RSA is an opaque struct in OpenSSL 1.1. New getter functions must be used to access the key components. The functions were not present in OpenSSL 1.0, so add a compat header with the implementation of the needed functions as suggested by the OpenSSL wiki [1] in order to allow building tpm-tools with any version of OpenSSL.
[1] https://wiki.openssl.org/index.php/1.1_API_Changes --- src/data_mgmt/Makefile.am | 3 ++- src/data_mgmt/data_import.c | 52 ++++++++++++++++++++++--------------- src/data_mgmt/openssl_compat.h | 58 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 92 insertions(+), 21 deletions(-) create mode 100644 src/data_mgmt/openssl_compat.h diff --git a/src/data_mgmt/Makefile.am b/src/data_mgmt/Makefile.am index de505e48ef..9457618ab9 100644 --- a/src/data_mgmt/Makefile.am +++ b/src/data_mgmt/Makefile.am @@ -32,7 +32,8 @@ noinst_HEADERS = data_common.h \ data_init.h \ data_object.h \ data_passwd.h \ - data_protect.h + data_protect.h \ + openssl_compat.h # # Common build flags diff --git a/src/data_mgmt/data_import.c b/src/data_mgmt/data_import.c index d4d2052bc6..532543f7d3 100644 --- a/src/data_mgmt/data_import.c +++ b/src/data_mgmt/data_import.c @@ -39,6 +39,7 @@ #include <openssl/evp.h> #include <openssl/err.h> +#include "openssl_compat.h" /* * Global variables @@ -691,8 +692,11 @@ createRsaPubKeyObject( RSA *a_pRsa, int rc = -1; - int nLen = BN_num_bytes( a_pRsa->n ); - int eLen = BN_num_bytes( a_pRsa->e ); + const BIGNUM *rsa_n, *rsa_e; + RSA_get0_key( a_pRsa, &rsa_n, &rsa_e, NULL ); + + int nLen = BN_num_bytes( rsa_n ); + int eLen = BN_num_bytes( rsa_e ); CK_RV rv; @@ -732,8 +736,8 @@ createRsaPubKeyObject( RSA *a_pRsa, } // Get binary representations of the RSA key information - BN_bn2bin( a_pRsa->n, n ); - BN_bn2bin( a_pRsa->e, e ); + BN_bn2bin( rsa_n, n ); + BN_bn2bin( rsa_e, e ); // Create the RSA public key object rv = createObject( a_hSession, tAttr, ulAttrCount, a_hObject ); @@ -760,14 +764,22 @@ createRsaPrivKeyObject( RSA *a_pRsa, int rc = -1; - int nLen = BN_num_bytes( a_pRsa->n ); - int eLen = BN_num_bytes( a_pRsa->e ); - int dLen = BN_num_bytes( a_pRsa->d ); - int pLen = BN_num_bytes( a_pRsa->p ); - int qLen = BN_num_bytes( a_pRsa->q ); - int dmp1Len = BN_num_bytes( a_pRsa->dmp1 ); - int dmq1Len = BN_num_bytes( a_pRsa->dmq1 ); - int iqmpLen = BN_num_bytes( a_pRsa->iqmp ); + const BIGNUM *rsa_n, *rsa_e, *rsa_d; + const BIGNUM *rsa_p, *rsa_q; + const BIGNUM *rsa_dmp1, *rsa_dmq1, *rsa_iqmp; + + RSA_get0_key( a_pRsa, &rsa_n, &rsa_e, &rsa_d ); + RSA_get0_factors( a_pRsa, &rsa_p, &rsa_q ); + RSA_get0_crt_params( a_pRsa, &rsa_dmp1, &rsa_dmq1, &rsa_iqmp ); + + int nLen = BN_num_bytes( rsa_n ); + int eLen = BN_num_bytes( rsa_e ); + int dLen = BN_num_bytes( rsa_d ); + int pLen = BN_num_bytes( rsa_p ); + int qLen = BN_num_bytes( rsa_q ); + int dmp1Len = BN_num_bytes( rsa_dmp1 ); + int dmq1Len = BN_num_bytes( rsa_dmq1 ); + int iqmpLen = BN_num_bytes( rsa_iqmp ); CK_RV rv; @@ -821,14 +833,14 @@ createRsaPrivKeyObject( RSA *a_pRsa, } // Get binary representations of the RSA key information - BN_bn2bin( a_pRsa->n, n ); - BN_bn2bin( a_pRsa->e, e ); - BN_bn2bin( a_pRsa->d, d ); - BN_bn2bin( a_pRsa->p, p ); - BN_bn2bin( a_pRsa->q, q ); - BN_bn2bin( a_pRsa->dmp1, dmp1 ); - BN_bn2bin( a_pRsa->dmq1, dmq1 ); - BN_bn2bin( a_pRsa->iqmp, iqmp ); + BN_bn2bin( rsa_n, n ); + BN_bn2bin( rsa_e, e ); + BN_bn2bin( rsa_d, d ); + BN_bn2bin( rsa_p, p ); + BN_bn2bin( rsa_q, q ); + BN_bn2bin( rsa_dmp1, dmp1 ); + BN_bn2bin( rsa_dmq1, dmq1 ); + BN_bn2bin( rsa_iqmp, iqmp ); // Create the RSA private key object rv = createObject( a_hSession, tAttr, ulAttrCount, a_hObject ); diff --git a/src/data_mgmt/openssl_compat.h b/src/data_mgmt/openssl_compat.h new file mode 100644 index 0000000000..2a60fdf492 --- /dev/null +++ b/src/data_mgmt/openssl_compat.h @@ -0,0 +1,58 @@ +/* + * Getter functions for OpenSSL < 1.1 compatibility. Based on code from: + * https://wiki.openssl.org/index.php/1.1_API_Changes#Adding_forward-compatible_code_to_older_versions + * and therefore: + * Copyright OpenSSL 2016 + * Contents licensed under the terms of the OpenSSL license + * See http://www.openssl.org/source/license.html for details + */ + +#ifndef __OPENSSL_COMPAT_H +#define __OPENSSL_COMPAT_H + +#if OPENSSL_VERSION_NUMBER < 0x10100000L + +#include <openssl/engine.h> + +static inline void +RSA_get0_key( const RSA *r, + const BIGNUM **n, + const BIGNUM **e, + const BIGNUM **d ) { + + if ( n ) + *n = r->n; + if ( e ) + *e = r->e; + if ( d ) + *d = r->d; +} + +static inline void +RSA_get0_factors( const RSA *r, + const BIGNUM **p, + const BIGNUM **q ) { + + if ( p ) + *p = r->p; + if ( q ) + *q = r->q; +} + +static inline void +RSA_get0_crt_params( const RSA *r, + const BIGNUM **dmp1, + const BIGNUM **dmq1, + const BIGNUM **iqmp ) { + + if ( dmp1 ) + *dmp1 = r->dmp1; + if ( dmq1 ) + *dmq1 = r->dmq1; + if ( iqmp ) + *iqmp = r->iqmp; +} + +#endif /* OPENSSL_VERSION_NUMBER */ + +#endif /* __OPENSSL_COMPAT_H */ -- 2.9.3 ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
