rpms/openssl-ibmca
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- updated to 2.2.3

Browse Source
This commit is contained in:
Dan Horák 2022-03-21 17:28:10 +01:00
parent 333e3d9cb8
commit 780e52e578
3 changed files with 79 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
e59cce5af547cc4cbda2a1bce1eb2b89e959ae99.patch Normal file
View File

@ -0,0 +1,72 @@
From e59cce5af547cc4cbda2a1bce1eb2b89e959ae99 Mon Sep 17 00:00:00 2001
From: Juergen Christ <jchrist@linux.ibm.com>
Date: Mon, 21 Mar 2022 15:27:40 +0100
Subject: [PATCH] Fix compilation for OpenSSL 3.0
ECX_KEY structure as used by engine is not public API in OpenSSL 3.0 and
should not be included via a private header. This forced the engine to only
compile if the OpenSSL 3.0 source tree is present. While this might be the
cleaner solution, we now copy out the defines to be used. This makes the
engine compile even without OpenSSL 3.0 source tree.
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
---
src/engine/openssl-compat.h | 36 ++++++++++++++++++++++++++++--------
1 file changed, 28 insertions(+), 8 deletions(-)
diff --git a/src/openssl-compat.h b/src/openssl-compat.h
index 0013365b..aae40dab 100644
--- a/src/openssl-compat.h
+++ b/src/openssl-compat.h
@@ -19,9 +19,36 @@
#include <openssl/opensslv.h>
+typedef enum {
+ ECX_KEY_TYPE_X25519,
+ ECX_KEY_TYPE_X448,
+ ECX_KEY_TYPE_ED25519,
+ ECX_KEY_TYPE_ED448
+} ECX_KEY_TYPE;
+
#ifdef OPENSSL_VERSION_PREREQ
/* This is 3.x */
-#include <crypto/evp.h>
+
+# define X25519_KEYLEN 32
+# define X448_KEYLEN 56
+# define ED25519_KEYLEN 32
+# define ED448_KEYLEN 57
+
+# define MAX_KEYLEN ED448_KEYLEN
+
+typedef int CRYPTO_REF_COUNT;
+
+typedef struct ecx_key_st {
+ OSSL_LIB_CTX *libctx;
+ char *propq;
+ unsigned int haspubkey:1;
+ unsigned char pubkey[MAX_KEYLEN];
+ unsigned char *privkey;
+ size_t keylen;
+ ECX_KEY_TYPE type;
+ CRYPTO_REF_COUNT references;
+ CRYPTO_RWLOCK *lock;
+} ECX_KEY;
static inline ECX_KEY *ossl_ecx_key_new_simple(ECX_KEY_TYPE type)
{
@@ -94,13 +121,6 @@ typedef struct {
unsigned char *priv;
} ECX_KEY;
-typedef enum {
- ECX_KEY_TYPE_X25519,
- ECX_KEY_TYPE_X448,
- ECX_KEY_TYPE_ED25519,
- ECX_KEY_TYPE_ED448
-} ECX_KEY_TYPE;
-
static inline ECX_KEY *ossl_ecx_key_new_simple(ECX_KEY_TYPE type)
{
return calloc(1, sizeof(ECX_KEY));

7
openssl-ibmca.spec
View File

@ -2,11 +2,13 @@
Summary: A dynamic OpenSSL engine for IBMCA Summary: A dynamic OpenSSL engine for IBMCA
Name: openssl-ibmca Name: openssl-ibmca
Version: 2.2.2 Version: 2.2.3
Release: 1%{?dist} Release: 1%{?dist}
License: ASL 2.0 License: ASL 2.0
URL: https://github.com/opencryptoki URL: https://github.com/opencryptoki
Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz
# fix build with openssl 3.0
Patch0: https://github.com/opencryptoki/openssl-ibmca/commit/e59cce5af547cc4cbda2a1bce1eb2b89e959ae99.patch
Requires: libica >= 4.0.0 Requires: libica >= 4.0.0
BuildRequires: make BuildRequires: make
BuildRequires: gcc BuildRequires: gcc
@ -55,6 +57,9 @@ make check
%changelog %changelog
* Mon Mar 21 2022 Dan Horák <dan@danny.cz> - 2.2.3-1
- updated to 2.2.3
* Mon Jan 31 2022 Dan Horák <dan@danny.cz> - 2.2.2-1 * Mon Jan 31 2022 Dan Horák <dan@danny.cz> - 2.2.2-1
- updated to 2.2.2 - updated to 2.2.2

2
sources
View File

@ -1 +1 @@
SHA512 (openssl-ibmca-2.2.2.tar.gz) = c9f2ea35671b9d3915d561b3ce495d9ba8e29c2623f076f291c9165bd118585d023cd39310508cff32d4c8c0acb688b3ade59d5d59b20cb3ac98bc79017c1795 SHA512 (openssl-ibmca-2.2.3.tar.gz) = aee69bc392d6656a52a228cebb3aa8f4a28c23ae56e90a910244dfa7571713e9a65912ac41118e8df96e8a0ae6e622ff4ebf45879a2b8f69051422f11999a6ac