- a/Makefile.am | ||
| 14 | +++ b/Makefile.am | ||
| 15 | @@ -10,4 +10,6 @@ libtpm_la_LIBADD=-lcrypto -lc -ltspi | ||
| 16 | libtpm_la_SOURCES=e_tpm.c e_tpm.h e_tpm_err.c | ||
| 17 | |||
| 18 | create_tpm_key_SOURCES=create_tpm_key.c | ||
| 19 | -create_tpm_key_LDADD=-ltspi | ||
| 20 | +create_tpm_key_LDFLAGS=-ltspi | ||
| 21 | + | ||
| 22 | +LDADD=libtpm.la | ||
| 23 | -- | ||
| 24 | 2.7.5 | ||
| 25 | |||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch index a88148f..cc8772d 100644 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch | |||
| @@ -22,11 +22,11 @@ Signed-off-by: Meng Li <Meng.Li@windriver.com> | |||
| 22 | e_tpm_err.c | 4 ++ | 22 | e_tpm_err.c | 4 ++ |
| 23 | 3 files changed, 164 insertions(+), 1 deletion(-) | 23 | 3 files changed, 164 insertions(+), 1 deletion(-) |
| 24 | 24 | ||
| 25 | diff --git a/e_tpm.c b/e_tpm.c | 25 | Index: git/src/e_tpm.c |
| 26 | index 7dcb75a..11bf74b 100644 | 26 | =================================================================== |
| 27 | --- a/e_tpm.c | 27 | --- git.orig/src/e_tpm.c |
| 28 | +++ b/e_tpm.c | 28 | +++ git/src/e_tpm.c |
| 29 | @@ -245,6 +245,118 @@ void ENGINE_load_tpm(void) | 29 | @@ -259,6 +259,118 @@ void ENGINE_load_tpm(void) |
| 30 | ERR_clear_error(); | 30 | ERR_clear_error(); |
| 31 | } | 31 | } |
| 32 | 32 | ||
| @@ -145,7 +145,7 @@ index 7dcb75a..11bf74b 100644 | |||
| 145 | int tpm_load_srk(UI_METHOD *ui, void *cb_data) | 145 | int tpm_load_srk(UI_METHOD *ui, void *cb_data) |
| 146 | { | 146 | { |
| 147 | TSS_RESULT result; | 147 | TSS_RESULT result; |
| 148 | @@ -305,8 +417,50 @@ int tpm_load_srk(UI_METHOD *ui, void *cb_data) | 148 | @@ -319,8 +431,50 @@ int tpm_load_srk(UI_METHOD *ui, void *cb |
| 149 | return 0; | 149 | return 0; |
| 150 | } | 150 | } |
| 151 | 151 | ||
| @@ -197,7 +197,7 @@ index 7dcb75a..11bf74b 100644 | |||
| 197 | if (0 == strcmp(srkPasswd, "#WELLKNOWN#")) { | 197 | if (0 == strcmp(srkPasswd, "#WELLKNOWN#")) { |
| 198 | memset(auth, 0, TPM_WELL_KNOWN_KEY_LEN); | 198 | memset(auth, 0, TPM_WELL_KNOWN_KEY_LEN); |
| 199 | secretMode = TSS_SECRET_MODE_SHA1; | 199 | secretMode = TSS_SECRET_MODE_SHA1; |
| 200 | @@ -319,6 +473,7 @@ int tpm_load_srk(UI_METHOD *ui, void *cb_data) | 200 | @@ -333,6 +487,7 @@ int tpm_load_srk(UI_METHOD *ui, void *cb |
| 201 | authlen = strlen(auth); | 201 | authlen = strlen(auth); |
| 202 | } | 202 | } |
| 203 | } | 203 | } |
| @@ -205,11 +205,11 @@ index 7dcb75a..11bf74b 100644 | |||
| 205 | else { | 205 | else { |
| 206 | if (!tpm_engine_get_auth(ui, (char *)auth, 128, | 206 | if (!tpm_engine_get_auth(ui, (char *)auth, 128, |
| 207 | "SRK authorization: ", cb_data)) { | 207 | "SRK authorization: ", cb_data)) { |
| 208 | diff --git a/e_tpm.h b/e_tpm.h | 208 | Index: git/src/e_tpm.h |
| 209 | index 6316e0b..56ff202 100644 | 209 | =================================================================== |
| 210 | --- a/e_tpm.h | 210 | --- git.orig/src/e_tpm.h |
| 211 | +++ b/e_tpm.h | 211 | +++ git/src/e_tpm.h |
| 212 | @@ -66,6 +66,8 @@ void ERR_TSS_error(int function, int reason, char *file, int line); | 212 | @@ -66,6 +66,8 @@ void ERR_TSS_error(int function, int rea |
| 213 | #define TPM_F_TPM_FILL_RSA_OBJECT 116 | 213 | #define TPM_F_TPM_FILL_RSA_OBJECT 116 |
| 214 | #define TPM_F_TPM_ENGINE_GET_AUTH 117 | 214 | #define TPM_F_TPM_ENGINE_GET_AUTH 117 |
| 215 | #define TPM_F_TPM_CREATE_SRK_POLICY 118 | 215 | #define TPM_F_TPM_CREATE_SRK_POLICY 118 |
| @@ -218,7 +218,7 @@ index 6316e0b..56ff202 100644 | |||
| 218 | 218 | ||
| 219 | /* Reason codes. */ | 219 | /* Reason codes. */ |
| 220 | #define TPM_R_ALREADY_LOADED 100 | 220 | #define TPM_R_ALREADY_LOADED 100 |
| 221 | @@ -96,6 +98,8 @@ void ERR_TSS_error(int function, int reason, char *file, int line); | 221 | @@ -96,6 +98,8 @@ void ERR_TSS_error(int function, int rea |
| 222 | #define TPM_R_ID_INVALID 125 | 222 | #define TPM_R_ID_INVALID 125 |
| 223 | #define TPM_R_UI_METHOD_FAILED 126 | 223 | #define TPM_R_UI_METHOD_FAILED 126 |
| 224 | #define TPM_R_UNKNOWN_SECRET_MODE 127 | 224 | #define TPM_R_UNKNOWN_SECRET_MODE 127 |
| @@ -227,11 +227,11 @@ index 6316e0b..56ff202 100644 | |||
| 227 | 227 | ||
| 228 | /* structure pointed to by the RSA object's app_data pointer */ | 228 | /* structure pointed to by the RSA object's app_data pointer */ |
| 229 | struct rsa_app_data | 229 | struct rsa_app_data |
| 230 | diff --git a/e_tpm_err.c b/e_tpm_err.c | 230 | Index: git/src/e_tpm_err.c |
| 231 | index 25a5d0f..439e267 100644 | 231 | =================================================================== |
| 232 | --- a/e_tpm_err.c | 232 | --- git.orig/src/e_tpm_err.c |
| 233 | +++ b/e_tpm_err.c | 233 | +++ git/src/e_tpm_err.c |
| 234 | @@ -235,6 +235,8 @@ static ERR_STRING_DATA TPM_str_functs[] = { | 234 | @@ -234,6 +234,8 @@ static ERR_STRING_DATA TPM_str_functs[] |
| 235 | {ERR_PACK(0, TPM_F_TPM_BIND_FN, 0), "TPM_BIND_FN"}, | 235 | {ERR_PACK(0, TPM_F_TPM_BIND_FN, 0), "TPM_BIND_FN"}, |
| 236 | {ERR_PACK(0, TPM_F_TPM_FILL_RSA_OBJECT, 0), "TPM_FILL_RSA_OBJECT"}, | 236 | {ERR_PACK(0, TPM_F_TPM_FILL_RSA_OBJECT, 0), "TPM_FILL_RSA_OBJECT"}, |
| 237 | {ERR_PACK(0, TPM_F_TPM_ENGINE_GET_AUTH, 0), "TPM_ENGINE_GET_AUTH"}, | 237 | {ERR_PACK(0, TPM_F_TPM_ENGINE_GET_AUTH, 0), "TPM_ENGINE_GET_AUTH"}, |
| @@ -240,7 +240,7 @@ index 25a5d0f..439e267 100644 | |||
| 240 | {0, NULL} | 240 | {0, NULL} |
| 241 | }; | 241 | }; |
| 242 | 242 | ||
| 243 | @@ -265,6 +267,8 @@ static ERR_STRING_DATA TPM_str_reasons[] = { | 243 | @@ -264,6 +266,8 @@ static ERR_STRING_DATA TPM_str_reasons[] |
| 244 | {TPM_R_FILE_READ_FAILED, "failed reading the key file"}, | 244 | {TPM_R_FILE_READ_FAILED, "failed reading the key file"}, |
| 245 | {TPM_R_ID_INVALID, "engine id doesn't match"}, | 245 | {TPM_R_ID_INVALID, "engine id doesn't match"}, |
| 246 | {TPM_R_UI_METHOD_FAILED, "ui function failed"}, | 246 | {TPM_R_UI_METHOD_FAILED, "ui function failed"}, |
| @@ -249,6 +249,3 @@ index 25a5d0f..439e267 100644 | |||
| 249 | {0, NULL} | 249 | {0, NULL} |
| 250 | }; | 250 | }; |
| 251 | 251 | ||
| 252 | -- | ||
| 253 | 2.9.3 | ||
| 254 | |||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch index 076704d..535472a 100644 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch | |||
| @@ -15,11 +15,11 @@ Signed-off-by: Meng Li <Meng.Li@windriver.com> | |||
| 15 | create_tpm_key.c | 3 ++- | 15 | create_tpm_key.c | 3 ++- |
| 16 | 1 file changed, 2 insertions(+), 1 deletion(-) | 16 | 1 file changed, 2 insertions(+), 1 deletion(-) |
| 17 | 17 | ||
| 18 | diff --git a/create_tpm_key.c b/create_tpm_key.c | 18 | Index: git/src/create_tpm_key.c |
| 19 | index 7b94d62..f30af90 100644 | 19 | =================================================================== |
| 20 | --- a/create_tpm_key.c | 20 | --- git.orig/src/create_tpm_key.c |
| 21 | +++ b/create_tpm_key.c | 21 | +++ git/src/create_tpm_key.c |
| 22 | @@ -148,7 +148,8 @@ int main(int argc, char **argv) | 22 | @@ -155,7 +155,8 @@ int main(int argc, char **argv) |
| 23 | ASN1_OCTET_STRING *blob_str; | 23 | ASN1_OCTET_STRING *blob_str; |
| 24 | unsigned char *blob_asn1 = NULL; | 24 | unsigned char *blob_asn1 = NULL; |
| 25 | int asn1_len; | 25 | int asn1_len; |
| @@ -29,6 +29,3 @@ index 7b94d62..f30af90 100644 | |||
| 29 | int option_index, auth = 0, popup = 0, wrap = 0; | 29 | int option_index, auth = 0, popup = 0, wrap = 0; |
| 30 | int wellknownkey = 0; | 30 | int wellknownkey = 0; |
| 31 | UINT32 enc_scheme = TSS_ES_RSAESPKCSV15; | 31 | UINT32 enc_scheme = TSS_ES_RSAESPKCSV15; |
| 32 | -- | ||
| 33 | 1.7.9.5 | ||
| 34 | |||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/openssl11_build_fix.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/openssl11_build_fix.patch new file mode 100644 index 0000000..2f8eb81 --- /dev/null +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/openssl11_build_fix.patch | |||
| @@ -0,0 +1,34 @@ | |||
| 1 | Fix compiling for openssl 1.1 | ||
| 2 | |||
| 3 | Upstream-Status: Pending | ||
| 4 | Signed-off-by: Armin Kuster <akuster808@gmail.com> | ||
| 5 | |||
| 6 | Index: git/src/e_tpm.c | ||
| 7 | =================================================================== | ||
| 8 | --- git.orig/src/e_tpm.c | ||
| 9 | +++ git/src/e_tpm.c | ||
| 10 | @@ -265,19 +265,20 @@ static int tpm_decode_base64(unsigned ch | ||
| 11 | int *out_len) | ||
| 12 | { | ||
| 13 | int total_len, len, ret; | ||
| 14 | - EVP_ENCODE_CTX dctx; | ||
| 15 | + EVP_ENCODE_CTX *dctx; | ||
| 16 | |||
| 17 | - EVP_DecodeInit(&dctx); | ||
| 18 | + dctx = EVP_ENCODE_CTX_new(); | ||
| 19 | + EVP_DecodeInit(dctx); | ||
| 20 | |||
| 21 | total_len = 0; | ||
| 22 | - ret = EVP_DecodeUpdate(&dctx, outdata, &len, indata, in_len); | ||
| 23 | + ret = EVP_DecodeUpdate(dctx, outdata, &len, indata, in_len); | ||
| 24 | if (ret < 0) { | ||
| 25 | TSSerr(TPM_F_TPM_DECODE_BASE64, TPM_R_DECODE_BASE64_FAILED); | ||
| 26 | return 1; | ||
| 27 | } | ||
| 28 | |||
| 29 | total_len += len; | ||
| 30 | - ret = EVP_DecodeFinal(&dctx, outdata, &len); | ||
| 31 | + ret = EVP_DecodeFinal(dctx, outdata, &len); | ||
| 32 | if (ret < 0) { | ||
| 33 | TSSerr(TPM_F_TPM_DECODE_BASE64, TPM_R_DECODE_BASE64_FAILED); | ||
| 34 | return 1; | ||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.4.2.bb b/meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.5.0.bb index 4854f70..0f98b79 100644 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.4.2.bb +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.5.0.bb | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | DESCRIPTION = "OpenSSL secure engine based on TPM hardware" | 1 | DESCRIPTION = "OpenSSL secure engine based on TPM hardware" |
| 2 | HOMEPAGE = "https://sourceforge.net/projects/trousers/" | 2 | HOMEPAGE = "https://github.com/mgerstner/openssl_tpm_engine" |
| 3 | SECTION = "security/tpm" | 3 | SECTION = "security/tpm" |
| 4 | 4 | ||
| 5 | LICENSE = "openssl" | 5 | LICENSE = "openssl" |
| @@ -8,18 +8,18 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=11f0ee3af475c85b907426e285c9bb52" | |||
| 8 | DEPENDS += "openssl trousers" | 8 | DEPENDS += "openssl trousers" |
| 9 | 9 | ||
| 10 | SRC_URI = "\ | 10 | SRC_URI = "\ |
| 11 | git://git.code.sf.net/p/trousers/openssl_tpm_engine \ | 11 | git://github.com/mgerstner/openssl_tpm_engine.git \ |
| 12 | file://0001-create-tpm-key-support-well-known-key-option.patch \ | 12 | file://0001-create-tpm-key-support-well-known-key-option.patch \ |
| 13 | file://0002-libtpm-support-env-TPM_SRK_PW.patch \ | 13 | file://0002-libtpm-support-env-TPM_SRK_PW.patch \ |
| 14 | file://0003-Fix-not-building-libtpm.la.patch \ | ||
| 15 | file://0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch \ | 14 | file://0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch \ |
| 16 | file://0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch \ | 15 | file://0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch \ |
| 16 | file://openssl11_build_fix.patch \ | ||
| 17 | " | 17 | " |
| 18 | SRCREV = "bbc2b1af809f20686e0d3553a62f0175742c0d60" | 18 | SRCREV = "b28de5065e6eb9aa5d5afe2276904f7624c2cbaf" |
| 19 | 19 | ||
| 20 | S = "${WORKDIR}/git" | 20 | S = "${WORKDIR}/git" |
| 21 | 21 | ||
| 22 | inherit autotools-brokensep | 22 | inherit autotools-brokensep pkgconfig |
| 23 | 23 | ||
| 24 | # The definitions below are used to decrypt the srk password. | 24 | # The definitions below are used to decrypt the srk password. |
| 25 | # It is allowed to define the values in 3 forms: string, hex number and | 25 | # It is allowed to define the values in 3 forms: string, hex number and |
| @@ -41,35 +41,22 @@ CFLAGS_append += "-DSRK_DEC_PW=${srk_dec_pw} -DSRK_DEC_SALT=${srk_dec_salt}" | |||
| 41 | #CFLAGS_append += "-DTPM_SRK_PLAIN_PW" | 41 | #CFLAGS_append += "-DTPM_SRK_PLAIN_PW" |
| 42 | 42 | ||
| 43 | do_configure_prepend() { | 43 | do_configure_prepend() { |
| 44 | cd "${S}" | 44 | cd ${B} |
| 45 | cp LICENSE COPYING | 45 | cp LICENSE COPYING |
| 46 | touch NEWS AUTHORS ChangeLog | 46 | touch NEWS AUTHORS ChangeLog README |
| 47 | } | 47 | } |
| 48 | 48 | ||
| 49 | do_install_append() { | 49 | FILES_${PN}-staticdev += "${libdir}/ssl/engines-1.1/tpm.la" |
| 50 | install -m 0755 -d "${D}${libdir}/engines" | ||
| 51 | install -m 0755 -d "${D}${prefix}/local/ssl/lib/engines" | ||
| 52 | install -m 0755 -d "${D}${libdir}/ssl/engines" | ||
| 53 | |||
| 54 | cp -f "${D}${libdir}/openssl/engines/libtpm.so.0.0.0" "${D}${libdir}/libtpm.so.0" | ||
| 55 | cp -f "${D}${libdir}/openssl/engines/libtpm.so.0.0.0" "${D}${libdir}/engines/libtpm.so" | ||
| 56 | cp -f "${D}${libdir}/openssl/engines/libtpm.so.0.0.0" "${D}${prefix}/local/ssl/lib/engines/libtpm.so" | ||
| 57 | mv -f "${D}${libdir}/openssl/engines/libtpm.so.0.0.0" "${D}${libdir}/ssl/engines/libtpm.so" | ||
| 58 | mv -f "${D}${libdir}/openssl/engines/libtpm.la" "${D}${libdir}/ssl/engines/libtpm.la" | ||
| 59 | rm -rf "${D}${libdir}/openssl" | ||
| 60 | } | ||
| 61 | |||
| 62 | FILES_${PN}-staticdev += "${libdir}/ssl/engines/libtpm.la" | ||
| 63 | FILES_${PN}-dbg += "\ | 50 | FILES_${PN}-dbg += "\ |
| 64 | ${libdir}/ssl/engines/.debug \ | 51 | ${libdir}/ssl/engines-1.1/.debug \ |
| 65 | ${libdir}/engines/.debug \ | 52 | ${libdir}/engines-1.1/.debug \ |
| 66 | ${prefix}/local/ssl/lib/engines/.debug \ | 53 | ${prefix}/local/ssl/lib/engines-1.1/.debug \ |
| 67 | " | 54 | " |
| 68 | FILES_${PN} += "\ | 55 | FILES_${PN} += "\ |
| 69 | ${libdir}/ssl/engines/libtpm.so* \ | 56 | ${libdir}/ssl/engines-1.1/tpm.so* \ |
| 70 | ${libdir}/engines/libtpm.so* \ | 57 | ${libdir}/engines-1.1/tpm.so* \ |
| 71 | ${libdir}/libtpm.so* \ | 58 | ${libdir}/libtpm.so* \ |
| 72 | ${prefix}/local/ssl/lib/engines/libtpm.so* \ | 59 | ${prefix}/local/ssl/lib/engines-1.1/tpm.so* \ |
| 73 | " | 60 | " |
| 74 | 61 | ||
| 75 | RDEPENDS_${PN} += "libcrypto libtspi" | 62 | RDEPENDS_${PN} += "libcrypto libtspi" |