giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

build against OpenSSL 1.1.0 on Windows, by default 

- build with AppVeyor's OpenSSL 1.1.0
- updates AppVeyor version of OpenPACE

Fixes https://github.com/OpenSC/OpenSC/issues/1108
This commit is contained in:
Frank Morgner 2017-07-21 14:05:47 +02:00
parent 1c7ef66ce7
commit 7a39d6d058
5 changed files with 22 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
appveyor.yml
View File

@ -29,8 +29,7 @@ install:
throw "There are newer queued builds for this pull request, failing early." }
- date /T & time /T
- set PATH=C:\cygwin\bin;%PATH%
- set OPENSSL_VER=1_0_2f
- set OPENPACE_VER=1.0.1
- set OPENPACE_VER=1.0.2
- set ZLIB_VER_DOT=1.2.8
- ps: $env:PACKAGE_NAME=(git describe --tags)
- ps: >-
@ -49,10 +48,6 @@ install:
}
- ps: >-
If (!($env:Configuration -Like "*Light*")) {
If (!(Test-Path -Path "C:\OpenSSL-${env:OPENSSL_PF}" )) {
Start-FileDownload https://slproweb.com/download/${env:OPENSSL_PF}OpenSSL-${env:OPENSSL_VER}.exe -FileName C:\WinOpenSSL.exe
C:\WinOpenSSL.exe /SILENT /VERYSILENT /SP- /SUPPRESSMSGBOXES /NORESTART
}
$env:NMAKE_EXTRA="OPENSSL_DEF=/DENABLE_OPENSSL ${env:NMAKE_EXTRA}"
If (!(Test-Path C:\zlib )) {
appveyor DownloadFile "https://github.com/madler/zlib/archive/v${env:ZLIB_VER_DOT}.zip" -FileName zlib.zip
@ -92,8 +87,8 @@ build_script:
# build libeac.lib as a static library
xcopy C:\openpace C:\openpace-${env:OPENSSL_PF} /e /i /y /s
cd C:\openpace-${env:OPENSSL_PF}\src
cl /IC:\OpenSSL-${env:OPENSSL_PF}\include /I. /DX509DIR=\`"/\`" /DCVCDIR=\`"/\`" /W3 /D_CRT_SECURE_NO_DEPRECATE /DWIN32_LEAN_AND_MEAN /GS /MT /c ca_lib.c cv_cert.c cvc_lookup.c x509_lookup.c eac_asn1.c eac.c eac_ca.c eac_dh.c eac_ecdh.c eac_kdf.c eac_lib.c eac_print.c eac_util.c misc.c pace.c pace_lib.c pace_mappings.c ri.c ri_lib.c ta.c ta_lib.c objects.c
lib /out:libeac.lib ca_lib.obj cv_cert.obj cvc_lookup.obj x509_lookup.obj eac_asn1.obj eac.obj eac_ca.obj eac_dh.obj eac_ecdh.obj eac_kdf.obj eac_lib.obj eac_print.obj eac_util.obj misc.obj pace.obj pace_lib.obj pace_mappings.obj ri.obj ri_lib.obj ta.obj ta_lib.obj objects.obj
cl /IC:\OpenSSL-${env:OPENSSL_PF}\include /I. /DX509DIR=\`"/\`" /DCVCDIR=\`"/\`" /W3 /D_CRT_SECURE_NO_DEPRECATE /DWIN32_LEAN_AND_MEAN /GS /MT /DHAVE_ASN1_STRING_GET0_DATA=1 /DHAVE_DECL_OPENSSL_ZALLOC=1 /DHAVE_DH_GET0_KEY=1 /DHAVE_DH_GET0_PQG=1 /DHAVE_DH_SET0_KEY=1 /DHAVE_DH_SET0_PQG=1 /DHAVE_ECDSA_SIG_GET0=1 /DHAVE_ECDSA_SIG_SET0=1 /DHAVE_EC_KEY_METHOD=1 /DHAVE_RSA_GET0_KEY=1 /DHAVE_RSA_SET0_KEY=1 /c ca_lib.c cv_cert.c cvc_lookup.c x509_lookup.c eac_asn1.c eac.c eac_ca.c eac_dh.c eac_ecdh.c eac_kdf.c eac_lib.c eac_print.c eac_util.c misc.c pace.c pace_lib.c pace_mappings.c ri.c ri_lib.c ta.c ta_lib.c objects.c ssl_compat.c
lib /out:libeac.lib ca_lib.obj cv_cert.obj cvc_lookup.obj x509_lookup.obj eac_asn1.obj eac.obj eac_ca.obj eac_dh.obj eac_ecdh.obj eac_kdf.obj eac_lib.obj eac_print.obj eac_util.obj misc.obj pace.obj pace_lib.obj pace_mappings.obj ri.obj ri_lib.obj ta.obj ta_lib.obj objects.obj ssl_compat.obj
cd C:\projects\OpenSC
}
$env:NMAKE_EXTRA="OPENPACE_DEF=/DENABLE_OPENPACE OPENPACE_DIR=C:\openpace-${env:OPENSSL_PF} ${env:NMAKE_EXTRA}"
@ -114,8 +109,6 @@ build_script:
}
cache:
- C:\OpenSSL-Win32 -> appveyor.yml
- C:\OpenSSL-Win64 -> appveyor.yml
- C:\zlib -> appveyor.yml
- C:\zlib-Win32 -> appveyor.yml
- C:\zlib-Win64 -> appveyor.yml

2
src/libopensc/card-sc-hsm.c
View File

@ -500,7 +500,7 @@ static int sc_hsm_perform_chip_authentication(sc_card_t *card)
goto err;
}
EVP_PKEY_free(ctx->ca_ctx->ka_ctx->key);
CRYPTO_add(&ctx->ta_ctx->pub_key->references, 1, CRYPTO_LOCK_EVP_PKEY);
EVP_PKEY_up_ref(ctx->ta_ctx->pub_key);
ctx->ca_ctx->ka_ctx->key = ctx->ta_ctx->pub_key;
/* generate keys for CA */

14
src/sm/sm-eac.c
View File

@ -425,7 +425,7 @@ static int format_mse_cdata(struct sc_context *ctx, int protocol,
if (key_reference1 && key_reference1_len) {
data->key_reference1 = ASN1_OCTET_STRING_new();
if (!data->key_reference1
|| !M_ASN1_OCTET_STRING_set(
|| !ASN1_OCTET_STRING_set(
data->key_reference1, key_reference1, key_reference1_len)) {
sc_debug(ctx, SC_LOG_DEBUG_VERBOSE, "Error setting key reference 1 of MSE:Set AT data");
r = SC_ERROR_INTERNAL;
@ -436,7 +436,7 @@ static int format_mse_cdata(struct sc_context *ctx, int protocol,
if (key_reference2 && key_reference2_len) {
data->key_reference2 = ASN1_OCTET_STRING_new();
if (!data->key_reference2
|| !M_ASN1_OCTET_STRING_set(
|| !ASN1_OCTET_STRING_set(
data->key_reference2, key_reference2, key_reference2_len)) {
sc_debug(ctx, SC_LOG_DEBUG_VERBOSE, "Error setting key reference 2 of MSE:Set AT data");
r = SC_ERROR_INTERNAL;
@ -447,7 +447,7 @@ static int format_mse_cdata(struct sc_context *ctx, int protocol,
if (eph_pub_key && eph_pub_key_len) {
data->eph_pub_key = ASN1_OCTET_STRING_new();
if (!data->eph_pub_key
|| !M_ASN1_OCTET_STRING_set(
|| !ASN1_OCTET_STRING_set(
data->eph_pub_key, eph_pub_key, eph_pub_key_len)) {
sc_debug(ctx, SC_LOG_DEBUG_VERBOSE, "Error setting ephemeral Public Key of MSE:Set AT data");
r = SC_ERROR_INTERNAL;
@ -710,7 +710,7 @@ static int npa_gen_auth_2_map_nonce(sc_card_t *card,
}
c_data->mapping_data = ASN1_OCTET_STRING_new();
if (!c_data->mapping_data
|| !M_ASN1_OCTET_STRING_set(
|| !ASN1_OCTET_STRING_set(
c_data->mapping_data, in, in_len)) {
ssl_error(card->ctx);
r = SC_ERROR_INTERNAL;
@ -802,7 +802,7 @@ static int npa_gen_auth_3_perform_key_agreement(sc_card_t *card,
}
c_data->eph_pub_key = ASN1_OCTET_STRING_new();
if (!c_data->eph_pub_key
|| !M_ASN1_OCTET_STRING_set(
|| !ASN1_OCTET_STRING_set(
c_data->eph_pub_key, in, in_len)) {
ssl_error(card->ctx);
r = SC_ERROR_INTERNAL;
@ -895,7 +895,7 @@ static int npa_gen_auth_4_mutual_authentication(sc_card_t *card,
}
c_data->auth_token = ASN1_OCTET_STRING_new();
if (!c_data->auth_token
|| !M_ASN1_OCTET_STRING_set(
|| !ASN1_OCTET_STRING_set(
c_data->auth_token, in, in_len)) {
ssl_error(card->ctx);
r = SC_ERROR_INTERNAL;
@ -1684,7 +1684,7 @@ static int npa_gen_auth_ca(sc_card_t *card, const BUF_MEM *eph_pub_key,
}
c_data->eph_pub_key = ASN1_OCTET_STRING_new();
if (!c_data->eph_pub_key
|| !M_ASN1_OCTET_STRING_set( c_data->eph_pub_key,
|| !ASN1_OCTET_STRING_set( c_data->eph_pub_key,
eph_pub_key->data, eph_pub_key->length)) {
ssl_error(card->ctx);
r = SC_ERROR_INTERNAL;

2
src/tools/npa-tool.c
View File

@ -319,7 +319,7 @@ static int add_to_ASN1_AUXILIARY_DATA(
if (data && data_len) {
template->discretionary_data3 = ASN1_OCTET_STRING_new();
if (!template->discretionary_data3
|| !M_ASN1_OCTET_STRING_set(
|| !ASN1_OCTET_STRING_set(
template->discretionary_data3, data, data_len)) {
r = SC_ERROR_INTERNAL;
goto err;

12
win32/Make.rules.mak
View File

@ -44,9 +44,17 @@ OPENSSL_INCL_DIR = /I$(OPENSSL_DIR)\include
OPENSSL_STATIC_DIR = static
!IF "$(DEBUG_DEF)" == "/DDEBUG"
OPENSSL_LIB = $(OPENSSL_DIR)\lib\VC\$(OPENSSL_STATIC_DIR)\libeay32MTd.lib user32.lib advapi32.lib crypt32.lib
!IF "$(PLATFORM)" == "x86"
OPENSSL_LIB = $(OPENSSL_DIR)\lib\VC\$(OPENSSL_STATIC_DIR)\libcrypto32MTd.lib user32.lib advapi32.lib crypt32.lib ws2_32.lib
!ELSE
OPENSSL_LIB = $(OPENSSL_DIR)\lib\VC\$(OPENSSL_STATIC_DIR)\libeay32MT.lib user32.lib advapi32.lib crypt32.lib
OPENSSL_LIB = $(OPENSSL_DIR)\lib\VC\$(OPENSSL_STATIC_DIR)\libcrypto64MTd.lib user32.lib advapi32.lib crypt32.lib ws2_32.lib
!ENDIF
!ELSE
!IF "$(PLATFORM)" == "x86"
OPENSSL_LIB = $(OPENSSL_DIR)\lib\VC\$(OPENSSL_STATIC_DIR)\libcrypto32MT.lib user32.lib advapi32.lib crypt32.lib ws2_32.lib
!ELSE
OPENSSL_LIB = $(OPENSSL_DIR)\lib\VC\$(OPENSSL_STATIC_DIR)\libcrypto64MT.lib user32.lib advapi32.lib crypt32.lib ws2_32.lib
!ENDIF
!ENDIF
PROGRAMS_OPENSSL = cryptoflex-tool.exe pkcs15-init.exe netkey-tool.exe piv-tool.exe \