Fix OpenSSL 1.1 compat layer
- Changes for latest ykpiv_util refactor - Passes hw tests with openssl 1.0 and 1.1 - Passes valgrind
This commit is contained in:
+4
-6
@@ -344,13 +344,11 @@ bool prepare_rsa_signature(const unsigned char *in, unsigned int in_len, unsigne
|
||||
|
||||
digestInfo = X509_SIG_new();
|
||||
X509_SIG_getm(digestInfo, &algor, &digest);
|
||||
algor = X509_ALGOR_new();
|
||||
X509_ALGOR_set0(algor, OBJ_nid2obj(nid), V_ASN1_NULL, ¶meter);
|
||||
parameter.type = V_ASN1_NULL;
|
||||
parameter.value.ptr = NULL;
|
||||
digest->data = data;
|
||||
digest->length = (int)in_len;
|
||||
algor->algorithm = OBJ_nid2obj(nid);
|
||||
X509_ALGOR_set0(algor, OBJ_nid2obj(nid), V_ASN1_NULL, NULL);
|
||||
ASN1_STRING_set(digest, data, in_len);
|
||||
*out_len = (unsigned int)i2d_X509_SIG(digestInfo, &out);
|
||||
X509_SIG_free(digestInfo);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@@ -221,14 +221,16 @@ static bool generate_key(ykpiv_state *state, enum enum_slot slot,
|
||||
if(key_format == key_format_arg_PEM) {
|
||||
public_key = EVP_PKEY_new();
|
||||
if(algorithm == algorithm_arg_RSA1024 || algorithm == algorithm_arg_RSA2048) {
|
||||
BIGNUM *bignum_n = NULL;
|
||||
BIGNUM *bignum_e = NULL;
|
||||
rsa = RSA_new();
|
||||
rsa->n = BN_bin2bn(mod, mod_len, NULL);
|
||||
if (rsa->n == NULL) {
|
||||
bignum_n = BN_bin2bn(mod, mod_len, NULL);
|
||||
if (bignum_n == NULL) {
|
||||
fprintf(stderr, "Failed to parse public key modulus.\n");
|
||||
goto generate_out;
|
||||
}
|
||||
rsa->e = BN_bin2bn(exp, exp_len, NULL);
|
||||
if(rsa->e == NULL) {
|
||||
bignum_e = BN_bin2bn(exp, exp_len, NULL);
|
||||
if(bignum_e == NULL) {
|
||||
fprintf(stderr, "Failed to parse public key exponent.\n");
|
||||
goto generate_out;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user