From patchwork Sun Apr 10 15:30:48 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Gotthard X-Patchwork-Id: 6501 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 18B4CC4707E for ; Mon, 11 Apr 2022 17:17:58 +0000 (UTC) Received: from APC01-TYZ-obe.outbound.protection.outlook.com (APC01-TYZ-obe.outbound.protection.outlook.com [40.107.117.63]) by mx.groups.io with SMTP id smtpd.web10.18118.1649604650148027027 for ; Sun, 10 Apr 2022 08:30:51 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@advantech.cz header.s=selector1 header.b=JGkcxpNz; spf=pass (domain: advantech.cz, ip: 40.107.117.63, mailfrom: petr.gotthard@advantech.cz) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RDLAfAL1lRAFJWlXMoltcMhL0Zb0KBNxzPyc98fanK3hYKqSVBN7Xg6WJZR89C6N8YGNvGLfRvLsdJx8BFp5BLtvr52S9hWiKTKwX3AdhYDkoGGh3SF0+Iw8tgLXLvH5Aq3ut3vgehjpAEZzRp9e2Y/UpLzP5a5rjljeJhej4kdzmgl1NAVz0uQ+TF0MHz/XD+CUtAPlKw63KjuYRdYeALafVjsBLtRE8QfZbpTnz7DbjE8C/+XfrP6V7K6BTtvF0xtMiMfABHE1Mg2cnf3oX2ELRUXTh9YZ3o0YVqsdPE5ZeBp25EhzUFX1O0//l/bVu8QrCwfmrFigJT7P+OEJuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=tjTw0h6WO9urbcyh/qZxu94V7o2AAkOAsPXxSSClWoU=; b=nzuWNQDEktAukWe1Gf+XCQUiJdlwwE23IgeLbjA4XCrQ0WrzaNAZLXrTaVJsA9ifhqltN+pfFjJQlmNJaqt0IC0Xn3xnQ3oPvUl2PHSkk7BpjyaSqOyDHK0tM4W0QnjISuajULtcEoRl5gCjMMdhJFIsw5XRYLx3D1DtHYwtSVSBLfWA6yaz6VwC4JHTll+wBChVazwQvbC7l58VcqtTcxFuVUmD95xaFAMQuqzy37NWIIBvo7HibQJGiaQhhrBF9s+upNqoL2OaBjJ9i7qQXfUwlMd0tVZhzGv+uarBQxtxAaZ8sOayIen5v82vnxJclAfEG9UpPjnMM4LDYop0jg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=advantech.cz; dmarc=pass action=none header.from=advantech.cz; dkim=pass header.d=advantech.cz; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=advantech.cz; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tjTw0h6WO9urbcyh/qZxu94V7o2AAkOAsPXxSSClWoU=; b=JGkcxpNzUrtR+VDDokEUsWj7VcrMadx+h0Eklg2qjx2ErwwfewvdaSb/dOa9llfDrkHZ1uRO/F1Wnr/YhC9+1QbngaYUAO3ipwhOPMPfBnX5J0FU21GCr108YGax8AOIifGK2YnGbPR9LqlWgyg3iLDqdJR9mKvMHHabcnUK4as3vYw1o6Wlh7M7WaGIPLNrMnJxGP+GdLqRrh9TxAaC0Ncvu76fX4IcMzQowUqDzbLLIpsgZ66zy1tjiias8jhNLvNuwdQnw6ft4o4dZMbB+j//Ne7GDN96mMVwa3U97gPxzmiQDmm2PlWsFnxUmDCEhpgZNCFkKqqD1vU1+d561A== Received: from TY2PR02MB3678.apcprd02.prod.outlook.com (2603:1096:404:b7::12) by SEYPR02MB5965.apcprd02.prod.outlook.com (2603:1096:101:84::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5144.29; Sun, 10 Apr 2022 15:30:48 +0000 Received: from TY2PR02MB3678.apcprd02.prod.outlook.com ([fe80::b46d:269f:591f:7eff]) by TY2PR02MB3678.apcprd02.prod.outlook.com ([fe80::b46d:269f:591f:7eff%6]) with mapi id 15.20.5144.029; Sun, 10 Apr 2022 15:30:48 +0000 From: Petr Gotthard To: "yocto@lists.yoctoproject.org" Subject: [meta-security][PATCH 2/6] tpm2-openssl: update to 1.1.0 Thread-Topic: [meta-security][PATCH 2/6] tpm2-openssl: update to 1.1.0 Thread-Index: AdhM7NlrjCixNpzjS+KMK8K5/skcfw== Date: Sun, 10 Apr 2022 15:30:48 +0000 Message-ID: Accept-Language: en-US Content-Language: cs-CZ X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=advantech.cz; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 9e7970fc-b92d-42f7-eda6-08da1b07167c x-ms-traffictypediagnostic: SEYPR02MB5965:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: +J6lKNndshFxooEHU18ApjJXmykfhyxElkwODp7JatwDwA9o4fodWzgVgJK/4c3jTfy0KWHBck+1+y1wSbKqa/gw/KWHW2VFWcp147PCuMyY7/VLfHnAJC6Ert0Gus1WE6rykwTT6DR3BLk9Q/3P4Dc6PFnkup9oJrLQ+HQx6+esc5TViW0boHJDXX7gA9OmOj/jbGsVNU1mbsG79O5c9SJbyH/WFJacl/UQIwJiJyhWINauh2Ab/go5KKsxBSZCip540MiGUyoHgakgFQgyR6VFStXpRc83vlBvuAtnPnlTAZsHB9iaqfBYIL0p4gCcviEOT2g0oh+6E4rKxyvRqPhLtf1RVlxVGbDTpVaBpmWXmHkIpRig8SOPWVyqYKFoEMKQwEbS/9IB0Y8+1Eglhecs2NsAfOAUu6bO8N4J2oNIUA+8ZcOXcet3XtbyAQym0CO80upFeY9iXmgT+1NMvn+N4nRD5/Da6GWVbq6EA4tiUJ2ECnlgJxl90hKHbSX13xXOJoFi+nC/4yqzuScEqeoDJVjsZMcjEoh5HR3zFlQdsHH5+Ur8d/vcWSWLsqBj2HbPO0z3fc7/PUP4U31Gf1UiFvYLNCfAqoE5eTFL+rCmEdp6Kwl4Vrn804PDgqRvOJKhPEoFcOkoaJBADLETrXRuyYkvpt56tjpwvlzVoqtGLPfkzLMGiWH2k2nV2WxcLSaB2n1dRq/pBysDiCFWr15prbszClAw0XjNrZ2Fng2ksyPaVBf9bYsquv9emyjcDIv5fbS6f1b9KfyfcuMeHfV022c10Mhmfo9yYzxFtww= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:TY2PR02MB3678.apcprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(186003)(83380400001)(86362001)(26005)(52536014)(8936002)(9686003)(7696005)(6506007)(508600001)(2906002)(55016003)(5660300002)(8676002)(38070700005)(71200400001)(33656002)(66946007)(66446008)(76116006)(122000001)(38100700002)(44832011)(316002)(66476007)(66556008)(64756008)(6916009);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?q?JV9RxiaXGx/3Tx4WHVtjAouq0/VU?= =?utf-8?q?IxbdDfI6iYQ8KYFKg0nvCo5MpAk8Y4BeN/8olv4ghPuYMqBF4iK4ikr/kSH0UpriT?= =?utf-8?q?+8hagjDF4oGc2O56FFDiMm5lHGrvTJGp84BqnJ2FAOEI+bhCHemu1BoYczYwJ05yh?= =?utf-8?q?TWJyxsAY2bsy1E7n176ruyH2qZxg46t1bTwb350A+c6XYtvwuXJ2C/5vsuZUCtQj8?= =?utf-8?q?pMncwkrKr6QLWGTVfbzGSVWAWJCoOKmWgJ48gI/CmL+X65bJE5zMeCP6t4+n3iaFe?= =?utf-8?q?In9e3C7bBwPyfTCoMp9vuu0z8SjD5qy0A3+jQqpAWvmgtQRJ8SI1zeiEOgHv713+D?= =?utf-8?q?Vt0JcBDaiaFwPqtEwWOzYtc9XMAOR8Hr4zZpkottjzh2kNY+zafG5vIZEf2F6fgVs?= =?utf-8?q?/q6vLNR6R8l21WVpY6cEPs9eMqrl7ctCa8yxcq+Y+A+Bz6JF719sGi3DfJYhC5NYE?= =?utf-8?q?+loMjKUX9zFXziHE/8dAlu/kxqnFzC54ocrXAUeOz9c4MP/gQhXQhTCwZIIhw6TNd?= =?utf-8?q?2tjX1MigBNWJtGQWW21m+oLBe/NWLuPiyWeQEkDEtmmc7qZseHzZZRC8MdKIgAXRN?= =?utf-8?q?Ojt2T3V7fIzm9SExT5BCI+LBJlzNUS1bHtbX+VYwdg2vI/e8oMItsa1Y1afEq/+U4?= =?utf-8?q?5qzMzeStUFxodLahVrx5YTi9FajvZ90NkkX4FJ3kFbnsOyOetfx/8gn61YqJ9cXdG?= =?utf-8?q?WEf8hItjwwbHTo3oqyp6ngPgYB/UHGsyzRf8S4oPilu5oEIJEBkru5jZxQ4VUCMLt?= =?utf-8?q?oVra6SQASrb1UGXat+/25WRlHhp1sFOk0SXjG2+6qnpCu9iV9D6sUI7Mcx3N5uvIn?= =?utf-8?q?K0J50NNJ2K6eyANdyAFzblVoNszTeuDArs3EzynEUoaHSgZzGgfaBBn4AptfxPOsS?= =?utf-8?q?nnPnE9Js5u2FH1vReiGLY3YgbxH4r0rYUpeKblEdxudkyAdu/gX4Df9QwCWvFVmkp?= =?utf-8?q?npNb2hI4O8QvcJ/KjVENRoe9P9dPETbR33LjNY2do3vv/TBCAG2SHyqHouA3QTGQq?= =?utf-8?q?JYHNVvLLzKyF6Jo8++6J54OfhKywDM1oSp/w61L3qPUr1r8hv8cTijNUOV3n1wf1X?= =?utf-8?q?y5KqwbrG0Xv+38bSS5H5xAXsb3kV2YpsbRvDWXDTDOPZzSY2ko+dSByvym2F75tjB?= =?utf-8?q?RqrKYdTR+huEfvWoatk2MEEgWODPX6jk6jkxFBO7nPnHjLLW/mte6PZGczmCHiIX2?= =?utf-8?q?0B+HGawOlKhKPuTOwb7PaoIdiA1LHeAlAAi4n6Cm5FiZkjEX4vDrSr4ECrCae4x+L?= =?utf-8?q?CQFlP1GCkZtdUK3n3XpbxTGZ/JIuSXqTuCqOz5fyuvjNEqx7tCkWs7BpAvueIPCvx?= =?utf-8?q?D3ulolabll8Opk12evU64ibOUr3wEv3tgF4nTCF+swEU1264BAX0mDDUIgT8c6vPw?= =?utf-8?q?zj+X0bDRNhY2wvzw1ufIS17ekIJl2zx8uXT6Qww0Q1xzSINkd6VrmjedI+lSEKWTG?= =?utf-8?q?bHERODZlnWVgSNLceNDNUT65QOsCWTJYuJ3bsURftHYItrNMxY+kaXyEzbCJQxf9u?= =?utf-8?q?vrsCA3m/Ez3TeQRt20AxUWFPoEID3Aq7EFfMG6cprOEpAD/+D9b2GosRkRsDyAejB?= =?utf-8?q?epuFPW8Wl6SHLXldjgicUAM1UznoFlHHbpO81ZBBMesec7PkMYhK+TGYeOq1Tv/kt?= =?utf-8?q?kVq00c7wxKB53Z5b3auBUdNTqI1eSPMN9acI3Lhg/9IzLDBM4HhTI=3D?= MIME-Version: 1.0 X-OriginatorOrg: advantech.cz X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: TY2PR02MB3678.apcprd02.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9e7970fc-b92d-42f7-eda6-08da1b07167c X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Apr 2022 15:30:48.2041 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: a77d40d9-dcba-4dda-b571-5f18e6da853f X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ozhJGv5IzCoQ7+1QGCCGsc4sZKTNeXqG++nmF0KypBVE83m5DkGOTeGP22SKLfEYSKclokvSJq+EN2MUt9rR6omp64UkiXoP7naVyvV0IqQ= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEYPR02MB5965 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 11 Apr 2022 17:17:58 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/56705 Also, the recipe is fixed to correctly package the openssl provider. This new tpm2-openssl: - Fixed segmentation fault when a signature algorithm is beging initialized without a private key. - Fixed RSA/EC key equality checks. Works with OpenSSL 3.0.1. - Added support for the `TPM2OPENSSL_PARENT_AUTH` environment variable. Signed-off-by: Petr Gotthard --- .../tpm2-openssl/tpm2-openssl_1.0.bb | 11 ----------- .../tpm2-openssl/tpm2-openssl_1.1.0.bb | 19 +++++++++++++++++++ 2 files changed, 19 insertions(+), 11 deletions(-) delete mode 100644 meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.0.bb create mode 100644 meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.1.0.bb -- 2.25.1 diff --git a/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.0.bb b/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.0.bb deleted file mode 100644 index f6a694c..0000000 --- a/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.0.bb +++ /dev/null @@ -1,11 +0,0 @@ -SUMMARY = "Provider for integration of TPM 2.0 to OpenSSL 3.0" -LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=b75785ac083d3c3ca04d99d9e4e1fbab" - -SRC_URI = "git://github.com/tpm2-software/tpm2-openssl.git;protocol=https;branch=master" - -SRCREV = "66e34f9e45c3697590cced1e4d3f35993a822f8b" - -S = "${WORKDIR}/git" - -inherit pkgconfig diff --git a/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.1.0.bb b/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.1.0.bb new file mode 100644 index 0000000..55061c9 --- /dev/null +++ b/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.1.0.bb @@ -0,0 +1,19 @@ +SUMMARY = "Provider for integration of TPM 2.0 to OpenSSL 3.0" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=b75785ac083d3c3ca04d99d9e4e1fbab" + +DEPENDS = "autoconf-archive-native tpm2-tss openssl" + +SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz" + +SRC_URI[sha256sum] = "eedcc0b72ad6d232e6f9f55a780290c4d33a4d06efca9314f8a36d7384eb1dfc" + +inherit autotools pkgconfig + +do_configure:prepend() { + # do not extract the version number from git + sed -i -e 's/m4_esyscmd_s(\[git describe --tags --always --dirty\])/${PV}/' ${S}/configure.ac +} + +FILES:${PN} = "\ + ${libdir}/ossl-modules/tpm2.so"