Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
No build reason found for SLE-Module-Development-Tools:ppc64le
openSUSE:Leap:15.0
ipsec-tools
ipsec-tools-openssl1.1.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ipsec-tools-openssl1.1.patch of Package ipsec-tools
Index: ipsec-tools-0.8.2/src/racoon/crypto_openssl.c =================================================================== --- ipsec-tools-0.8.2.orig/src/racoon/crypto_openssl.c +++ ipsec-tools-0.8.2/src/racoon/crypto_openssl.c @@ -312,13 +312,18 @@ eay_cmp_asn1dn(n1, n2) for(idx = 0; idx < X509_NAME_entry_count(a); idx++) { X509_NAME_ENTRY *ea = X509_NAME_get_entry(a, idx); X509_NAME_ENTRY *eb = X509_NAME_get_entry(b, idx); + ASN1_STRING *eav = X509_NAME_ENTRY_get_data(ea); + ASN1_STRING *ebv; if (!eb) { /* reached end of eb while still entries in ea, can not be equal... */ i = idx+1; goto end; } - if ((ea->value->length == 1 && ea->value->data[0] == '*') || - (eb->value->length == 1 && eb->value->data[0] == '*')) { - if (OBJ_cmp(ea->object,eb->object)) { + ebv = X509_NAME_ENTRY_get_data(eb); + if ((ASN1_STRING_length(eav) == 1 && ASN1_STRING_get0_data(eav)[0] == '*') || + (ASN1_STRING_length(ebv) == 1 && ASN1_STRING_get0_data(ebv)[0] == '*')) { + ASN1_OBJECT *eao = X509_NAME_ENTRY_get_object(ea); + ASN1_OBJECT *ebo = X509_NAME_ENTRY_get_object(eb); + if (OBJ_cmp(eao,ebo)) { i = idx+1; goto end; } @@ -430,7 +435,7 @@ cb_check_cert_local(ok, ctx) if (!ok) { X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), + X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), buf, 256); /* @@ -438,7 +443,7 @@ cb_check_cert_local(ok, ctx) * ok if they are self signed. But we should still warn * the user. */ - switch (ctx->error) { + switch (X509_STORE_CTX_get_error(ctx)) { case X509_V_ERR_CERT_HAS_EXPIRED: case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: case X509_V_ERR_INVALID_CA: @@ -453,9 +458,9 @@ cb_check_cert_local(ok, ctx) } plog(log_tag, LOCATION, NULL, "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, + X509_verify_cert_error_string(X509_STORE_CTX_get_error(ctx)), + X509_STORE_CTX_get_error(ctx), + X509_STORE_CTX_get_error_depth(ctx), buf); } ERR_clear_error(); @@ -477,10 +482,10 @@ cb_check_cert_remote(ok, ctx) if (!ok) { X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), + X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), buf, 256); - switch (ctx->error) { + switch (X509_STORE_CTX_get_error(ctx)) { case X509_V_ERR_UNABLE_TO_GET_CRL: ok = 1; log_tag = LLV_WARNING; @@ -490,9 +495,9 @@ cb_check_cert_remote(ok, ctx) } plog(log_tag, LOCATION, NULL, "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, + X509_verify_cert_error_string(X509_STORE_CTX_get_error(ctx)), + X509_STORE_CTX_get_error(ctx), + X509_STORE_CTX_get_error_depth(ctx), buf); } ERR_clear_error(); @@ -517,13 +522,13 @@ eay_get_x509asn1subjectname(cert) goto error; /* get the length of the name */ - len = i2d_X509_NAME(x509->cert_info->subject, NULL); + len = i2d_X509_NAME(X509_get_subject_name(x509), NULL); name = vmalloc(len); if (!name) goto error; /* get the name */ bp = (unsigned char *) name->v; - len = i2d_X509_NAME(x509->cert_info->subject, &bp); + len = i2d_X509_NAME(X509_get_subject_name(x509), &bp); X509_free(x509); @@ -662,14 +667,14 @@ eay_get_x509asn1issuername(cert) goto error; /* get the length of the name */ - len = i2d_X509_NAME(x509->cert_info->issuer, NULL); + len = i2d_X509_NAME(X509_get_issuer_name(x509), NULL); name = vmalloc(len); if (name == NULL) goto error; /* get the name */ bp = (unsigned char *) name->v; - len = i2d_X509_NAME(x509->cert_info->issuer, &bp); + len = i2d_X509_NAME(X509_get_issuer_name(x509), &bp); X509_free(x509); @@ -850,7 +855,7 @@ eay_check_x509sign(source, sig, cert) return -1; } - res = eay_rsa_verify(source, sig, evp->pkey.rsa); + res = eay_rsa_verify(source, sig, EVP_PKEY_get0_RSA(evp)); EVP_PKEY_free(evp); X509_free(x509); @@ -992,7 +997,7 @@ eay_get_x509sign(src, privkey) if (evp == NULL) return NULL; - sig = eay_rsa_sign(src, evp->pkey.rsa); + sig = eay_rsa_sign(src, EVP_PKEY_get0_RSA(evp)); EVP_PKEY_free(evp); @@ -1100,7 +1105,7 @@ vchar_t * evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc) { vchar_t *res; - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; if (!e) return NULL; @@ -1111,7 +1116,7 @@ evp_crypt(vchar_t *data, vchar_t *key, v if ((res = vmalloc(data->l)) == NULL) return NULL; - EVP_CIPHER_CTX_init(&ctx); + ctx = EVP_CIPHER_CTX_new(); switch(EVP_CIPHER_nid(e)){ case NID_bf_cbc: @@ -1126,7 +1131,7 @@ evp_crypt(vchar_t *data, vchar_t *key, v */ /* init context without key/iv */ - if (!EVP_CipherInit(&ctx, e, NULL, NULL, enc)) + if (!EVP_CipherInit(ctx, e, NULL, NULL, enc)) { OpenSSL_BUG(); vfree(res); @@ -1135,7 +1140,7 @@ evp_crypt(vchar_t *data, vchar_t *key, v /* update key size */ - if (!EVP_CIPHER_CTX_set_key_length(&ctx, key->l)) + if (!EVP_CIPHER_CTX_set_key_length(ctx, key->l)) { OpenSSL_BUG(); vfree(res); @@ -1144,7 +1149,7 @@ evp_crypt(vchar_t *data, vchar_t *key, v /* finalize context init with desired key size */ - if (!EVP_CipherInit(&ctx, NULL, (u_char *) key->v, + if (!EVP_CipherInit(ctx, NULL, (u_char *) key->v, (u_char *) iv->v, enc)) { OpenSSL_BUG(); @@ -1153,7 +1158,7 @@ evp_crypt(vchar_t *data, vchar_t *key, v } break; default: - if (!EVP_CipherInit(&ctx, e, (u_char *) key->v, + if (!EVP_CipherInit(ctx, e, (u_char *) key->v, (u_char *) iv->v, enc)) { OpenSSL_BUG(); vfree(res); @@ -1162,15 +1167,15 @@ evp_crypt(vchar_t *data, vchar_t *key, v } /* disable openssl padding */ - EVP_CIPHER_CTX_set_padding(&ctx, 0); + EVP_CIPHER_CTX_set_padding(ctx, 0); - if (!EVP_Cipher(&ctx, (u_char *) res->v, (u_char *) data->v, data->l)) { + if (!EVP_Cipher(ctx, (u_char *) res->v, (u_char *) data->v, data->l)) { OpenSSL_BUG(); vfree(res); return NULL; } - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); return res; } @@ -1680,9 +1685,9 @@ eay_hmac_init(key, md) vchar_t *key; const EVP_MD *md; { - HMAC_CTX *c = racoon_malloc(sizeof(*c)); + HMAC_CTX *c = HMAC_CTX_new(); - HMAC_Init(c, key->v, key->l, md); + HMAC_Init_ex(c, key->v, key->l, md, NULL); return (caddr_t)c; } @@ -1761,8 +1766,7 @@ eay_hmacsha2_512_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA512_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1811,8 +1815,7 @@ eay_hmacsha2_384_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA384_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1861,8 +1864,7 @@ eay_hmacsha2_256_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA256_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1912,8 +1914,7 @@ eay_hmacsha1_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (SHA_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -1962,8 +1963,7 @@ eay_hmacmd5_final(c) HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l); res->l = l; - HMAC_cleanup((HMAC_CTX *)c); - (void)racoon_free(c); + HMAC_CTX_free((HMAC_CTX *)c); if (MD5_DIGEST_LENGTH != res->l) { plog(LLV_ERROR, LOCATION, NULL, @@ -2234,28 +2234,28 @@ vchar_t * eay_md5fips_one(data) vchar_t *data; { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; vchar_t *res; unsigned int i; if ((res = vmalloc(EVP_MD_size(EVP_md5()))) == 0) return NULL; - EVP_MD_CTX_init(&ctx); + ctx = EVP_MD_CTX_new(); #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW /* appeared around openssl 0.9.8k as define, allows usage in FIPS mode. */ - EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); #endif - EVP_DigestInit_ex (&ctx, EVP_md5(), NULL); + EVP_DigestInit_ex (ctx, EVP_md5(), NULL); - if (!EVP_DigestUpdate(&ctx, (void *) data->v, data->l)) + if (!EVP_DigestUpdate(ctx, (void *) data->v, data->l)) { - EVP_MD_CTX_cleanup(&ctx); + EVP_MD_CTX_free(ctx); vfree(res); return NULL; } - EVP_DigestFinal_ex(&ctx, (void *) res->v, &i); - EVP_MD_CTX_cleanup(&ctx); + EVP_DigestFinal_ex(ctx, (void *) res->v, &i); + EVP_MD_CTX_free(ctx); return res; } @@ -2294,36 +2294,40 @@ eay_dh_generate(prime, g, publen, pub, p u_int publen; u_int32_t g; { - BIGNUM *p = NULL; + BIGNUM *dhg = NULL; + BIGNUM *dhp = NULL; + const BIGNUM *pub_key; + const BIGNUM *priv_key; DH *dh = NULL; int error = -1; /* initialize */ /* pre-process to generate number */ - if (eay_v2bn(&p, prime) < 0) + if (eay_v2bn(&dhp, prime) < 0) goto end; if ((dh = DH_new()) == NULL) goto end; - dh->p = p; - p = NULL; /* p is now part of dh structure */ - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) + if ((dhg = BN_new()) == NULL) goto end; - if (!BN_set_word(dh->g, g)) + if (!BN_set_word(dhg, g)) goto end; + DH_set0_pqg(dh,dhp,NULL,dhg); + dhp = NULL; if (publen != 0) - dh->length = publen; + DH_set_length(dh,publen); /* generate public and private number */ if (!DH_generate_key(dh)) goto end; + DH_get0_key(dh,&pub_key, &priv_key); + /* copy results to buffers */ - if (eay_bn2v(pub, dh->pub_key) < 0) + if (eay_bn2v(pub, pub_key) < 0) goto end; - if (eay_bn2v(priv, dh->priv_key) < 0) { + if (eay_bn2v(priv, priv_key) < 0) { vfree(*pub); goto end; } @@ -2333,8 +2337,8 @@ eay_dh_generate(prime, g, publen, pub, p end: if (dh != NULL) DH_free(dh); - if (p != 0) - BN_free(p); + if (dhp != 0) + BN_free(dhp); return(error); } @@ -2344,6 +2348,10 @@ eay_dh_compute(prime, g, pub, priv, pub2 u_int32_t g; { BIGNUM *dh_pub = NULL; + BIGNUM *dhp = NULL; + BIGNUM *dhg = NULL; + BIGNUM *dhpub_key = NULL; + BIGNUM *dhpriv_key = NULL; DH *dh = NULL; int l; unsigned char *v = NULL; @@ -2356,20 +2364,23 @@ eay_dh_compute(prime, g, pub, priv, pub2 /* make DH structure */ if ((dh = DH_new()) == NULL) goto end; - if (eay_v2bn(&dh->p, prime) < 0) + if (eay_v2bn(&dhp, prime) < 0) goto end; - if (eay_v2bn(&dh->pub_key, pub) < 0) + if (eay_v2bn(&dhpub_key, pub) < 0) goto end; - if (eay_v2bn(&dh->priv_key, priv) < 0) + if (eay_v2bn(&dhpriv_key, priv) < 0) goto end; - dh->length = pub2->l * 8; - dh->g = NULL; - if ((dh->g = BN_new()) == NULL) + dhg = NULL; + if ((dhg = BN_new()) == NULL) goto end; - if (!BN_set_word(dh->g, g)) + if (!BN_set_word(dhg, g)) goto end; + DH_set0_pqg(dh,dhp,NULL,dhg); + DH_set0_key(dh,dhpub_key,dhpriv_key); + DH_set_length(dh,pub2->l * 8); + if ((v = racoon_calloc(prime->l, sizeof(u_char))) == NULL) goto end; if ((l = DH_compute_key(v, dh_pub, dh)) == -1) @@ -2415,7 +2426,7 @@ eay_v2bn(bn, var) int eay_bn2v(var, bn) vchar_t **var; - BIGNUM *bn; + const BIGNUM *bn; { *var = vmalloc(BN_num_bytes(bn)); if (*var == NULL) @@ -2532,9 +2543,7 @@ binbuf_pubkey2rsa(vchar_t *binbuf) rsa_pub = NULL; goto out; } - - rsa_pub->n = mod; - rsa_pub->e = exp; + RSA_set0_key(rsa_pub,mod,exp,NULL); out: return rsa_pub; Index: ipsec-tools-0.8.2/src/racoon/eaytest.c =================================================================== --- ipsec-tools-0.8.2.orig/src/racoon/eaytest.c +++ ipsec-tools-0.8.2/src/racoon/eaytest.c @@ -106,7 +106,7 @@ rsa_verify_with_pubkey(src, sig, pubkey_ printf ("PEM_read_PUBKEY(): %s\n", eay_strerror()); return -1; } - error = eay_check_rsasign(src, sig, evp->pkey.rsa); + error = eay_check_rsasign(src, sig, EVP_PKEY_get0_RSA(evp)); return error; } Index: ipsec-tools-0.8.2/src/racoon/crypto_openssl.h =================================================================== --- ipsec-tools-0.8.2.orig/src/racoon/crypto_openssl.h +++ ipsec-tools-0.8.2/src/racoon/crypto_openssl.h @@ -224,7 +224,7 @@ RSA *bignum_pubkey2rsa(BIGNUM *in); extern int eay_revbnl __P((vchar_t *)); #include <openssl/bn.h> extern int eay_v2bn __P((BIGNUM **, vchar_t *)); -extern int eay_bn2v __P((vchar_t **, BIGNUM *)); +extern int eay_bn2v __P((vchar_t **, const BIGNUM *)); extern const char *eay_version __P((void)); Index: ipsec-tools-0.8.2/src/racoon/rsalist.c =================================================================== --- ipsec-tools-0.8.2.orig/src/racoon/rsalist.c +++ ipsec-tools-0.8.2/src/racoon/rsalist.c @@ -98,7 +98,10 @@ rsa_key_dup(struct rsa_key *key) return NULL; if (key->rsa) { - new->rsa = key->rsa->d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa); + const BIGNUM *d; + + RSA_get0_key(key->rsa,NULL,NULL,&d); + new->rsa = (d != NULL) ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa); if (new->rsa == NULL) goto dup_error; } Index: ipsec-tools-0.8.2/src/racoon/prsa_par.y =================================================================== --- ipsec-tools-0.8.2.orig/src/racoon/prsa_par.y +++ ipsec-tools-0.8.2/src/racoon/prsa_par.y @@ -174,31 +174,31 @@ statement: rsa_statement: TAG_RSA OBRACE params EBRACE { + if (prsa_cur_type == RSA_TYPE_PUBLIC) { + const BIGNUM *n, *e; prsawarning("Using private key for public key purpose.\n"); - if (!rsa_cur->n || !rsa_cur->e) { + RSA_get0_key(rsa_cur,&n,&e,NULL); + if (!n || !e) { prsaerror("Incomplete key. Mandatory parameters are missing!\n"); YYABORT; } } else { - if (!rsa_cur->n || !rsa_cur->e || !rsa_cur->d) { + const BIGNUM *n, *e, *d; + const BIGNUM *p, *q, *dmp1, *dmq1, *iqmp; + + RSA_get0_key(rsa_cur,&n,&e,&d); + if (!n || !e || !d) { prsaerror("Incomplete key. Mandatory parameters are missing!\n"); YYABORT; } - if (!rsa_cur->p || !rsa_cur->q || !rsa_cur->dmp1 - || !rsa_cur->dmq1 || !rsa_cur->iqmp) { - if (rsa_cur->p) BN_clear_free(rsa_cur->p); - if (rsa_cur->q) BN_clear_free(rsa_cur->q); - if (rsa_cur->dmp1) BN_clear_free(rsa_cur->dmp1); - if (rsa_cur->dmq1) BN_clear_free(rsa_cur->dmq1); - if (rsa_cur->iqmp) BN_clear_free(rsa_cur->iqmp); - - rsa_cur->p = NULL; - rsa_cur->q = NULL; - rsa_cur->dmp1 = NULL; - rsa_cur->dmq1 = NULL; - rsa_cur->iqmp = NULL; + RSA_get0_factors(rsa_cur,&p,&q); + RSA_get0_crt_params(rsa_cur,&dmp1,&dmq1,&iqmp); + if (!p || !q || !dmp1 || !dmq1 || !iqmp) { + /* i think the intent here is to clear the key if it is incomplete ? */ + RSA_free(rsa_cur); + rsa_cur = RSA_new(); } } $$ = rsa_cur; @@ -301,21 +301,21 @@ params: param: MODULUS COLON HEX - { if (!rsa_cur->n) rsa_cur->n = $3; else { prsaerror ("Modulus already defined\n"); YYABORT; } } + { const BIGNUM *n; RSA_get0_key(rsa_cur,&n, NULL, NULL); if (!n) RSA_set0_key(rsa_cur,$3,NULL,NULL); else { prsaerror ("Modulus already defined\n"); YYABORT; } } | PUBLIC_EXPONENT COLON HEX - { if (!rsa_cur->e) rsa_cur->e = $3; else { prsaerror ("PublicExponent already defined\n"); YYABORT; } } + { const BIGNUM *e; RSA_get0_key(rsa_cur,NULL,&e,NULL); if (!e) RSA_set0_key(rsa_cur,NULL,$3,NULL); else { prsaerror ("PublicExponent already defined\n"); YYABORT; } } | PRIVATE_EXPONENT COLON HEX - { if (!rsa_cur->d) rsa_cur->d = $3; else { prsaerror ("PrivateExponent already defined\n"); YYABORT; } } + { const BIGNUM *d; RSA_get0_key(rsa_cur,NULL,NULL,&d); if (!d) RSA_set0_key(rsa_cur,NULL,NULL,$3); else { prsaerror ("PrivateExponent already defined\n"); YYABORT; } } | PRIME1 COLON HEX - { if (!rsa_cur->p) rsa_cur->p = $3; else { prsaerror ("Prime1 already defined\n"); YYABORT; } } + { const BIGNUM *p; RSA_get0_factors(rsa_cur,&p,NULL); if (!p) RSA_set0_factors(rsa_cur,$3,NULL); else { prsaerror ("Prime1 already defined\n"); YYABORT; } } | PRIME2 COLON HEX - { if (!rsa_cur->q) rsa_cur->q = $3; else { prsaerror ("Prime2 already defined\n"); YYABORT; } } + { const BIGNUM *q; RSA_get0_factors(rsa_cur,NULL,&q); if (!q) RSA_set0_factors(rsa_cur,NULL,$3); else { prsaerror ("Prime2 already defined\n"); YYABORT; } } | EXPONENT1 COLON HEX - { if (!rsa_cur->dmp1) rsa_cur->dmp1 = $3; else { prsaerror ("Exponent1 already defined\n"); YYABORT; } } + { const BIGNUM *dmp1; RSA_get0_crt_params(rsa_cur,&dmp1,NULL,NULL); if (!dmp1) RSA_set0_crt_params(rsa_cur,$3,NULL,NULL); else { prsaerror ("Exponent1 already defined\n"); YYABORT; } } | EXPONENT2 COLON HEX - { if (!rsa_cur->dmq1) rsa_cur->dmq1 = $3; else { prsaerror ("Exponent2 already defined\n"); YYABORT; } } + { const BIGNUM *dmq1; RSA_get0_crt_params(rsa_cur,NULL,&dmq1,NULL); if (!dmq1) RSA_set0_crt_params(rsa_cur,NULL,$3,NULL); else { prsaerror ("Exponent2 already defined\n"); YYABORT; } } | COEFFICIENT COLON HEX - { if (!rsa_cur->iqmp) rsa_cur->iqmp = $3; else { prsaerror ("Coefficient already defined\n"); YYABORT; } } + { const BIGNUM *iqmp; RSA_get0_crt_params(rsa_cur,NULL,NULL,&iqmp); if (!iqmp) RSA_set0_crt_params(rsa_cur,NULL,NULL,$3); else { prsaerror ("Coefficient already defined\n"); YYABORT; } } ; %% Index: ipsec-tools-0.8.2/src/racoon/plainrsa-gen.c =================================================================== --- ipsec-tools-0.8.2.orig/src/racoon/plainrsa-gen.c +++ ipsec-tools-0.8.2/src/racoon/plainrsa-gen.c @@ -90,12 +90,14 @@ mix_b64_pubkey(const RSA *key) char *binbuf; long binlen, ret; vchar_t *res; - - binlen = 1 + BN_num_bytes(key->e) + BN_num_bytes(key->n); + const BIGNUM *e, *n; + + RSA_get0_key(key,&e,&n,NULL); + binlen = 1 + BN_num_bytes(e) + BN_num_bytes(n); binbuf = malloc(binlen); memset(binbuf, 0, binlen); - binbuf[0] = BN_bn2bin(key->e, (unsigned char *) &binbuf[1]); - ret = BN_bn2bin(key->n, (unsigned char *) (&binbuf[binbuf[0] + 1])); + binbuf[0] = BN_bn2bin(e, (unsigned char *) &binbuf[1]); + ret = BN_bn2bin(n, (unsigned char *) (&binbuf[binbuf[0] + 1])); if (1 + binbuf[0] + ret != binlen) { plog(LLV_ERROR, LOCATION, NULL, "Pubkey generation failed. This is really strange...\n"); @@ -122,25 +124,29 @@ int print_rsa_key(FILE *fp, const RSA *key) { vchar_t *pubkey64 = NULL; + const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp; pubkey64 = mix_b64_pubkey(key); if (!pubkey64) { fprintf(stderr, "mix_b64_pubkey(): %s\n", eay_strerror()); return -1; } + RSA_get0_key(key,&n,&e,&d); + RSA_get0_factors(key,&p,&q); + RSA_get0_crt_params(key,&dmp1,&dmq1,&iqmp); fprintf(fp, "# : PUB 0s%s\n", pubkey64->v); fprintf(fp, ": RSA\t{\n"); - fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(key->n)); + fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(n)); fprintf(fp, "\t# pubkey=0s%s\n", pubkey64->v); - fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(key->n))); - fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(key->e))); - fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(key->d))); - fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(key->p))); - fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(key->q))); - fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(key->dmp1))); - fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(key->dmq1))); - fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(key->iqmp))); + fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(n))); + fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(e))); + fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(d))); + fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(p))); + fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(q))); + fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(dmp1))); + fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(dmq1))); + fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(iqmp))); fprintf(fp, " }\n"); vfree(pubkey64);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor