[OE-core] [RFC PATCH 2/6] cryptodev-tests: port to openssl 1.1

Alexander Kanavin alex.kanavin at gmail.com
Wed Sep 5 14:15:38 UTC 2018 

Note that the upstream accepted the patch as it is (frankly I don't
remember how the line appeared there), so you should probably send a
fix directly to them :)

Alex

2018-09-04 22:38 GMT+02:00 Andre McCurdy <armccurdy at gmail.com>:
> On Tue, Aug 28, 2018 at 3:23 AM, Alexander Kanavin
> <alex.kanavin at gmail.com> wrote:
>> From: Alexander Kanavin <alexander.kanavin at linux.intel.com>
>>
>> This leaves openssh as the only recipe that requires openssl 1.0 (or libressl).
>>
>> Signed-off-by: Alexander Kanavin <alexander.kanavin at linux.intel.com>
>> ---
>>  .../cryptodev/cryptodev-tests_1.9.bb               |   3 +-
>>  .../files/0001-Port-tests-to-openssl-1.1.patch     | 103 +++++++++++++++++++++
>>  2 files changed, 105 insertions(+), 1 deletion(-)
>>  create mode 100644 meta/recipes-kernel/cryptodev/files/0001-Port-tests-to-openssl-1.1.patch
>>
>> diff --git a/meta/recipes-kernel/cryptodev/cryptodev-tests_1.9.bb b/meta/recipes-kernel/cryptodev/cryptodev-tests_1.9.bb
>> index 9afb3de..617db6c 100644
>> --- a/meta/recipes-kernel/cryptodev/cryptodev-tests_1.9.bb
>> +++ b/meta/recipes-kernel/cryptodev/cryptodev-tests_1.9.bb
>> @@ -2,10 +2,11 @@ require cryptodev.inc
>>
>>  SUMMARY = "A test suite for /dev/crypto device driver"
>>
>> -DEPENDS += "openssl10"
>> +DEPENDS += "openssl"
>>
>>  SRC_URI += " \
>>  file://0001-Add-the-compile-and-install-rules-for-cryptodev-test.patch \
>> +file://0001-Port-tests-to-openssl-1.1.patch \
>>  "
>>
>>  EXTRA_OEMAKE='KERNEL_DIR="${STAGING_EXECPREFIXDIR}" PREFIX="${D}"'
>> diff --git a/meta/recipes-kernel/cryptodev/files/0001-Port-tests-to-openssl-1.1.patch b/meta/recipes-kernel/cryptodev/files/0001-Port-tests-to-openssl-1.1.patch
>> new file mode 100644
>> index 0000000..c969126
>> --- /dev/null
>> +++ b/meta/recipes-kernel/cryptodev/files/0001-Port-tests-to-openssl-1.1.patch
>> @@ -0,0 +1,103 @@
>> +From 2fe4bdeb8cdd0b0f46d9caed807812855d51ea56 Mon Sep 17 00:00:00 2001
>> +From: Alexander Kanavin <alex.kanavin at gmail.com>
>> +Date: Wed, 28 Mar 2018 20:11:05 +0300
>> +Subject: [PATCH] Port tests to openssl 1.1
>> +
>> +Upstream-Status: Accepted [https://github.com/cryptodev-linux/cryptodev-linux/pull/36]
>> +Signed-off-by: Alexander Kanavin <alex.kanavin at gmail.com>
>> +
>> +---
>> + tests/openssl_wrapper.c | 33 +++++++++++++++++++++++++++++++++
>> + 1 file changed, 33 insertions(+)
>> +
>> +diff --git a/tests/openssl_wrapper.c b/tests/openssl_wrapper.c
>> +index 038c58f..dea2496 100644
>> +--- a/tests/openssl_wrapper.c
>> ++++ b/tests/openssl_wrapper.c
>> +@@ -4,6 +4,7 @@
>> + #include <openssl/aes.h>
>> + #include <openssl/evp.h>
>> + #include <openssl/hmac.h>
>> ++#include <openssl/opensslv.h>
>> +
>> + //#define DEBUG
>> +
>> +@@ -23,10 +24,17 @@ enum ctx_type {
>> +       ctx_type_md,
>> + };
>> +
>> ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
>> ++union openssl_ctx {
>> ++      HMAC_CTX *hmac;
>> ++      EVP_MD_CTX *md;
>> ++};
>> ++#else
>> + union openssl_ctx {
>> +       HMAC_CTX hmac;
>> +       EVP_MD_CTX md;
>> + };
>> ++#endif
>> +
>> + struct ctx_mapping {
>> +       __u32 ses;
>> +@@ -63,6 +71,16 @@ static void remove_mapping(__u32 ses)
>> +       switch (mapping->type) {
>> +       case ctx_type_none:
>> +               break;
>> ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
>> ++      case ctx_type_hmac:
>> ++              dbgp("%s: calling HMAC_CTX_free\n", __func__);
>> ++              HMAC_CTX_free(mapping->ctx.hmac);
>> ++              break;
>> ++      case ctx_type_md:
>> ++              dbgp("%s: calling EVP_MD_CTX_free\n", __func__);
>> ++              EVP_MD_CTX_free(mapping->ctx.md);
>> ++              break;
>> ++#else
>> +       case ctx_type_hmac:
>> +               dbgp("%s: calling HMAC_CTX_cleanup\n", __func__);
>> +               HMAC_CTX_cleanup(&mapping->ctx.hmac);
>> +@@ -71,6 +89,7 @@ static void remove_mapping(__u32 ses)
>> +               dbgp("%s: calling EVP_MD_CTX_cleanup\n", __func__);
>> +               EVP_MD_CTX_cleanup(&mapping->ctx.md);
>> +               break;
>> ++#endif
>> +       }
>> +       memset(mapping, 0, sizeof(*mapping));
>> + }
>> +@@ -127,10 +146,17 @@ static int openssl_hmac(struct session_op *sess, struct crypt_op *cop)
>> +
>> +               mapping->ses = sess->ses;
>> +               mapping->type = ctx_type_hmac;
>> ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
>> ++              ctx = mapping->ctx.hmac;
>
> Assigning the (uninitialised?) value of mapping->ctx.hmac to ctx here
> looks redundant?
>
>> ++
>> ++              dbgp("calling HMAC_CTX_new");
>> ++              ctx = HMAC_CTX_new();
>> ++#else
>> +               ctx = &mapping->ctx.hmac;
>> +
>> +               dbgp("calling HMAC_CTX_init");
>> +               HMAC_CTX_init(ctx);
>> ++#endif
>> +               dbgp("calling HMAC_Init_ex");
>> +               if (!HMAC_Init_ex(ctx, sess->mackey, sess->mackeylen,
>> +                               sess_to_evp_md(sess), NULL)) {
>> +@@ -172,10 +198,17 @@ static int openssl_md(struct session_op *sess, struct crypt_op *cop)
>> +
>> +               mapping->ses = sess->ses;
>> +               mapping->type = ctx_type_md;
>> ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
>> ++              ctx = mapping->ctx.md;
>
> And same comment here.
>
>> ++
>> ++              dbgp("calling EVP_MD_CTX_new");
>> ++              ctx = EVP_MD_CTX_new();
>> ++#else
>> +               ctx = &mapping->ctx.md;
>> +
>> +               dbgp("calling EVP_MD_CTX_init");
>> +               EVP_MD_CTX_init(ctx);
>> ++#endif
>> +               dbgp("calling EVP_DigestInit");
>> +               EVP_DigestInit(ctx, sess_to_evp_md(sess));
>> +       }
>> --
>> 2.7.4
>>
>> --
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core at lists.openembedded.org
>> http://lists.openembedded.org/mailman/listinfo/openembedded-core

More information about the Openembedded-core mailing list