mirrors/meta-secure-core
1
0
Fork 0
mirror of https://github.com/jiazhang0/meta-secure-core.git synced 2026-01-12 01:00:15 +00:00
Code Issues Projects Releases Wiki Activity

sbsigntool: fix openssl-3.0 issue involving ASN1_ITEM TYPE_it

Browse Source 
Use ASN1_ITEM_rptr() instead of taking the address of IDC_PEID_it.

Openssl-3.0 changed the type of TYPE_it from `const ASN1_ITEM TYPE_it`
to `const ASN1_ITEM *TYPE_it(void)`. This was previously hidden behind
OPENSSL_EXPORT_VAR_AS_FUNCTION but in 3.0 only the function version is
available. This change should have been transparent to the application,
but only if the `ASN1_ITEM_rptr()` macro is used.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
This commit is contained in:
Yi Zhao
2021-10-21 12:45:41 +08:00
committed by Jia Zhang
parent 4dc1be23d9
commit b308dc89ac
2 changed files with 42 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
meta-signing-key/recipes-devtools/sbsigntool/sbsigntool/0001-Fix-openssl-3.0-issue-involving-ASN1-xxx_it.patch Normal file
View File

@@ -0,0 +1,41 @@
From d1213b12bafce346f72adeeb01adf9c8fc7a1bd5 Mon Sep 17 00:00:00 2001
From: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Date: Thu, 21 Oct 2021 11:57:00 +0800
Subject: [PATCH] Fix openssl-3.0 issue involving ASN1 xxx_it
Use ASN1_ITEM_rptr() instead of taking the address of IDC_PEID_it.
openssl-3.0 changed the type of TYPE_it from `const ASN1_ITEM TYPE_it`
to `const ASN1_ITEM *TYPE_it(void)`. This was previously hidden behind
OPENSSL_EXPORT_VAR_AS_FUNCTION but in 3.0 only the function version is
available. This change should have been transparent to the application,
but only if the `ASN1_ITEM_rptr()` macro is used.
This change passes `make check` with both openssl 1.1 and 3.0.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Upstream-Status: Backport
[https://groups.io/g/sbsigntools/message/54]
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
src/idc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/idc.c b/src/idc.c
index 6d87bd4..0a82218 100644
--- a/src/idc.c
+++ b/src/idc.c
@@ -189,7 +189,7 @@ int IDC_set(PKCS7 *p7, PKCS7_SIGNER_INFO *si, struct image *image)
idc->data->type = OBJ_nid2obj(peid_nid);
idc->data->value = ASN1_TYPE_new();
- type_set_sequence(image, idc->data->value, peid, &IDC_PEID_it);
+ type_set_sequence(image, idc->data->value, peid, ASN1_ITEM_rptr(IDC_PEID));
idc->digest->alg->parameter = ASN1_TYPE_new();
idc->digest->alg->algorithm = OBJ_nid2obj(NID_sha256);
--
2.25.1

1
meta-signing-key/recipes-devtools/sbsigntool/sbsigntool_git.bb
View File

@@ -19,6 +19,7 @@ SRC_URI = " \
file://0001-src-Makefile.am-Add-read_write_all.c-to-common_SOURC.patch \
file://0001-fileio.c-initialize-local-variables-before-use-in-fu.patch \
file://0001-Makefile.am-do-not-use-Werror.patch \
file://0001-Fix-openssl-3.0-issue-involving-ASN1-xxx_it.patch \
"
SRCREV_sbsigntools ?= "f12484869c9590682ac3253d583bf59b890bb826"
SRCREV_ccan ?= "b1f28e17227f2320d07fe052a8a48942fe17caa5"