xref: /OK3568_Linux_fs/buildroot/package/ecryptfs-utils/0002-openssl110.patch (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1Fix build with OpenSSL 1.1.x
2
3Downloaded from upstream commit
4https://code.launchpad.net/~jelle-vdwaa/ecryptfs/ecryptfs/+merge/319746
5
6Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
7
8=== modified file 'src/key_mod/ecryptfs_key_mod_openssl.c'
9--- a/src/key_mod/ecryptfs_key_mod_openssl.c	2013-10-25 19:45:09 +0000
10+++ b/src/key_mod/ecryptfs_key_mod_openssl.c	2017-06-02 18:27:28 +0000
11@@ -41,6 +41,7 @@
12 #include <stdlib.h>
13 #include <unistd.h>
14 #include <libgen.h>
15+#include <openssl/bn.h>
16 #include <openssl/pem.h>
17 #include <openssl/rsa.h>
18 #include <openssl/err.h>
19@@ -55,6 +56,19 @@
20 	char *passphrase;
21 };
22
23+#if OPENSSL_VERSION_NUMBER < 0x10100000L
24+static void RSA_get0_key(const RSA *r,
25+                 const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
26+{
27+   if (n != NULL)
28+       *n = r->n;
29+   if (e != NULL)
30+       *e = r->e;
31+   if (d != NULL)
32+       *d = r->d;
33+}
34+#endif
35+
36 static void
37 ecryptfs_openssl_destroy_openssl_data(struct openssl_data *openssl_data)
38 {
39@@ -142,6 +156,7 @@
40 {
41 	int len, nbits, ebits, i;
42 	int nbytes, ebytes;
43+	const BIGNUM *key_n, *key_e;
44 	unsigned char *hash;
45 	unsigned char *data = NULL;
46 	int rc = 0;
47@@ -152,11 +167,13 @@
48 		rc = -ENOMEM;
49 		goto out;
50 	}
51-	nbits = BN_num_bits(key->n);
52+	RSA_get0_key(key, &key_n, NULL, NULL);
53+	nbits = BN_num_bits(key_n);
54 	nbytes = nbits / 8;
55 	if (nbits % 8)
56 		nbytes++;
57-	ebits = BN_num_bits(key->e);
58+	RSA_get0_key(key, NULL, &key_e, NULL);
59+	ebits = BN_num_bits(key_e);
60 	ebytes = ebits / 8;
61 	if (ebits % 8)
62 		ebytes++;
63@@ -179,11 +196,13 @@
64 	data[i++] = '\02';
65 	data[i++] = (nbits >> 8);
66 	data[i++] = nbits;
67-	BN_bn2bin(key->n, &(data[i]));
68+	RSA_get0_key(key, &key_n, NULL, NULL);
69+	BN_bn2bin(key_n, &(data[i]));
70 	i += nbytes;
71 	data[i++] = (ebits >> 8);
72 	data[i++] = ebits;
73-	BN_bn2bin(key->e, &(data[i]));
74+	RSA_get0_key(key, NULL, &key_e, NULL);
75+	BN_bn2bin(key_e, &(data[i]));
76 	i += ebytes;
77 	SHA1(data, len + 3, hash);
78 	to_hex(sig, (char *)hash, ECRYPTFS_SIG_SIZE);
79@@ -278,7 +297,9 @@
80 	BIO *in = NULL;
81 	int rc;
82
83+	#if OPENSSL_VERSION_NUMBER < 0x10100000L
84 	CRYPTO_malloc_init();
85+	#endif
86 	ERR_load_crypto_strings();
87 	OpenSSL_add_all_algorithms();
88 	ENGINE_load_builtin_engines();
89
90=== modified file 'src/key_mod/ecryptfs_key_mod_pkcs11_helper.c'
91--- a/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c	2013-10-25 19:45:09 +0000
92+++ b/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c	2017-06-02 18:27:28 +0000
93@@ -41,6 +41,7 @@
94 #include <errno.h>
95 #include <stdlib.h>
96 #include <unistd.h>
97+#include <openssl/bn.h>
98 #include <openssl/err.h>
99 #include <openssl/pem.h>
100 #include <openssl/x509.h>
101@@ -77,6 +78,19 @@
102 typedef const unsigned char *__pkcs11_openssl_d2i_t;
103 #endif
104
105+#if OPENSSL_VERSION_NUMBER < 0x10100000L
106+static void RSA_get0_key(const RSA *r,
107+                 const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
108+{
109+   if (n != NULL)
110+       *n = r->n;
111+   if (e != NULL)
112+       *e = r->e;
113+   if (d != NULL)
114+       *d = r->d;
115+}
116+#endif
117+
118 /**
119  * ecryptfs_pkcs11h_deserialize
120  * @pkcs11h_data: The deserialized version of the key module data;
121@@ -282,7 +296,11 @@
122 		goto out;
123 	}
124
125+	#if OPENSSL_VERSION_NUMBER < 0x10100000L
126 	if (pubkey->type != EVP_PKEY_RSA) {
127+	#else
128+	if (EVP_PKEY_base_id(pubkey) != EVP_PKEY_RSA) {
129+	#endif
130 		syslog(LOG_ERR, "PKCS#11: Invalid public key algorithm");
131 		rc = -EIO;
132 		goto out;
133@@ -318,6 +336,7 @@
134 	int nbytes, ebytes;
135 	char *hash = NULL;
136 	char *data = NULL;
137+	const BIGNUM *rsa_n, *rsa_e;
138 	int rc;
139
140 	if ((rc = ecryptfs_pkcs11h_get_public_key(&rsa, blob))) {
141@@ -331,11 +350,13 @@
142 		rc = -ENOMEM;
143 		goto out;
144 	}
145-	nbits = BN_num_bits(rsa->n);
146+	RSA_get0_key(rsa, &rsa_n, NULL, NULL);
147+	nbits = BN_num_bits(rsa_n);
148 	nbytes = nbits / 8;
149 	if (nbits % 8)
150 		nbytes++;
151-	ebits = BN_num_bits(rsa->e);
152+	RSA_get0_key(rsa, NULL, &rsa_e, NULL);
153+	ebits = BN_num_bits(rsa_e);
154 	ebytes = ebits / 8;
155 	if (ebits % 8)
156 		ebytes++;
157@@ -358,11 +379,13 @@
158 	data[i++] = '\02';
159 	data[i++] = (char)(nbits >> 8);
160 	data[i++] = (char)nbits;
161-	BN_bn2bin(rsa->n, &(data[i]));
162+	RSA_get0_key(rsa, &rsa_n, NULL, NULL);
163+	BN_bn2bin(rsa_n, &(data[i]));
164 	i += nbytes;
165 	data[i++] = (char)(ebits >> 8);
166 	data[i++] = (char)ebits;
167-	BN_bn2bin(rsa->e, &(data[i]));
168+	RSA_get0_key(rsa, NULL, &rsa_e, NULL);
169+	BN_bn2bin(rsa_e, &(data[i]));
170 	i += ebytes;
171 	SHA1(data, len + 3, hash);
172 	to_hex(sig, hash, ECRYPTFS_SIG_SIZE);
173
174