Fix OpenSSL 1.1 compat layer

- Changes for latest ykpiv_util refactor
 - Passes hw tests with openssl 1.0 and 1.1
 - Passes valgrind
This commit is contained in:
Trevor Bentley
2017-11-21 17:08:38 +01:00
parent 4785e23bd1
commit 7ca0267ddf
9 changed files with 60 additions and 40 deletions
+4 -6
View File
@@ -344,13 +344,11 @@ bool prepare_rsa_signature(const unsigned char *in, unsigned int in_len, unsigne
digestInfo = X509_SIG_new();
X509_SIG_getm(digestInfo, &algor, &digest);
algor = X509_ALGOR_new();
X509_ALGOR_set0(algor, OBJ_nid2obj(nid), V_ASN1_NULL, &parameter);
parameter.type = V_ASN1_NULL;
parameter.value.ptr = NULL;
digest->data = data;
digest->length = (int)in_len;
algor->algorithm = OBJ_nid2obj(nid);
X509_ALGOR_set0(algor, OBJ_nid2obj(nid), V_ASN1_NULL, NULL);
ASN1_STRING_set(digest, data, in_len);
*out_len = (unsigned int)i2d_X509_SIG(digestInfo, &out);
X509_SIG_free(digestInfo);
return true;
}
+6 -4
View File
@@ -221,14 +221,16 @@ static bool generate_key(ykpiv_state *state, enum enum_slot slot,
if(key_format == key_format_arg_PEM) {
public_key = EVP_PKEY_new();
if(algorithm == algorithm_arg_RSA1024 || algorithm == algorithm_arg_RSA2048) {
BIGNUM *bignum_n = NULL;
BIGNUM *bignum_e = NULL;
rsa = RSA_new();
rsa->n = BN_bin2bn(mod, mod_len, NULL);
if (rsa->n == NULL) {
bignum_n = BN_bin2bn(mod, mod_len, NULL);
if (bignum_n == NULL) {
fprintf(stderr, "Failed to parse public key modulus.\n");
goto generate_out;
}
rsa->e = BN_bin2bn(exp, exp_len, NULL);
if(rsa->e == NULL) {
bignum_e = BN_bin2bn(exp, exp_len, NULL);
if(bignum_e == NULL) {
fprintf(stderr, "Failed to parse public key exponent.\n");
goto generate_out;
}