Add Add-openssl-3-support.patch

Add Add-openssl-3-support.patch to continue to use the deprecated openssl
API for now, until we switch to the current API.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>

Add-openssl-3-support.patch

@@ -0,0 +1,59 @@
+From 1130ef5b93a68f42c32de8081f1e8b28cc4f632e Mon Sep 17 00:00:00 2001
+From: James Bottomley <James.Bottomley@HansenPartnership.com>
+Date: Tue, 15 Feb 2022 08:26:11 -0500
+Subject: [PATCH] Add openssl-3 support
+
+This is just a bandaid at the moment to prevent -Werror from breaking
+the compile on deprecated API warnings.  Since the APIs will be
+removed in the next release, this buys some time.  The final solution
+will likely have to be a conversion to the new provider interface.
+
+Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
+---
+ Makefile.am  | 4 ++++
+ configure.ac | 7 +++++++
+ 2 files changed, 11 insertions(+)
+
+diff --git a/Makefile.am b/Makefile.am
+index 33de0d95662..fa9079a0849 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -9,6 +9,10 @@ man1_MANS = create_tpm2_key.1 load_tpm2_key.1 seal_tpm2_data.1 \
+ CLEANFILES = $(man1_MANS)
+ endif
+ 
++if HAVE_OPENSSL3
++CFLAGS+= -DOPENSSL_API_COMPAT=0x10100000L
++endif
++
+ openssl_engine_LTLIBRARIES=libtpm2.la
+ bin_PROGRAMS=create_tpm2_key load_tpm2_key seal_tpm2_data unseal_tpm2_data
+ openssl_enginedir=@enginesdir@
+diff --git a/configure.ac b/configure.ac
+index 9ca4b4adb38..07edc8da52e 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -55,6 +55,11 @@ AC_ARG_WITH(openssl,
+ 	 AC_SUBST(OPENSSL_INCLUDE_DIR)])
+ 
+ AC_LANG(C)
++
++PKG_CHECK_MODULES([DEPS], [libcrypto >= 3.0.0],
++                  [ac_have_openssl3=1],
++		  [PKG_CHECK_MODULES([DEPS], [libcrypto])])
++
+ AC_ARG_WITH(
+ 	[enginesdir],
+ 	[AC_HELP_STRING([--with-enginesdir], [OpenSSL engines directory])],
+@@ -90,6 +95,8 @@ AC_SEARCH_LIBS([TSS_Create], [tss ibmtss], [], [
+ 	AC_MSG_ERROR([Unable to find the TSS2 library])
+ ])
+ 
++AM_CONDITIONAL(HAVE_OPENSSL3, test "$ac_have_openssl3" = "1")
++
+ AC_DISABLE_STATIC
+ AC_PROG_CC_STDC
+ AM_PROG_CC_C_O
+-- 
+2.25.1
+

openssl_tpm2_engine.spec

@@ -19,12 +19,13 @@
 
 Name:           openssl_tpm2_engine
 Version:        2.4.2
-Release:        1
+Release:        2
 Summary:        OpenSSL TPM 2.0 interface engine plugin
 License:        LGPL-2.1-only
 Group:          Productivity/Security
 URL:            https://git.kernel.org/pub/scm/linux/kernel/git/jejb/openssl_tpm2_engine.git/
 Source0:        https://git.kernel.org/pub/scm/linux/kernel/git/jejb/openssl_tpm2_engine.git/snapshot/%{name}-%{version}.tar.gz
+Patch0:         Add-openssl-3-support.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  help2man
@@ -32,6 +33,7 @@ BuildRequires:  tss2
 BuildRequires:  tss2-devel
 BuildRequires:  libtool
 BuildRequires:  openssl-devel
+Requires: openssl-libs
 
 %description
 This package contains a plugin a for OpenSSL which connects it with the
@@ -40,6 +42,7 @@ create_tpm2_key helper binary to create and extract a TPM key.
 
 %prep
 %setup -q
+%patch0 -p1
 
 %build
 autoreconf -fiv
@@ -63,32 +66,35 @@ find * -name \*.so -printf "/%p\n" > $CWD/%{EXTRA_FILES}
 
 %changelog
 
-Fri Jul  3 09:35:56 UTC 2020 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
+* Tue Feb  7 11:48:56 CET 2023 - Roberto Sassu <roberto.sassu@huawei.com>
+- Add Add-openssl-3-support.patch to fix a build issue
+
+* Fri Jul  3 09:35:56 UTC 2020 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
 - Update tarball due to download_files error
 
-Thu Jul  2 15:03:09 UTC 2020 - James.Bottomley@HansenPartnership.com
+* Thu Jul  2 15:03:09 UTC 2020 - James.Bottomley@HansenPartnership.com
 - Update to version 2.4.2
   * Add every TPM supported curve (as defined by the TCG)
   * Fix a bug with explicitly parametrised curve handling (needed for BN)
   * Update the tests to be able to use swtpm
   * Allow loading public key without password
 
-Thu Mar 26 04:31:36 UTC 2020 - James.Bottomley@HansenPartnership.com
+* Thu Mar 26 04:31:36 UTC 2020 - James.Bottomley@HansenPartnership.com
 - Update to version 2.4.1
   * fixes for older OpenSSL and gcc
   * variable tpm_server location for testing
 
-Fri Mar 6 00:47:24 UTC 2020 - James.Bottomley@HansenPartnership.com
+* Fri Mar 6 00:47:24 UTC 2020 - James.Bottomley@HansenPartnership.com
 - Update to version 2.4.0
   * data seal/unseal handling
   * PKCS12 wrapping support
 
-Fri Jan 10 16:52:22 UTC 2020 - James.Bottomley@HansenPartnership.com
+* Fri Jan 10 16:52:22 UTC 2020 - James.Bottomley@HansenPartnership.com
 - Update to version 2.3.1
   * bug fixes
   * add handling for DER keys
 
-Sun Feb 24 17:10:22 UTC 2019 - James.Bottomley@HansenPartnership.com
+* Sun Feb 24 17:10:22 UTC 2019 - James.Bottomley@HansenPartnership.com
 - Update to version 2.3.0
   * add the ability to produce restricted (storage) keys with defined
     symmetric seeds
@@ -97,23 +103,22 @@ Sun Feb 24 17:10:22 UTC 2019 - James.Bottomley@HansenPartnership.com
   * Add support for non-PKCS1 padding
   * Fixups for engines and cross builds
 
-Wed Nov 14 14:43:17 PST 2018 - James.Bottomley@HansenPartnership.com
+* Wed Nov 14 14:43:17 PST 2018 - James.Bottomley@HansenPartnership.com
 - Update to version 2.1.0:
   * Add importable keys feature
 
-Mon Nov 12 21:04:09 PST 2018 - James.Bottomley@HansenPartnership.com
+* Mon Nov 12 21:04:09 PST 2018 - James.Bottomley@HansenPartnership.com
 - Update to version 2.0.1:
   * Fix name algorithm selection
   * Make policy correct for non sha256 name algorithms
   * add security to TPM decryption operations
 
-Mon Nov  5 07:37:09 PST 2018 - James.Bottomley@HansenPartnership.com
+* Mon Nov  5 07:37:09 PST 2018 - James.Bottomley@HansenPartnership.com
 - Update to version 2.0.0:
   * Licence changed from GPL to LGPL (fixes openssl compatibility)
   * Key format changed for interoperability
   * OIDs updated with input from the TCG (new format only)
 
-Sat Aug 10 08:05:00 PDT 2018 - James.Bottomley@HansenPartnership.com
+* Sat Aug 10 08:05:00 PDT 2018 - James.Bottomley@HansenPartnership.com
 - Update to version 1.2.1:
   * Policy file support (fixed)
-