diff options
author | Armin Kuster <akuster808@gmail.com> | 2018-09-15 09:27:00 -0700 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2018-09-17 21:08:19 -0700 |
commit | 3bae06e29b60d71177cb63ad0b85bc5c46f7a144 (patch) | |
tree | 86855c6a7415f197128cf82b0481a2a1d0e0cd48 | |
parent | 49a7a7a8e115cee161848f2af0ded494f3162cf3 (diff) | |
download | meta-security-3bae06e29b60d71177cb63ad0b85bc5c46f7a144.tar.gz |
openssl-tpm-engine: update SRC_URI and update to 0.5.0
change to a fork that is being maintained and that enabled openssl 1.1
Refresh patches
Drop one no longer needed
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch | 24 | ||||
-rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch | 14 | ||||
-rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-Fix-not-building-libtpm.la.patch | 25 | ||||
-rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch | 41 | ||||
-rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch | 13 | ||||
-rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/files/openssl11_build_fix.patch | 34 | ||||
-rw-r--r-- | meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.5.0.bb (renamed from meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.4.2.bb) | 41 |
7 files changed, 91 insertions, 101 deletions
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch index 67071b6..bed8b92 100644 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch | |||
@@ -8,20 +8,20 @@ Add "-z" option to select well known password in create_tpm_key tool. | |||
8 | 8 | ||
9 | Signed-off-by: Junxian.Xiao <Junxian.Xiao@windriver.com> | 9 | Signed-off-by: Junxian.Xiao <Junxian.Xiao@windriver.com> |
10 | 10 | ||
11 | diff --git a/create_tpm_key.c b/create_tpm_key.c | 11 | Index: git/src/create_tpm_key.c |
12 | index fee917f..7b94d62 100644 | 12 | =================================================================== |
13 | --- a/create_tpm_key.c | 13 | --- git.orig/src/create_tpm_key.c |
14 | +++ b/create_tpm_key.c | 14 | +++ git/src/create_tpm_key.c |
15 | @@ -46,6 +46,8 @@ | 15 | @@ -48,6 +48,8 @@ |
16 | #include <trousers/tss.h> | 16 | |
17 | #include <trousers/trousers.h> | 17 | #include "ssl_compat.h" |
18 | 18 | ||
19 | +#define TPM_WELL_KNOWN_KEY_LEN 20 /*well know key length is 20 bytes zero*/ | 19 | +#define TPM_WELL_KNOWN_KEY_LEN 20 /*well know key length is 20 bytes zero*/ |
20 | + | 20 | + |
21 | #define print_error(a,b) \ | 21 | #define print_error(a,b) \ |
22 | fprintf(stderr, "%s:%d %s result: 0x%x (%s)\n", __FILE__, __LINE__, \ | 22 | fprintf(stderr, "%s:%d %s result: 0x%x (%s)\n", __FILE__, __LINE__, \ |
23 | a, b, Trspi_Error_String(b)) | 23 | a, b, Trspi_Error_String(b)) |
24 | @@ -70,6 +72,7 @@ usage(char *argv0) | 24 | @@ -72,6 +74,7 @@ usage(char *argv0) |
25 | "\t\t-e|--enc-scheme encryption scheme to use [PKCSV15] or OAEP\n" | 25 | "\t\t-e|--enc-scheme encryption scheme to use [PKCSV15] or OAEP\n" |
26 | "\t\t-q|--sig-scheme signature scheme to use [DER] or SHA1\n" | 26 | "\t\t-q|--sig-scheme signature scheme to use [DER] or SHA1\n" |
27 | "\t\t-s|--key-size key size in bits [2048]\n" | 27 | "\t\t-s|--key-size key size in bits [2048]\n" |
@@ -29,7 +29,7 @@ index fee917f..7b94d62 100644 | |||
29 | "\t\t-a|--auth require a password for the key [NO]\n" | 29 | "\t\t-a|--auth require a password for the key [NO]\n" |
30 | "\t\t-p|--popup use TSS GUI popup dialogs to get the password " | 30 | "\t\t-p|--popup use TSS GUI popup dialogs to get the password " |
31 | "for the\n\t\t\t\t key [NO] (implies --auth)\n" | 31 | "for the\n\t\t\t\t key [NO] (implies --auth)\n" |
32 | @@ -147,6 +150,7 @@ int main(int argc, char **argv) | 32 | @@ -154,6 +157,7 @@ int main(int argc, char **argv) |
33 | int asn1_len; | 33 | int asn1_len; |
34 | char *filename, c, *openssl_key = NULL; | 34 | char *filename, c, *openssl_key = NULL; |
35 | int option_index, auth = 0, popup = 0, wrap = 0; | 35 | int option_index, auth = 0, popup = 0, wrap = 0; |
@@ -37,7 +37,7 @@ index fee917f..7b94d62 100644 | |||
37 | UINT32 enc_scheme = TSS_ES_RSAESPKCSV15; | 37 | UINT32 enc_scheme = TSS_ES_RSAESPKCSV15; |
38 | UINT32 sig_scheme = TSS_SS_RSASSAPKCS1V15_DER; | 38 | UINT32 sig_scheme = TSS_SS_RSASSAPKCS1V15_DER; |
39 | UINT32 key_size = 2048; | 39 | UINT32 key_size = 2048; |
40 | @@ -154,12 +158,15 @@ int main(int argc, char **argv) | 40 | @@ -161,12 +165,15 @@ int main(int argc, char **argv) |
41 | 41 | ||
42 | while (1) { | 42 | while (1) { |
43 | option_index = 0; | 43 | option_index = 0; |
@@ -54,7 +54,7 @@ index fee917f..7b94d62 100644 | |||
54 | case 'a': | 54 | case 'a': |
55 | initFlags |= TSS_KEY_AUTHORIZATION; | 55 | initFlags |= TSS_KEY_AUTHORIZATION; |
56 | auth = 1; | 56 | auth = 1; |
57 | @@ -293,6 +300,8 @@ int main(int argc, char **argv) | 57 | @@ -300,6 +307,8 @@ int main(int argc, char **argv) |
58 | 58 | ||
59 | if (srk_authusage) { | 59 | if (srk_authusage) { |
60 | char *authdata = calloc(1, 128); | 60 | char *authdata = calloc(1, 128); |
@@ -63,7 +63,7 @@ index fee917f..7b94d62 100644 | |||
63 | 63 | ||
64 | if (!authdata) { | 64 | if (!authdata) { |
65 | fprintf(stderr, "malloc failed.\n"); | 65 | fprintf(stderr, "malloc failed.\n"); |
66 | @@ -309,17 +318,26 @@ int main(int argc, char **argv) | 66 | @@ -316,17 +325,26 @@ int main(int argc, char **argv) |
67 | exit(result); | 67 | exit(result); |
68 | } | 68 | } |
69 | 69 | ||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch index f718f2e..2caaaf0 100644 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch | |||
@@ -9,20 +9,20 @@ use "env TPM_SRK_PW=#WELLKNOWN#" to set well known password. | |||
9 | 9 | ||
10 | Signed-off-by: Junxian.Xiao <Junxian.Xiao@windriver.com> | 10 | Signed-off-by: Junxian.Xiao <Junxian.Xiao@windriver.com> |
11 | 11 | ||
12 | diff --git a/e_tpm.c b/e_tpm.c | 12 | Index: git/src/e_tpm.c |
13 | index f3e8bcf..7dcb75a 100644 | 13 | =================================================================== |
14 | --- a/e_tpm.c | 14 | --- git.orig/src/e_tpm.c |
15 | +++ b/e_tpm.c | 15 | +++ git/src/e_tpm.c |
16 | @@ -38,6 +38,8 @@ | 16 | @@ -38,6 +38,8 @@ |
17 | |||
18 | #include "e_tpm.h" | 17 | #include "e_tpm.h" |
18 | #include "ssl_compat.h" | ||
19 | 19 | ||
20 | +#define TPM_WELL_KNOWN_KEY_LEN 20 /*well know key length is 20 bytes zero*/ | 20 | +#define TPM_WELL_KNOWN_KEY_LEN 20 /*well know key length is 20 bytes zero*/ |
21 | + | 21 | + |
22 | //#define DLOPEN_TSPI | 22 | //#define DLOPEN_TSPI |
23 | 23 | ||
24 | #ifndef OPENSSL_NO_HW | 24 | #ifndef OPENSSL_NO_HW |
25 | @@ -248,6 +250,10 @@ int tpm_load_srk(UI_METHOD *ui, void *cb_data) | 25 | @@ -262,6 +264,10 @@ int tpm_load_srk(UI_METHOD *ui, void *cb |
26 | TSS_RESULT result; | 26 | TSS_RESULT result; |
27 | UINT32 authusage; | 27 | UINT32 authusage; |
28 | BYTE *auth; | 28 | BYTE *auth; |
@@ -33,7 +33,7 @@ index f3e8bcf..7dcb75a 100644 | |||
33 | 33 | ||
34 | if (hSRK != NULL_HKEY) { | 34 | if (hSRK != NULL_HKEY) { |
35 | DBGFN("SRK is already loaded."); | 35 | DBGFN("SRK is already loaded."); |
36 | @@ -299,18 +305,36 @@ int tpm_load_srk(UI_METHOD *ui, void *cb_data) | 36 | @@ -313,18 +319,36 @@ int tpm_load_srk(UI_METHOD *ui, void *cb |
37 | return 0; | 37 | return 0; |
38 | } | 38 | } |
39 | 39 | ||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-Fix-not-building-libtpm.la.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-Fix-not-building-libtpm.la.patch deleted file mode 100644 index d24a150..0000000 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-Fix-not-building-libtpm.la.patch +++ /dev/null | |||
@@ -1,25 +0,0 @@ | |||
1 | From 7848445a1f4c750ef73bf96f5e89d402f87a1756 Mon Sep 17 00:00:00 2001 | ||
2 | From: Lans Zhang <jia.zhang@windriver.com> | ||
3 | Date: Mon, 19 Jun 2017 14:54:28 +0800 | ||
4 | Subject: [PATCH] Fix not building libtpm.la | ||
5 | |||
6 | Signed-off-by: Lans Zhang <jia.zhang@windriver.com> | ||
7 | --- | ||
8 | Makefile.am | 4 +++- | ||
9 | 1 file changed, 3 insertions(+), 1 deletion(-) | ||
10 | |||
11 | diff --git a/Makefile.am b/Makefile.am | ||
12 | index 6695656..634a7e6 100644 | ||
13 | --- a/Makefile.am | ||
14 | +++ b/Makefile.am | ||
15 | @@ -10,4 +10,6 @@ libtpm_la_LIBADD=-lcrypto -lc -ltspi | ||
16 | libtpm_la_SOURCES=e_tpm.c e_tpm.h e_tpm_err.c | ||
17 | |||
18 | create_tpm_key_SOURCES=create_tpm_key.c | ||
19 | -create_tpm_key_LDADD=-ltspi | ||
20 | +create_tpm_key_LDFLAGS=-ltspi | ||
21 | + | ||
22 | +LDADD=libtpm.la | ||
23 | -- | ||
24 | 2.7.5 | ||
25 | |||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch index a88148f..cc8772d 100644 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch | |||
@@ -22,11 +22,11 @@ Signed-off-by: Meng Li <Meng.Li@windriver.com> | |||
22 | e_tpm_err.c | 4 ++ | 22 | e_tpm_err.c | 4 ++ |
23 | 3 files changed, 164 insertions(+), 1 deletion(-) | 23 | 3 files changed, 164 insertions(+), 1 deletion(-) |
24 | 24 | ||
25 | diff --git a/e_tpm.c b/e_tpm.c | 25 | Index: git/src/e_tpm.c |
26 | index 7dcb75a..11bf74b 100644 | 26 | =================================================================== |
27 | --- a/e_tpm.c | 27 | --- git.orig/src/e_tpm.c |
28 | +++ b/e_tpm.c | 28 | +++ git/src/e_tpm.c |
29 | @@ -245,6 +245,118 @@ void ENGINE_load_tpm(void) | 29 | @@ -259,6 +259,118 @@ void ENGINE_load_tpm(void) |
30 | ERR_clear_error(); | 30 | ERR_clear_error(); |
31 | } | 31 | } |
32 | 32 | ||
@@ -145,7 +145,7 @@ index 7dcb75a..11bf74b 100644 | |||
145 | int tpm_load_srk(UI_METHOD *ui, void *cb_data) | 145 | int tpm_load_srk(UI_METHOD *ui, void *cb_data) |
146 | { | 146 | { |
147 | TSS_RESULT result; | 147 | TSS_RESULT result; |
148 | @@ -305,8 +417,50 @@ int tpm_load_srk(UI_METHOD *ui, void *cb_data) | 148 | @@ -319,8 +431,50 @@ int tpm_load_srk(UI_METHOD *ui, void *cb |
149 | return 0; | 149 | return 0; |
150 | } | 150 | } |
151 | 151 | ||
@@ -197,7 +197,7 @@ index 7dcb75a..11bf74b 100644 | |||
197 | if (0 == strcmp(srkPasswd, "#WELLKNOWN#")) { | 197 | if (0 == strcmp(srkPasswd, "#WELLKNOWN#")) { |
198 | memset(auth, 0, TPM_WELL_KNOWN_KEY_LEN); | 198 | memset(auth, 0, TPM_WELL_KNOWN_KEY_LEN); |
199 | secretMode = TSS_SECRET_MODE_SHA1; | 199 | secretMode = TSS_SECRET_MODE_SHA1; |
200 | @@ -319,6 +473,7 @@ int tpm_load_srk(UI_METHOD *ui, void *cb_data) | 200 | @@ -333,6 +487,7 @@ int tpm_load_srk(UI_METHOD *ui, void *cb |
201 | authlen = strlen(auth); | 201 | authlen = strlen(auth); |
202 | } | 202 | } |
203 | } | 203 | } |
@@ -205,11 +205,11 @@ index 7dcb75a..11bf74b 100644 | |||
205 | else { | 205 | else { |
206 | if (!tpm_engine_get_auth(ui, (char *)auth, 128, | 206 | if (!tpm_engine_get_auth(ui, (char *)auth, 128, |
207 | "SRK authorization: ", cb_data)) { | 207 | "SRK authorization: ", cb_data)) { |
208 | diff --git a/e_tpm.h b/e_tpm.h | 208 | Index: git/src/e_tpm.h |
209 | index 6316e0b..56ff202 100644 | 209 | =================================================================== |
210 | --- a/e_tpm.h | 210 | --- git.orig/src/e_tpm.h |
211 | +++ b/e_tpm.h | 211 | +++ git/src/e_tpm.h |
212 | @@ -66,6 +66,8 @@ void ERR_TSS_error(int function, int reason, char *file, int line); | 212 | @@ -66,6 +66,8 @@ void ERR_TSS_error(int function, int rea |
213 | #define TPM_F_TPM_FILL_RSA_OBJECT 116 | 213 | #define TPM_F_TPM_FILL_RSA_OBJECT 116 |
214 | #define TPM_F_TPM_ENGINE_GET_AUTH 117 | 214 | #define TPM_F_TPM_ENGINE_GET_AUTH 117 |
215 | #define TPM_F_TPM_CREATE_SRK_POLICY 118 | 215 | #define TPM_F_TPM_CREATE_SRK_POLICY 118 |
@@ -218,7 +218,7 @@ index 6316e0b..56ff202 100644 | |||
218 | 218 | ||
219 | /* Reason codes. */ | 219 | /* Reason codes. */ |
220 | #define TPM_R_ALREADY_LOADED 100 | 220 | #define TPM_R_ALREADY_LOADED 100 |
221 | @@ -96,6 +98,8 @@ void ERR_TSS_error(int function, int reason, char *file, int line); | 221 | @@ -96,6 +98,8 @@ void ERR_TSS_error(int function, int rea |
222 | #define TPM_R_ID_INVALID 125 | 222 | #define TPM_R_ID_INVALID 125 |
223 | #define TPM_R_UI_METHOD_FAILED 126 | 223 | #define TPM_R_UI_METHOD_FAILED 126 |
224 | #define TPM_R_UNKNOWN_SECRET_MODE 127 | 224 | #define TPM_R_UNKNOWN_SECRET_MODE 127 |
@@ -227,11 +227,11 @@ index 6316e0b..56ff202 100644 | |||
227 | 227 | ||
228 | /* structure pointed to by the RSA object's app_data pointer */ | 228 | /* structure pointed to by the RSA object's app_data pointer */ |
229 | struct rsa_app_data | 229 | struct rsa_app_data |
230 | diff --git a/e_tpm_err.c b/e_tpm_err.c | 230 | Index: git/src/e_tpm_err.c |
231 | index 25a5d0f..439e267 100644 | 231 | =================================================================== |
232 | --- a/e_tpm_err.c | 232 | --- git.orig/src/e_tpm_err.c |
233 | +++ b/e_tpm_err.c | 233 | +++ git/src/e_tpm_err.c |
234 | @@ -235,6 +235,8 @@ static ERR_STRING_DATA TPM_str_functs[] = { | 234 | @@ -234,6 +234,8 @@ static ERR_STRING_DATA TPM_str_functs[] |
235 | {ERR_PACK(0, TPM_F_TPM_BIND_FN, 0), "TPM_BIND_FN"}, | 235 | {ERR_PACK(0, TPM_F_TPM_BIND_FN, 0), "TPM_BIND_FN"}, |
236 | {ERR_PACK(0, TPM_F_TPM_FILL_RSA_OBJECT, 0), "TPM_FILL_RSA_OBJECT"}, | 236 | {ERR_PACK(0, TPM_F_TPM_FILL_RSA_OBJECT, 0), "TPM_FILL_RSA_OBJECT"}, |
237 | {ERR_PACK(0, TPM_F_TPM_ENGINE_GET_AUTH, 0), "TPM_ENGINE_GET_AUTH"}, | 237 | {ERR_PACK(0, TPM_F_TPM_ENGINE_GET_AUTH, 0), "TPM_ENGINE_GET_AUTH"}, |
@@ -240,7 +240,7 @@ index 25a5d0f..439e267 100644 | |||
240 | {0, NULL} | 240 | {0, NULL} |
241 | }; | 241 | }; |
242 | 242 | ||
243 | @@ -265,6 +267,8 @@ static ERR_STRING_DATA TPM_str_reasons[] = { | 243 | @@ -264,6 +266,8 @@ static ERR_STRING_DATA TPM_str_reasons[] |
244 | {TPM_R_FILE_READ_FAILED, "failed reading the key file"}, | 244 | {TPM_R_FILE_READ_FAILED, "failed reading the key file"}, |
245 | {TPM_R_ID_INVALID, "engine id doesn't match"}, | 245 | {TPM_R_ID_INVALID, "engine id doesn't match"}, |
246 | {TPM_R_UI_METHOD_FAILED, "ui function failed"}, | 246 | {TPM_R_UI_METHOD_FAILED, "ui function failed"}, |
@@ -249,6 +249,3 @@ index 25a5d0f..439e267 100644 | |||
249 | {0, NULL} | 249 | {0, NULL} |
250 | }; | 250 | }; |
251 | 251 | ||
252 | -- | ||
253 | 2.9.3 | ||
254 | |||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch index 076704d..535472a 100644 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch | |||
@@ -15,11 +15,11 @@ Signed-off-by: Meng Li <Meng.Li@windriver.com> | |||
15 | create_tpm_key.c | 3 ++- | 15 | create_tpm_key.c | 3 ++- |
16 | 1 file changed, 2 insertions(+), 1 deletion(-) | 16 | 1 file changed, 2 insertions(+), 1 deletion(-) |
17 | 17 | ||
18 | diff --git a/create_tpm_key.c b/create_tpm_key.c | 18 | Index: git/src/create_tpm_key.c |
19 | index 7b94d62..f30af90 100644 | 19 | =================================================================== |
20 | --- a/create_tpm_key.c | 20 | --- git.orig/src/create_tpm_key.c |
21 | +++ b/create_tpm_key.c | 21 | +++ git/src/create_tpm_key.c |
22 | @@ -148,7 +148,8 @@ int main(int argc, char **argv) | 22 | @@ -155,7 +155,8 @@ int main(int argc, char **argv) |
23 | ASN1_OCTET_STRING *blob_str; | 23 | ASN1_OCTET_STRING *blob_str; |
24 | unsigned char *blob_asn1 = NULL; | 24 | unsigned char *blob_asn1 = NULL; |
25 | int asn1_len; | 25 | int asn1_len; |
@@ -29,6 +29,3 @@ index 7b94d62..f30af90 100644 | |||
29 | int option_index, auth = 0, popup = 0, wrap = 0; | 29 | int option_index, auth = 0, popup = 0, wrap = 0; |
30 | int wellknownkey = 0; | 30 | int wellknownkey = 0; |
31 | UINT32 enc_scheme = TSS_ES_RSAESPKCSV15; | 31 | UINT32 enc_scheme = TSS_ES_RSAESPKCSV15; |
32 | -- | ||
33 | 1.7.9.5 | ||
34 | |||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/files/openssl11_build_fix.patch b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/openssl11_build_fix.patch new file mode 100644 index 0000000..2f8eb81 --- /dev/null +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/files/openssl11_build_fix.patch | |||
@@ -0,0 +1,34 @@ | |||
1 | Fix compiling for openssl 1.1 | ||
2 | |||
3 | Upstream-Status: Pending | ||
4 | Signed-off-by: Armin Kuster <akuster808@gmail.com> | ||
5 | |||
6 | Index: git/src/e_tpm.c | ||
7 | =================================================================== | ||
8 | --- git.orig/src/e_tpm.c | ||
9 | +++ git/src/e_tpm.c | ||
10 | @@ -265,19 +265,20 @@ static int tpm_decode_base64(unsigned ch | ||
11 | int *out_len) | ||
12 | { | ||
13 | int total_len, len, ret; | ||
14 | - EVP_ENCODE_CTX dctx; | ||
15 | + EVP_ENCODE_CTX *dctx; | ||
16 | |||
17 | - EVP_DecodeInit(&dctx); | ||
18 | + dctx = EVP_ENCODE_CTX_new(); | ||
19 | + EVP_DecodeInit(dctx); | ||
20 | |||
21 | total_len = 0; | ||
22 | - ret = EVP_DecodeUpdate(&dctx, outdata, &len, indata, in_len); | ||
23 | + ret = EVP_DecodeUpdate(dctx, outdata, &len, indata, in_len); | ||
24 | if (ret < 0) { | ||
25 | TSSerr(TPM_F_TPM_DECODE_BASE64, TPM_R_DECODE_BASE64_FAILED); | ||
26 | return 1; | ||
27 | } | ||
28 | |||
29 | total_len += len; | ||
30 | - ret = EVP_DecodeFinal(&dctx, outdata, &len); | ||
31 | + ret = EVP_DecodeFinal(dctx, outdata, &len); | ||
32 | if (ret < 0) { | ||
33 | TSSerr(TPM_F_TPM_DECODE_BASE64, TPM_R_DECODE_BASE64_FAILED); | ||
34 | return 1; | ||
diff --git a/meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.4.2.bb b/meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.5.0.bb index 4854f70..0f98b79 100644 --- a/meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.4.2.bb +++ b/meta-tpm/recipes-tpm/openssl-tpm-engine/openssl-tpm-engine_0.5.0.bb | |||
@@ -1,5 +1,5 @@ | |||
1 | DESCRIPTION = "OpenSSL secure engine based on TPM hardware" | 1 | DESCRIPTION = "OpenSSL secure engine based on TPM hardware" |
2 | HOMEPAGE = "https://sourceforge.net/projects/trousers/" | 2 | HOMEPAGE = "https://github.com/mgerstner/openssl_tpm_engine" |
3 | SECTION = "security/tpm" | 3 | SECTION = "security/tpm" |
4 | 4 | ||
5 | LICENSE = "openssl" | 5 | LICENSE = "openssl" |
@@ -8,18 +8,18 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=11f0ee3af475c85b907426e285c9bb52" | |||
8 | DEPENDS += "openssl trousers" | 8 | DEPENDS += "openssl trousers" |
9 | 9 | ||
10 | SRC_URI = "\ | 10 | SRC_URI = "\ |
11 | git://git.code.sf.net/p/trousers/openssl_tpm_engine \ | 11 | git://github.com/mgerstner/openssl_tpm_engine.git \ |
12 | file://0001-create-tpm-key-support-well-known-key-option.patch \ | 12 | file://0001-create-tpm-key-support-well-known-key-option.patch \ |
13 | file://0002-libtpm-support-env-TPM_SRK_PW.patch \ | 13 | file://0002-libtpm-support-env-TPM_SRK_PW.patch \ |
14 | file://0003-Fix-not-building-libtpm.la.patch \ | ||
15 | file://0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch \ | 14 | file://0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch \ |
16 | file://0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch \ | 15 | file://0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch \ |
16 | file://openssl11_build_fix.patch \ | ||
17 | " | 17 | " |
18 | SRCREV = "bbc2b1af809f20686e0d3553a62f0175742c0d60" | 18 | SRCREV = "b28de5065e6eb9aa5d5afe2276904f7624c2cbaf" |
19 | 19 | ||
20 | S = "${WORKDIR}/git" | 20 | S = "${WORKDIR}/git" |
21 | 21 | ||
22 | inherit autotools-brokensep | 22 | inherit autotools-brokensep pkgconfig |
23 | 23 | ||
24 | # The definitions below are used to decrypt the srk password. | 24 | # The definitions below are used to decrypt the srk password. |
25 | # It is allowed to define the values in 3 forms: string, hex number and | 25 | # It is allowed to define the values in 3 forms: string, hex number and |
@@ -41,35 +41,22 @@ CFLAGS_append += "-DSRK_DEC_PW=${srk_dec_pw} -DSRK_DEC_SALT=${srk_dec_salt}" | |||
41 | #CFLAGS_append += "-DTPM_SRK_PLAIN_PW" | 41 | #CFLAGS_append += "-DTPM_SRK_PLAIN_PW" |
42 | 42 | ||
43 | do_configure_prepend() { | 43 | do_configure_prepend() { |
44 | cd "${S}" | 44 | cd ${B} |
45 | cp LICENSE COPYING | 45 | cp LICENSE COPYING |
46 | touch NEWS AUTHORS ChangeLog | 46 | touch NEWS AUTHORS ChangeLog README |
47 | } | 47 | } |
48 | 48 | ||
49 | do_install_append() { | 49 | FILES_${PN}-staticdev += "${libdir}/ssl/engines-1.1/tpm.la" |
50 | install -m 0755 -d "${D}${libdir}/engines" | ||
51 | install -m 0755 -d "${D}${prefix}/local/ssl/lib/engines" | ||
52 | install -m 0755 -d "${D}${libdir}/ssl/engines" | ||
53 | |||
54 | cp -f "${D}${libdir}/openssl/engines/libtpm.so.0.0.0" "${D}${libdir}/libtpm.so.0" | ||
55 | cp -f "${D}${libdir}/openssl/engines/libtpm.so.0.0.0" "${D}${libdir}/engines/libtpm.so" | ||
56 | cp -f "${D}${libdir}/openssl/engines/libtpm.so.0.0.0" "${D}${prefix}/local/ssl/lib/engines/libtpm.so" | ||
57 | mv -f "${D}${libdir}/openssl/engines/libtpm.so.0.0.0" "${D}${libdir}/ssl/engines/libtpm.so" | ||
58 | mv -f "${D}${libdir}/openssl/engines/libtpm.la" "${D}${libdir}/ssl/engines/libtpm.la" | ||
59 | rm -rf "${D}${libdir}/openssl" | ||
60 | } | ||
61 | |||
62 | FILES_${PN}-staticdev += "${libdir}/ssl/engines/libtpm.la" | ||
63 | FILES_${PN}-dbg += "\ | 50 | FILES_${PN}-dbg += "\ |
64 | ${libdir}/ssl/engines/.debug \ | 51 | ${libdir}/ssl/engines-1.1/.debug \ |
65 | ${libdir}/engines/.debug \ | 52 | ${libdir}/engines-1.1/.debug \ |
66 | ${prefix}/local/ssl/lib/engines/.debug \ | 53 | ${prefix}/local/ssl/lib/engines-1.1/.debug \ |
67 | " | 54 | " |
68 | FILES_${PN} += "\ | 55 | FILES_${PN} += "\ |
69 | ${libdir}/ssl/engines/libtpm.so* \ | 56 | ${libdir}/ssl/engines-1.1/tpm.so* \ |
70 | ${libdir}/engines/libtpm.so* \ | 57 | ${libdir}/engines-1.1/tpm.so* \ |
71 | ${libdir}/libtpm.so* \ | 58 | ${libdir}/libtpm.so* \ |
72 | ${prefix}/local/ssl/lib/engines/libtpm.so* \ | 59 | ${prefix}/local/ssl/lib/engines-1.1/tpm.so* \ |
73 | " | 60 | " |
74 | 61 | ||
75 | RDEPENDS_${PN} += "libcrypto libtspi" | 62 | RDEPENDS_${PN} += "libcrypto libtspi" |