Commit c3b4328166b03d6749b86eb0fbb21a10e4395cfd
Committed by
Tom Rini
1 parent
8cfb77387e
Exists in
smarc_8mq_lf_v2020.04
and in
17 other branches
rsa: Fix build with OpenSSL 1.1.x
The rsa_st struct has been made opaque in 1.1.x, add forward compatible code to access the n, e, d members of rsa_struct. EVP_MD_CTX_cleanup has been removed in 1.1.x and EVP_MD_CTX_reset should be called to reinitialise an already created structure.
Showing 1 changed file with 38 additions and 6 deletions Side-by-side Diff
lib/rsa/rsa-sign.c
... | ... | @@ -9,6 +9,7 @@ |
9 | 9 | #include <string.h> |
10 | 10 | #include <image.h> |
11 | 11 | #include <time.h> |
12 | +#include <openssl/bn.h> | |
12 | 13 | #include <openssl/rsa.h> |
13 | 14 | #include <openssl/pem.h> |
14 | 15 | #include <openssl/err.h> |
... | ... | @@ -20,6 +21,19 @@ |
20 | 21 | #define HAVE_ERR_REMOVE_THREAD_STATE |
21 | 22 | #endif |
22 | 23 | |
24 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
25 | +static void RSA_get0_key(const RSA *r, | |
26 | + const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) | |
27 | +{ | |
28 | + if (n != NULL) | |
29 | + *n = r->n; | |
30 | + if (e != NULL) | |
31 | + *e = r->e; | |
32 | + if (d != NULL) | |
33 | + *d = r->d; | |
34 | +} | |
35 | +#endif | |
36 | + | |
23 | 37 | static int rsa_err(const char *msg) |
24 | 38 | { |
25 | 39 | unsigned long sslErr = ERR_get_error(); |
26 | 40 | |
27 | 41 | |
28 | 42 | |
... | ... | @@ -286,16 +300,22 @@ |
286 | 300 | { |
287 | 301 | int ret; |
288 | 302 | |
303 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
289 | 304 | ret = SSL_library_init(); |
305 | +#else | |
306 | + ret = OPENSSL_init_ssl(0, NULL); | |
307 | +#endif | |
290 | 308 | if (!ret) { |
291 | 309 | fprintf(stderr, "Failure to init SSL library\n"); |
292 | 310 | return -1; |
293 | 311 | } |
312 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
294 | 313 | SSL_load_error_strings(); |
295 | 314 | |
296 | 315 | OpenSSL_add_all_algorithms(); |
297 | 316 | OpenSSL_add_all_digests(); |
298 | 317 | OpenSSL_add_all_ciphers(); |
318 | +#endif | |
299 | 319 | |
300 | 320 | return 0; |
301 | 321 | } |
302 | 322 | |
303 | 323 | |
... | ... | @@ -335,12 +355,15 @@ |
335 | 355 | err_engine_init: |
336 | 356 | ENGINE_free(e); |
337 | 357 | err_engine_by_id: |
358 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
338 | 359 | ENGINE_cleanup(); |
360 | +#endif | |
339 | 361 | return ret; |
340 | 362 | } |
341 | 363 | |
342 | 364 | static void rsa_remove(void) |
343 | 365 | { |
366 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
344 | 367 | CRYPTO_cleanup_all_ex_data(); |
345 | 368 | ERR_free_strings(); |
346 | 369 | #ifdef HAVE_ERR_REMOVE_THREAD_STATE |
... | ... | @@ -349,6 +372,7 @@ |
349 | 372 | ERR_remove_state(0); |
350 | 373 | #endif |
351 | 374 | EVP_cleanup(); |
375 | +#endif | |
352 | 376 | } |
353 | 377 | |
354 | 378 | static void rsa_engine_remove(ENGINE *e) |
... | ... | @@ -409,7 +433,11 @@ |
409 | 433 | ret = rsa_err("Could not obtain signature"); |
410 | 434 | goto err_sign; |
411 | 435 | } |
412 | - EVP_MD_CTX_cleanup(context); | |
436 | + #if OPENSSL_VERSION_NUMBER < 0x10100000L | |
437 | + EVP_MD_CTX_cleanup(context); | |
438 | + #else | |
439 | + EVP_MD_CTX_reset(context); | |
440 | + #endif | |
413 | 441 | EVP_MD_CTX_destroy(context); |
414 | 442 | EVP_PKEY_free(key); |
415 | 443 | |
... | ... | @@ -479,6 +507,7 @@ |
479 | 507 | { |
480 | 508 | int ret; |
481 | 509 | BIGNUM *bn_te; |
510 | + const BIGNUM *key_e; | |
482 | 511 | uint64_t te; |
483 | 512 | |
484 | 513 | ret = -EINVAL; |
485 | 514 | |
486 | 515 | |
487 | 516 | |
... | ... | @@ -487,17 +516,18 @@ |
487 | 516 | if (!e) |
488 | 517 | goto cleanup; |
489 | 518 | |
490 | - if (BN_num_bits(key->e) > 64) | |
519 | + RSA_get0_key(key, NULL, &key_e, NULL); | |
520 | + if (BN_num_bits(key_e) > 64) | |
491 | 521 | goto cleanup; |
492 | 522 | |
493 | - *e = BN_get_word(key->e); | |
523 | + *e = BN_get_word(key_e); | |
494 | 524 | |
495 | - if (BN_num_bits(key->e) < 33) { | |
525 | + if (BN_num_bits(key_e) < 33) { | |
496 | 526 | ret = 0; |
497 | 527 | goto cleanup; |
498 | 528 | } |
499 | 529 | |
500 | - bn_te = BN_dup(key->e); | |
530 | + bn_te = BN_dup(key_e); | |
501 | 531 | if (!bn_te) |
502 | 532 | goto cleanup; |
503 | 533 | |
... | ... | @@ -527,6 +557,7 @@ |
527 | 557 | { |
528 | 558 | BIGNUM *big1, *big2, *big32, *big2_32; |
529 | 559 | BIGNUM *n, *r, *r_squared, *tmp; |
560 | + const BIGNUM *key_n; | |
530 | 561 | BN_CTX *bn_ctx = BN_CTX_new(); |
531 | 562 | int ret = 0; |
532 | 563 | |
... | ... | @@ -548,7 +579,8 @@ |
548 | 579 | if (0 != rsa_get_exponent(key, exponent)) |
549 | 580 | ret = -1; |
550 | 581 | |
551 | - if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) || | |
582 | + RSA_get0_key(key, &key_n, NULL, NULL); | |
583 | + if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) || | |
552 | 584 | !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) |
553 | 585 | ret = -1; |
554 | 586 |