diff options
Diffstat (limited to 'meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0002-ossl-require-version-1.1.0-or-greater.patch')
-rw-r--r-- | meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0002-ossl-require-version-1.1.0-or-greater.patch | 93 |
1 files changed, 0 insertions, 93 deletions
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0002-ossl-require-version-1.1.0-or-greater.patch b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0002-ossl-require-version-1.1.0-or-greater.patch deleted file mode 100644 index ef0a6dcde9..0000000000 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0002-ossl-require-version-1.1.0-or-greater.patch +++ /dev/null @@ -1,93 +0,0 @@ -From d33e5ef0b11125fe4683d7bfa17023e24997f587 Mon Sep 17 00:00:00 2001 -From: William Roberts <william.c.roberts@intel.com> -Date: Fri, 3 Sep 2021 11:30:50 -0500 -Subject: [PATCH 2/2] ossl: require version 1.1.0 or greater - -THIS DROPS SUPPORT FOR OSSL 1.0.2. - -Signed-off-by: William Roberts <william.c.roberts@intel.com> - -Upstream-Status: Backport -Signed-off-by: Armin Kuster <akuster808@gmail.com> ---- - configure.ac | 2 +- - src/lib/ssl_util.h | 43 +++++-------------------------------------- - 2 files changed, 6 insertions(+), 39 deletions(-) - -diff --git a/configure.ac b/configure.ac -index a7aeaf5..94fb5d4 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -55,7 +55,7 @@ PKG_CHECK_EXISTS([tss2-esys >= 3.0], - # require sqlite3 and libcrypto - PKG_CHECK_MODULES([SQLITE3], [sqlite3]) - PKG_CHECK_MODULES([YAML], [yaml-0.1]) --PKG_CHECK_MODULES([CRYPTO], [libcrypto >= 1.0.2g]) -+PKG_CHECK_MODULES([CRYPTO], [libcrypto >= 1.1.0]) - - # check for pthread - AX_PTHREAD([],[AC_MSG_ERROR([Cannot find pthread])]) -diff --git a/src/lib/ssl_util.h b/src/lib/ssl_util.h -index 9909fd6..2591728 100644 ---- a/src/lib/ssl_util.h -+++ b/src/lib/ssl_util.h -@@ -15,51 +15,18 @@ - #include "log.h" - #include "twist.h" - --#if (OPENSSL_VERSION_NUMBER < 0x1010000fL && !defined(LIBRESSL_VERSION_NUMBER)) || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L) /* OpenSSL 1.1.0 */ --#define LIB_TPM2_OPENSSL_OPENSSL_PRE11 --/* LibreSSL does not appear to have evperr.h, so their is no need to define this otherwise */ --#elif (OPENSSL_VERSION_NUMBER >= 0x1010100fL) /* OpenSSL 1.1.1 */ -+#if (OPENSSL_VERSION_NUMBER >= 0x1010100fL) /* OpenSSL 1.1.1 */ - #define LIB_TPM2_OPENSSL_OPENSSL_POST111 0x1010100f - #endif - --#if (OPENSSL_VERSION_NUMBER >= 0x30000000) /* OpenSSL 3.0.0 */ --#define LIB_TPM2_OPENSSL_OPENSSL_POST300 0x1010100f -+#if defined(LIB_TPM2_OPENSSL_OPENSSL_POST111) -+#include <openssl/evperr.h> - #endif - --/* OpenSSL Backwards Compat APIs */ --#if defined(LIB_TPM2_OPENSSL_OPENSSL_PRE11) --#include <string.h> --size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point, -- point_conversion_form_t form, -- unsigned char **pbuf, BN_CTX *ctx); -- --const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *x); -- --int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); -- --int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); -- --EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey); -- --static inline void *OPENSSL_memdup(const void *dup, size_t l) { -- -- void *p = OPENSSL_malloc(l); -- if (!p) { -- return NULL; -- } -- -- memcpy(p, dup, l); -- return p; --} -- --#endif -- --#ifndef RSA_PSS_SALTLEN_DIGEST --#define RSA_PSS_SALTLEN_DIGEST -1 -+#if (OPENSSL_VERSION_NUMBER >= 0x30000000) /* OpenSSL 3.0.0 */ -+#define LIB_TPM2_OPENSSL_OPENSSL_POST300 0x1010100f - #endif - --/* Utility APIs */ -- - #define SSL_UTIL_LOGE(m) LOGE("%s: %s", m, ERR_error_string(ERR_get_error(), NULL)); - - CK_RV ssl_util_attrs_to_evp(attr_list *attrs, EVP_PKEY **outpkey); --- -2.25.1 - |