microsoft · durgajagadeesh · Jan 15, 2025 · Jan 16, 2025
@@ -0,0 +1,66 @@
+commit e58d2086cf9268a1dd2431c64c6bcdd74c2c3233
+Author: Ingo Franzki <[email protected]>
+Date:   Mon Sep 16 09:16:03 2024 +0200
+
+    COMMON: Fix compile error due to incompatible pointer types
+
+    usr/lib/common/mech_openssl.c:4751:36: error: passing argument 2 of
+    'get_sha_size' from incompatible pointer type [-Wincompatible-pointer-types]
+    4751 | rc = get_sha_size(digest_mech, &mac_len);
+
+    usr/lib/common/mech_openssl.c:4851:36: error: passing argument 2 of
+    'get_sha_size' from incompatible pointer type [-Wincompatible-pointer-types]
+    4851 | rc = get_sha_size(digest_mech, &mac_len);
+
+    Closes: https://github.com/opencryptoki/opencryptoki/issues/809
+
+    Signed-off-by: Ingo Franzki <[email protected]>
+
+diff --git a/usr/lib/common/mech_openssl.c b/usr/lib/common/mech_openssl.c
+index 296b5e0a..500b6f91 100644
+--- a/usr/lib/common/mech_openssl.c
++++ b/usr/lib/common/mech_openssl.c
+@@ -4731,6 +4731,7 @@ CK_RV openssl_specific_hmac(SIGN_VERIFY_CONTEXT *ctx, CK_BYTE *in_data,
+     CK_RV rv = CKR_OK;
+     CK_BBOOL general = FALSE;
+     CK_MECHANISM_TYPE digest_mech;
++    CK_ULONG mac_len2;
+
+     if (!ctx || !ctx->context) {
+         TRACE_ERROR("%s received bad argument(s)\n", __func__);
+@@ -4748,11 +4749,12 @@ CK_RV openssl_specific_hmac(SIGN_VERIFY_CONTEXT *ctx, CK_BYTE *in_data,
+         return rc;
+     }
+
+-    rc = get_sha_size(digest_mech, &mac_len);
++    rc = get_sha_size(digest_mech, &mac_len2);
+     if (rc != CKR_OK) {
+         TRACE_ERROR("%s get_sha_size failed\n", __func__);
+         return rc;
+     }
++    mac_len = mac_len2;
+
+     mdctx = (EVP_MD_CTX *) ctx->context;
+
+@@ -4833,6 +4835,7 @@ CK_RV openssl_specific_hmac_final(SIGN_VERIFY_CONTEXT *ctx, CK_BYTE *signature,
+     CK_RV rv = CKR_OK;
+     CK_BBOOL general = FALSE;
+     CK_MECHANISM_TYPE digest_mech;
++    CK_ULONG mac_len2;
+
+     if (!ctx || !ctx->context)
+         return CKR_OPERATION_NOT_INITIALIZED;
+@@ -4848,11 +4851,12 @@ CK_RV openssl_specific_hmac_final(SIGN_VERIFY_CONTEXT *ctx, CK_BYTE *signature,
+         return rc;
+     }
+
+-    rc = get_sha_size(digest_mech, &mac_len);
++    rc = get_sha_size(digest_mech, &mac_len2);
+     if (rc != CKR_OK) {
+         TRACE_ERROR("%s get_sha_size failed\n", __func__);
+         return rc;
+     }
++    mac_len = mac_len2;
+
+     if (signature == NULL) {
+         if (sign) {
@@ -0,0 +1,42 @@
+diff -up opencryptoki-3.24.0/Makefile.am.me opencryptoki-3.24.0/Makefile.am
+--- opencryptoki-3.24.0/Makefile.am.me	2024-09-12 12:53:05.023882913 +0200
++++ opencryptoki-3.24.0/Makefile.am	2024-09-12 12:55:34.366644836 +0200
+@@ -51,20 +51,8 @@ include tools/tools.mk
+ include doc/doc.mk
+
+ install-data-hook:
+-if AIX
+-	lsgroup $(pkcs_group) > /dev/null || $(GROUPADD) -a pkcs11
+-	lsuser $(pkcsslotd_user) > /dev/null || $(USERADD) -g $(pkcs_group) -d $(DESTDIR)$(RUN_PATH)/opencryptoki -c "Opencryptoki pkcsslotd user" $(pkcsslotd_user)
+-else
+-	getent group $(pkcs_group) > /dev/null || $(GROUPADD) -r $(pkcs_group)
+-	getent passwd $(pkcsslotd_user) >/dev/null || $(USERADD) -r -g $(pkcs_group) -d $(RUN_PATH)/opencryptoki -s /sbin/nologin -c "Opencryptoki pkcsslotd user" $(pkcsslotd_user)
+-endif
+ 	$(MKDIR_P) $(DESTDIR)$(RUN_PATH)/opencryptoki/
+-	$(CHOWN) $(pkcsslotd_user):$(pkcs_group) $(DESTDIR)$(RUN_PATH)/opencryptoki/
+-	$(CHGRP) $(pkcs_group) $(DESTDIR)$(RUN_PATH)/opencryptoki/
+-	$(CHMOD) 0710 $(DESTDIR)$(RUN_PATH)/opencryptoki/
+ 	$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki
+-	$(CHGRP) $(pkcs_group) $(DESTDIR)$(localstatedir)/lib/opencryptoki
+-	$(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki
+ if ENABLE_LIBRARY
+ 	$(MKDIR_P) $(DESTDIR)$(libdir)/opencryptoki/stdll
+ 	$(MKDIR_P) $(DESTDIR)$(libdir)/pkcs11
+@@ -117,7 +105,7 @@ if ENABLE_EP11TOK
+ endif
+ if ENABLE_P11SAK
+ 	test -f $(DESTDIR)$(sysconfdir)/opencryptoki || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/opencryptoki || true
+-	test -f $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf || $(INSTALL) -g $(pkcs_group) -m 0640 $(srcdir)/usr/sbin/p11sak/p11sak_defined_attrs.conf $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf || true
++	test -f $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf || $(INSTALL) -m 0640 $(srcdir)/usr/sbin/p11sak/p11sak_defined_attrs.conf $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf || true
+ endif
+ if ENABLE_ICATOK
+ 	cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \
+@@ -168,7 +156,7 @@ endif
+ if ENABLE_DAEMON
+ 	test -f $(DESTDIR)$(sysconfdir)/opencryptoki || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/opencryptoki || true
+ 	test -f $(DESTDIR)$(sysconfdir)/opencryptoki/opencryptoki.conf || $(INSTALL) -m 644 $(srcdir)/usr/sbin/pkcsslotd/opencryptoki.conf $(DESTDIR)$(sysconfdir)/opencryptoki/opencryptoki.conf || true
+-	test -f $(DESTDIR)$(sysconfdir)/opencryptoki/strength.conf || $(INSTALL) -m 640 -o root -g $(pkcs_group) -T $(srcdir)/doc/strength-example.conf $(DESTDIR)$(sysconfdir)/opencryptoki/strength.conf || true
++	test -f $(DESTDIR)$(sysconfdir)/opencryptoki/strength.conf || $(INSTALL) -m 640 -o root -T $(srcdir)/doc/strength-example.conf $(DESTDIR)$(sysconfdir)/opencryptoki/strength.conf || true
+ endif
+ if !AIX
+ 	$(MKDIR_P) $(DESTDIR)/etc/ld.so.conf.d
@@ -1,6 +1,6 @@
 {
-  "Signatures": {
-    "opencryptoki.module": "d335359abeb5d4d1e684841f055ac99b98e8fcc77578e480ef86ef2621ab363d",
-    "opencryptoki-3.17.0.tar.gz": "785596925738855b33b29bdff2399f613b892e7c6000d9ffbf79fe32c2aeaeee"
-  }
-}
+ "Signatures": {
+  "opencryptoki-3.24.0.tar.gz": "36873a867853b2327ca42ec231be8603d83cac2008ead23296b522fe64443764",
+  "opencryptoki.module": "d335359abeb5d4d1e684841f055ac99b98e8fcc77578e480ef86ef2621ab363d"
+ }
+}