[openssl-ibmca] - Set proper key signature flag (#1075474)
Dan Horák
sharkcz at fedoraproject.org
Wed Mar 19 20:34:58 UTC 2014
commit 3194a86aa99e269a7280eafcf8b68156f96ae6af
Author: Dan Horák <dan at danny.cz>
Date: Wed Mar 19 21:34:57 2014 +0100
- Set proper key signature flag (#1075474)
openssl-ibmca-1.2.0-sha256-length.patch | 15 +++++++++++--
openssl-ibmca-1.2.0-signature-flag.patch | 31 ++++++++++++++++++++++++++++++
openssl-ibmca.spec | 9 ++++++-
3 files changed, 50 insertions(+), 5 deletions(-)
---
diff --git a/openssl-ibmca-1.2.0-sha256-length.patch b/openssl-ibmca-1.2.0-sha256-length.patch
index deb312f..9c52e60 100644
--- a/openssl-ibmca-1.2.0-sha256-length.patch
+++ b/openssl-ibmca-1.2.0-sha256-length.patch
@@ -1,6 +1,15 @@
-diff -up openssl-ibmca-1.2.0/e_ibmca.c.1074976 openssl-ibmca-1.2.0/e_ibmca.c
---- openssl-ibmca-1.2.0/e_ibmca.c.1074976 2014-03-12 16:17:01.662178599 +0100
-+++ openssl-ibmca-1.2.0/e_ibmca.c 2014-03-12 16:17:25.582178365 +0100
+commit f204aca935dfe45b736e9fb8f822c9e79ec9747c
+Author: Ingo Tuchscherer <ingo.tuchscherer at linux.vnet.ibm.com>
+Date: Fri Mar 7 10:35:33 2014 +0100
+
+ SHA256: Fixed message digest length definition in sha256 template
+
+ Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer at linux.vnet.ibm.com>
+
+diff --git a/e_ibmca.c b/e_ibmca.c
+index 94c44a4..f3fad35 100644
+--- a/e_ibmca.c
++++ b/e_ibmca.c
@@ -727,7 +727,7 @@ static const EVP_MD ibmca_sha1 = {
static const EVP_MD ibmca_sha256 = {
NID_sha256,
diff --git a/openssl-ibmca-1.2.0-signature-flag.patch b/openssl-ibmca-1.2.0-signature-flag.patch
new file mode 100644
index 0000000..43cc1be
--- /dev/null
+++ b/openssl-ibmca-1.2.0-signature-flag.patch
@@ -0,0 +1,31 @@
+commit 6cdca2c3d655ef19d022fb3d8bcbf63491b79db2
+Author: Joy Latten <jmlatten at linux.vnet.ibm.com>
+Date: Wed Mar 19 12:50:14 2014 -0500
+
+ Add flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE to EVP_MD so that signing method
+ comes from key type.
+
+ Signed-off-by: Joy Latten <jmlatten at linux.vnet.ibm.com>
+
+diff --git a/e_ibmca.c b/e_ibmca.c
+index f3fad35..9353470 100644
+--- a/e_ibmca.c
++++ b/e_ibmca.c
+@@ -711,7 +711,7 @@ static const EVP_MD ibmca_sha1 = {
+ NID_sha1,
+ NID_sha1WithRSAEncryption,
+ SHA_HASH_LENGTH,
+- 0,
++ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
+ ibmca_sha1_init,
+ ibmca_sha1_update,
+ ibmca_sha1_final,
+@@ -728,7 +728,7 @@ static const EVP_MD ibmca_sha256 = {
+ NID_sha256,
+ NID_sha256WithRSAEncryption,
+ SHA256_HASH_LENGTH,
+- 0,
++ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
+ ibmca_sha256_init,
+ ibmca_sha256_update,
+ ibmca_sha256_final,
diff --git a/openssl-ibmca.spec b/openssl-ibmca.spec
index 3426459..d1944f7 100644
--- a/openssl-ibmca.spec
+++ b/openssl-ibmca.spec
@@ -1,7 +1,7 @@
Summary: A dynamic OpenSSL engine for IBMCA
Name: openssl-ibmca
Version: 1.2.0
-Release: 7%{?dist}
+Release: 8%{?dist}
License: OpenSSL
Group: System Environment/Libraries
URL: http://sourceforge.net/projects/opencryptoki
@@ -11,8 +11,9 @@ Patch0: openssl-ibmca-1.2.0-libica-soname.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=749638
Patch1: openssl-ibmca-1.2.0-ofb.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1074976
-# https://sourceforge.net/p/opencryptoki/ibmca/ci/f204aca935dfe45b736e9fb8f822c9e79ec9747c/
Patch2: openssl-ibmca-1.2.0-sha256-length.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=1075474
+Patch3: openssl-ibmca-1.2.0-signature-flag.patch
Requires: libica >= 2.1.0
BuildRequires: libica-devel >= 2.1.0
BuildRequires: automake libtool
@@ -27,6 +28,7 @@ A dynamic OpenSSL engine for IBMCA crypto hardware on IBM zSeries machines.
%patch0 -p1 -b .libica-soname
%patch1 -p0 -b .ofb
%patch2 -p1 -b .1074976
+%patch3 -p1 -b .1075474
sh ./bootstrap.sh
@@ -51,6 +53,9 @@ mv openssl.cnf.sample openssl.cnf.sample.%{_arch}
%changelog
+* Wed Mar 19 2014 Dan Horák <dan[at]danny.cz - 1.2.0-8
+- Set proper key signature flag (#1075474)
+
* Fri Mar 14 2014 Dan Horák <dan[at]danny.cz - 1.2.0-7
- Fix multilib conflict in sample config file (#1076423)
- Fixed message digest length definition in sha256 template (#1074976)
More information about the scm-commits
mailing list