1. Messages
  2. [meta-security][PATCH 2/6] tpm2-openssl: update to 1.1.0

[meta-security][PATCH 2/6] tpm2-openssl: update to 1.1.0

Petr Gotthard
 

Also, the recipe is fixed to correctly package the openssl provider.

This new tpm2-openssl:
- Fixed segmentation fault when a signature algorithm is beging initialized
without a private key.
- Fixed RSA/EC key equality checks. Works with OpenSSL 3.0.1.
- Added support for the `TPM2OPENSSL_PARENT_AUTH` environment variable.

Signed-off-by: Petr Gotthard <petr.gotthard@...>
---
.../tpm2-openssl/tpm2-openssl_1.0.bb | 11 -----------
.../tpm2-openssl/tpm2-openssl_1.1.0.bb | 19 +++++++++++++++++++
2 files changed, 19 insertions(+), 11 deletions(-)
delete mode 100644 meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.0.bb
create mode 100644 meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.1.0.bb

diff --git a/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.0.bb b/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.0.bb
deleted file mode 100644
index f6a694c..0000000
--- a/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.0.bb
+++ /dev/null
@@ -1,11 +0,0 @@
-SUMMARY = "Provider for integration of TPM 2.0 to OpenSSL 3.0"
-LICENSE = "BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=b75785ac083d3c3ca04d99d9e4e1fbab"
-
-SRC_URI = "git://github.com/tpm2-software/tpm2-openssl.git;protocol=https;branch=master"
-
-SRCREV = "66e34f9e45c3697590cced1e4d3f35993a822f8b"
-
-S = "${WORKDIR}/git"
-
-inherit pkgconfig
diff --git a/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.1.0.bb b/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.1.0.bb
new file mode 100644
index 0000000..55061c9
--- /dev/null
+++ b/meta-tpm/recipes-tpm2/tpm2-openssl/tpm2-openssl_1.1.0.bb
@@ -0,0 +1,19 @@
+SUMMARY = "Provider for integration of TPM 2.0 to OpenSSL 3.0"
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=b75785ac083d3c3ca04d99d9e4e1fbab"
+
+DEPENDS = "autoconf-archive-native tpm2-tss openssl"
+
+SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz"
+
+SRC_URI[sha256sum] = "eedcc0b72ad6d232e6f9f55a780290c4d33a4d06efca9314f8a36d7384eb1dfc"
+
+inherit autotools pkgconfig
+
+do_configure:prepend() {
+ # do not extract the version number from git
+ sed -i -e 's/m4_esyscmd_s(\[git describe --tags --always --dirty\])/${PV}/' ${S}/configure.ac
+}
+
+FILES:${PN} = "\
+ ${libdir}/ossl-modules/tpm2.so"
--
2.25.1
Join {yocto@lists.yoctoproject.org to automatically receive all group messages.