Hi Tianjia, On Wed, 2021-07-21 at 11:16 +0800, Tianjia Zhang wrote: > Keep in sync with the kernel IMA, IMA signature tool supports SM2/3 > algorithm combination. Because in the current version of OpenSSL 1.1.1, > the SM2 algorithm and the public key using the EC algorithm share the > same ID 'EVP_PKEY_EC', and the specific algorithm can only be > distinguished by the curve name used. This patch supports this feature. > > Secondly, the openssl 1.1.1 tool does not fully support the signature > of SM2/3 algorithm combination, so the openssl3 tool is used in the > test case, and there is no this problem with directly calling the > openssl 1.1.1 API in evmctl. > > Signed-off-by: Tianjia Zhang <tianjia.zhang@xxxxxxxxxxxxxxxxx> Other than the change noted below in .travis.yml, it's fine. It's now queued in next-testing. > --- > diff --git a/.travis.yml b/.travis.yml > index 7a76273..ab030e5 100644 > --- a/.travis.yml > +++ b/.travis.yml > @@ -9,7 +9,7 @@ matrix: > include: > # 32 bit build > - os: linux > - env: DISTRO=debian:stable VARIANT=i386 ARCH=i386 TSS=tpm2-tss > + env: DISTRO=debian:stable VARIANT=i386 ARCH=i386 TSS=tpm2-tss COMPILE_SSL: openssl-3.0.0-beta1 "COMPILE_SSL: openssl-3.0.0-beta1" -> "COMPILE_SSL=openssl-3.0.0- beta1" thanks, Mimi > compiler: gcc > > # cross compilation builds > @@ -32,7 +32,7 @@ matrix: > > # glibc (gcc/clang) > - os: linux > - env: DISTRO=opensuse/tumbleweed TSS=ibmtss CONTAINER=podman CONTAINER_ARGS="--runtime=/usr/bin/runc --network=host" > + env: DISTRO=opensuse/tumbleweed TSS=ibmtss CONTAINER=podman CONTAINER_ARGS="--runtime=/usr/bin/runc --network=host" COMPILE_SSL: openssl-3.0.0-beta1 > compiler: clang > > - os: linux > @@ -40,7 +40,7 @@ matrix: > compiler: gcc > > - os: linux > - env: DISTRO=ubuntu:groovy TSS=ibmtss > + env: DISTRO=ubuntu:groovy TSS=ibmtss COMPILE_SSL: openssl-3.0.0-beta1 > compiler: gcc > > - os: linux >
