deleted file mode 100644
@@ -1,44 +0,0 @@
-From 7db883cdb3369cfaf9f0890b0eda503f47a5ffa3 Mon Sep 17 00:00:00 2001
-From: Alistair Francis <alistair.francis@wdc.com>
-Date: Fri, 11 Aug 2023 16:26:53 -0400
-Subject: [PATCH] cryptlib_openssl: x509: Remove internal OpenSSL crypto
- include
-
-The OpenSSL source code describes the crypto include as:
-"Internal EC functions for other submodules: not for application use"
- - https://github.com/openssl/openssl/blob/master/include/crypto/ec.h
-
-Using the internal APIS makes it difficult to use libspdm as a library
-with other packages. So let's remove the uses of the internal API and
-instead use the public API.
-
-Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
-Upstream: https://github.com/DMTF/libspdm/commit/7db883cdb3369cfaf9f0890b0eda503f47a5ffa3
----
- os_stub/cryptlib_openssl/pk/x509.c | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/os_stub/cryptlib_openssl/pk/x509.c b/os_stub/cryptlib_openssl/pk/x509.c
-index c067f3d0ca..1a2736132b 100644
---- a/os_stub/cryptlib_openssl/pk/x509.c
-+++ b/os_stub/cryptlib_openssl/pk/x509.c
-@@ -17,7 +17,6 @@
- #include <openssl/bn.h>
- #include <openssl/pem.h>
- #include <openssl/bio.h>
--#include <crypto/x509.h>
-
- #if LIBSPDM_CERT_PARSE_SUPPORT
-
-@@ -2318,7 +2317,7 @@ bool libspdm_set_attribute_for_req(X509_REQ *req, uint8_t *req_info, size_t req_
- /*get subject name from req_info and set it to CSR*/
- x509_req_info = d2i_X509_REQ_INFO(NULL, (const unsigned char **)(&req_info), req_info_len);
- if (x509_req_info) {
-- X509_REQ_set_subject_name(req, x509_req_info->subject);
-+ X509_REQ_set_subject_name(req, X509_REQ_get_subject_name((X509_REQ *)x509_req_info));
- X509_REQ_INFO_free(x509_req_info);
- } else {
- return false;
-2.40.1
-
deleted file mode 100644
@@ -1,56 +0,0 @@
-From e87687d72688e980b929920b7d77dca26fff169e Mon Sep 17 00:00:00 2001
-From: Alistair Francis <alistair.francis@wdc.com>
-Date: Mon, 21 Aug 2023 14:00:46 -0400
-Subject: [PATCH] cryptlib_openssl: ecd: Allow disabling code
-
-The OpenSSL source code describes the crypto include as:
-"Internal EC functions for other submodules: not for application use"
- - https://github.com/openssl/openssl/blob/master/include/crypto/ec.h
-
-Using the internal APIS makes it difficult to use libspdm as a library
-with other packages. So let's remove the uses of the internal API and
-instead use the public API.
-
-The current ECD code uses internal APIs, making it unsuitable for use in
-production code or libraries.
-
-The supported way to do this is via OSSL params, either with
-EVP_PKEY_fromdata() [1] or using EVP_PKEY_set_octet_string_param().
-
-Unfortunately this isn't supported in OpenSSL and ed25519_set_params()
-and ed448_set_params() will always return 1, indicating no support.
-
-As there doesn't appear to be a supported method in OpenSSL to set the
-public and private keys, let's instead allow users to disable this
-support so the library can be used with the regular OpenSSL libraries.
-
-https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html
-
-Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
-Upstream: https://github.com/DMTF/libspdm/commit/e87687d72688e980b929920b7d77dca26fff169e
----
- os_stub/cryptlib_openssl/pk/ecd.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/os_stub/cryptlib_openssl/pk/ecd.c b/os_stub/cryptlib_openssl/pk/ecd.c
-index d7cc156d86..23dbd0390b 100644
---- a/os_stub/cryptlib_openssl/pk/ecd.c
-+++ b/os_stub/cryptlib_openssl/pk/ecd.c
-@@ -12,6 +12,9 @@
- **/
-
- #include "internal_crypt_lib.h"
-+
-+#if (LIBSPDM_EDDSA_ED25519_SUPPORT) || (LIBSPDM_EDDSA_ED448_SUPPORT)
-+
- #include <openssl/evp.h>
- #include <crypto/evp.h>
-
-@@ -471,3 +474,4 @@ bool libspdm_eddsa_verify(const void *ecd_context, size_t hash_nid,
- EVP_MD_CTX_free(ctx);
- return true;
- }
-+#endif /* (LIBSPDM_EDDSA_ED25519_SUPPORT) || (LIBSPDM_EDDSA_ED448_SUPPORT) */
-2.40.1
-
deleted file mode 100644
@@ -1,82 +0,0 @@
-From 567b1c8ea731fe42650d43ede50a105b772dc7aa Mon Sep 17 00:00:00 2001
-From: Alistair Francis <alistair.francis@wdc.com>
-Date: Fri, 11 Aug 2023 16:24:23 -0400
-Subject: [PATCH] cryptlib_openssl: ec: Remove internal OpenSSL crypto include
-
-The OpenSSL source code describes the crypto include as:
-"Internal EC functions for other submodules: not for application use"
- - https://github.com/openssl/openssl/blob/master/include/crypto/ec.h
-
-Using the internal APIS makes it difficult to use libspdm as a library
-with other packages. So let's remove the uses of the internal API and
-instead use the public API.
-
-Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
-Upstream: https://github.com/DMTF/libspdm/commit/567b1c8ea731fe42650d43ede50a105b772dc7aa
----
- os_stub/cryptlib_openssl/pk/ec.c | 26 ++++++++++++++++++++++----
- 1 file changed, 22 insertions(+), 4 deletions(-)
-
-diff --git a/os_stub/cryptlib_openssl/pk/ec.c b/os_stub/cryptlib_openssl/pk/ec.c
-index 7dd9a8b0f8..09df0b9a25 100644
---- a/os_stub/cryptlib_openssl/pk/ec.c
-+++ b/os_stub/cryptlib_openssl/pk/ec.c
-@@ -15,7 +15,6 @@
- #include <openssl/bn.h>
- #include <openssl/ec.h>
- #include <openssl/objects.h>
--#include <crypto/ec.h>
-
- /**
- * Allocates and Initializes one Elliptic Curve context for subsequent use
-@@ -854,7 +853,7 @@ static int libspdm_ecdsa_sign_setup_random(EC_KEY *eckey, BIGNUM **kinvp, BIGNUM
- uint8_t* random, size_t random_len)
- {
- BN_CTX *ctx = NULL;
-- BIGNUM *k = NULL, *r = NULL, *X = NULL;
-+ BIGNUM *k = NULL, *r = NULL, *X = NULL, *e = NULL;
- const BIGNUM *order;
- EC_POINT *tmp_point = NULL;
- const EC_GROUP *group;
-@@ -901,6 +900,11 @@ static int libspdm_ecdsa_sign_setup_random(EC_KEY *eckey, BIGNUM **kinvp, BIGNUM
- goto err;
- }
-
-+ e = BN_CTX_get(ctx);
-+ if (e == NULL) {
-+ return 0;
-+ }
-+
- /*random number*/
- k = BN_bin2bn(random, random_len, NULL);
-
-@@ -915,10 +919,24 @@ static int libspdm_ecdsa_sign_setup_random(EC_KEY *eckey, BIGNUM **kinvp, BIGNUM
- goto err;
- }
-
-- /* compute the inverse of k */
-- if (!ossl_ec_group_do_inverse_ord(group, k, k, ctx)) {
-+ /*
-+ * compute the inverse of k
-+ * Based on ossl_ec_group_do_inverse_ord() from OpenSSL
-+ */
-+ BN_CTX_start(ctx);
-+ if (!BN_set_word(e, 2)) {
-+ BN_CTX_end(ctx);
-+ goto err;
-+ }
-+ if (!BN_sub(e, order, e)) {
-+ BN_CTX_end(ctx);
-+ goto err;
-+ }
-+ if (!BN_mod_exp_mont(k, k, e, order, ctx, EC_GROUP_get_mont_data(group))) {
-+ BN_CTX_end(ctx);
- goto err;
- }
-+ BN_CTX_end(ctx);
-
- /* clear old values if necessary */
- BN_clear_free(*rp);
-2.40.1
-
deleted file mode 100644
@@ -1,31 +0,0 @@
-From 97611ce8279341205463ace6a5f2ff93c52fc417 Mon Sep 17 00:00:00 2001
-From: Alistair Francis <alistair.francis@wdc.com>
-Date: Wed, 30 Aug 2023 13:37:07 +1000
-Subject: [PATCH] CMakeLists.txt: Allow disabling EDDSA support from command
- line
-
-Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
-Upstream: https://github.com/DMTF/libspdm/pull/2330
----
- CMakeLists.txt | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 8a18c467a5..47b93f8bb7 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -155,6 +155,11 @@ else()
- MESSAGE(FATAL_ERROR "Unknown CRYPTO")
- endif()
-
-+if(DISABLE_EDDSA STREQUAL "1")
-+ add_definitions(-DLIBSPDM_EDDSA_ED25519_SUPPORT=0)
-+ add_definitions(-DLIBSPDM_EDDSA_ED448_SUPPORT=0)
-+endif()
-+
- if(ENABLE_BINARY_BUILD STREQUAL "1")
- if(NOT CRYPTO STREQUAL "openssl")
- MESSAGE(FATAL_ERROR "enabling binary build not supported for non-openssl")
-2.40.1
-
@@ -1,3 +1,3 @@
# Locally calculated
-sha256 3a40daa59f32843062c3d2699acee09bd0ee217eb8ebf0378ae12b60b6db0636 libspdm-3.0.0.tar.gz
+sha256 73e0d7df3c91beeb9f61a50eaa0a44c8e32b7a62ce32ed3cab1f0fab406ed5b8 libspdm-3.1.0.tar.gz
sha256 7dc072bff163df39209bbb63e0916f4667c2a84cf3c36ccc84ec7425bc3e4779 LICENSE.md
@@ -4,7 +4,7 @@
#
################################################################################
-LIBSPDM_VERSION = 3.0.0
+LIBSPDM_VERSION = 3.1.0
LIBSPDM_SITE = $(call github,DMTF,libspdm,$(LIBSPDM_VERSION))
LIBSPDM_LICENSE = BSD-3-Clause
LIBSPDM_LICENSE_FILES = LICENSE.md
Signed-off-by: Alistair Francis <alistair.francis@wdc.com> --- ...-x509-Remove-internal-OpenSSL-crypto.patch | 44 ---------- ...lib_openssl-ecd-Allow-disabling-code.patch | 56 ------------- ...-ec-Remove-internal-OpenSSL-crypto-i.patch | 82 ------------------- ...llow-disabling-EDDSA-support-from-co.patch | 31 ------- package/libspdm/libspdm.hash | 2 +- package/libspdm/libspdm.mk | 2 +- 6 files changed, 2 insertions(+), 215 deletions(-) delete mode 100644 package/libspdm/0001-cryptlib_openssl-x509-Remove-internal-OpenSSL-crypto.patch delete mode 100644 package/libspdm/0002-cryptlib_openssl-ecd-Allow-disabling-code.patch delete mode 100644 package/libspdm/0003-cryptlib_openssl-ec-Remove-internal-OpenSSL-crypto-i.patch delete mode 100644 package/libspdm/0004-CMakeLists.txt-Allow-disabling-EDDSA-support-from-co.patch