From: Jelle van der Waa <jelle@vdwaa.nl>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 1/2] rsa: Fix build with OpenSSL 1.1.x
Date: Mon, 13 Feb 2017 10:00:36 +0100 [thread overview]
Message-ID: <20170213090037.29223-1-jelle@vdwaa.nl> (raw)
The rsa_st struct has been made opaque in 1.1.x, add forward compatible
code to access the n, e, d members of rsa_struct.
EVP_MD_CTX_cleanup has been removed in 1.1.x and EVP_MD_CTX_reset should be
called to reinitialise an already created structure.
---
lib/rsa/rsa-sign.c | 33 +++++++++++++++++++++++++++------
1 file changed, 27 insertions(+), 6 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 8c6637e328..965fb00f95 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -20,6 +20,19 @@
#define HAVE_ERR_REMOVE_THREAD_STATE
#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+void RSA_get0_key(const RSA *r,
+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
+{
+ if (n != NULL)
+ *n = r->n;
+ if (e != NULL)
+ *e = r->e;
+ if (d != NULL)
+ *d = r->d;
+}
+#endif
+
static int rsa_err(const char *msg)
{
unsigned long sslErr = ERR_get_error();
@@ -409,7 +422,11 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo,
ret = rsa_err("Could not obtain signature");
goto err_sign;
}
- EVP_MD_CTX_cleanup(context);
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_MD_CTX_cleanup(context);
+ #else
+ EVP_MD_CTX_reset(context);
+ #endif
EVP_MD_CTX_destroy(context);
EVP_PKEY_free(key);
@@ -479,6 +496,7 @@ static int rsa_get_exponent(RSA *key, uint64_t *e)
{
int ret;
BIGNUM *bn_te;
+ const BIGNUM *key_e;
uint64_t te;
ret = -EINVAL;
@@ -487,17 +505,18 @@ static int rsa_get_exponent(RSA *key, uint64_t *e)
if (!e)
goto cleanup;
- if (BN_num_bits(key->e) > 64)
+ RSA_get0_key(key, NULL, &key_e, NULL);
+ if (BN_num_bits(key_e) > 64)
goto cleanup;
- *e = BN_get_word(key->e);
+ *e = BN_get_word(key_e);
- if (BN_num_bits(key->e) < 33) {
+ if (BN_num_bits(key_e) < 33) {
ret = 0;
goto cleanup;
}
- bn_te = BN_dup(key->e);
+ bn_te = BN_dup(key_e);
if (!bn_te)
goto cleanup;
@@ -527,6 +546,7 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp,
{
BIGNUM *big1, *big2, *big32, *big2_32;
BIGNUM *n, *r, *r_squared, *tmp;
+ const BIGNUM *key_n;
BN_CTX *bn_ctx = BN_CTX_new();
int ret = 0;
@@ -548,7 +568,8 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp,
if (0 != rsa_get_exponent(key, exponent))
ret = -1;
- if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) ||
+ RSA_get0_key(key, NULL, &key_n, NULL);
+ if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) ||
!BN_set_word(big2, 2L) || !BN_set_word(big32, 32L))
ret = -1;
--
2.11.1
next reply other threads:[~2017-02-13 9:00 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-13 9:00 Jelle van der Waa [this message]
2017-02-13 9:00 ` [U-Boot] [PATCH 2/2] rsa: Fix deprecated warnings for OpenSSL 1.1.x Jelle van der Waa
2017-02-22 3:59 ` Simon Glass
2017-02-13 9:57 ` [U-Boot] [PATCH 1/2] rsa: Fix build with " Peter Robinson
2017-02-14 12:43 ` Peter Robinson
2017-02-14 22:14 ` Jelle van der Waa
2017-02-16 1:59 ` Jonathan Gray
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170213090037.29223-1-jelle@vdwaa.nl \
--to=jelle@vdwaa.nl \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.