xref: /OK3568_Linux_fs/buildroot/package/ecryptfs-utils/0002-openssl110.patch (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593SmuzhiyunFix build with OpenSSL 1.1.x
2*4882a593Smuzhiyun
3*4882a593SmuzhiyunDownloaded from upstream commit
4*4882a593Smuzhiyunhttps://code.launchpad.net/~jelle-vdwaa/ecryptfs/ecryptfs/+merge/319746
5*4882a593Smuzhiyun
6*4882a593SmuzhiyunSigned-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
7*4882a593Smuzhiyun
8*4882a593Smuzhiyun=== modified file 'src/key_mod/ecryptfs_key_mod_openssl.c'
9*4882a593Smuzhiyun--- a/src/key_mod/ecryptfs_key_mod_openssl.c	2013-10-25 19:45:09 +0000
10*4882a593Smuzhiyun+++ b/src/key_mod/ecryptfs_key_mod_openssl.c	2017-06-02 18:27:28 +0000
11*4882a593Smuzhiyun@@ -41,6 +41,7 @@
12*4882a593Smuzhiyun #include <stdlib.h>
13*4882a593Smuzhiyun #include <unistd.h>
14*4882a593Smuzhiyun #include <libgen.h>
15*4882a593Smuzhiyun+#include <openssl/bn.h>
16*4882a593Smuzhiyun #include <openssl/pem.h>
17*4882a593Smuzhiyun #include <openssl/rsa.h>
18*4882a593Smuzhiyun #include <openssl/err.h>
19*4882a593Smuzhiyun@@ -55,6 +56,19 @@
20*4882a593Smuzhiyun 	char *passphrase;
21*4882a593Smuzhiyun };
22*4882a593Smuzhiyun
23*4882a593Smuzhiyun+#if OPENSSL_VERSION_NUMBER < 0x10100000L
24*4882a593Smuzhiyun+static void RSA_get0_key(const RSA *r,
25*4882a593Smuzhiyun+                 const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
26*4882a593Smuzhiyun+{
27*4882a593Smuzhiyun+   if (n != NULL)
28*4882a593Smuzhiyun+       *n = r->n;
29*4882a593Smuzhiyun+   if (e != NULL)
30*4882a593Smuzhiyun+       *e = r->e;
31*4882a593Smuzhiyun+   if (d != NULL)
32*4882a593Smuzhiyun+       *d = r->d;
33*4882a593Smuzhiyun+}
34*4882a593Smuzhiyun+#endif
35*4882a593Smuzhiyun+
36*4882a593Smuzhiyun static void
37*4882a593Smuzhiyun ecryptfs_openssl_destroy_openssl_data(struct openssl_data *openssl_data)
38*4882a593Smuzhiyun {
39*4882a593Smuzhiyun@@ -142,6 +156,7 @@
40*4882a593Smuzhiyun {
41*4882a593Smuzhiyun 	int len, nbits, ebits, i;
42*4882a593Smuzhiyun 	int nbytes, ebytes;
43*4882a593Smuzhiyun+	const BIGNUM *key_n, *key_e;
44*4882a593Smuzhiyun 	unsigned char *hash;
45*4882a593Smuzhiyun 	unsigned char *data = NULL;
46*4882a593Smuzhiyun 	int rc = 0;
47*4882a593Smuzhiyun@@ -152,11 +167,13 @@
48*4882a593Smuzhiyun 		rc = -ENOMEM;
49*4882a593Smuzhiyun 		goto out;
50*4882a593Smuzhiyun 	}
51*4882a593Smuzhiyun-	nbits = BN_num_bits(key->n);
52*4882a593Smuzhiyun+	RSA_get0_key(key, &key_n, NULL, NULL);
53*4882a593Smuzhiyun+	nbits = BN_num_bits(key_n);
54*4882a593Smuzhiyun 	nbytes = nbits / 8;
55*4882a593Smuzhiyun 	if (nbits % 8)
56*4882a593Smuzhiyun 		nbytes++;
57*4882a593Smuzhiyun-	ebits = BN_num_bits(key->e);
58*4882a593Smuzhiyun+	RSA_get0_key(key, NULL, &key_e, NULL);
59*4882a593Smuzhiyun+	ebits = BN_num_bits(key_e);
60*4882a593Smuzhiyun 	ebytes = ebits / 8;
61*4882a593Smuzhiyun 	if (ebits % 8)
62*4882a593Smuzhiyun 		ebytes++;
63*4882a593Smuzhiyun@@ -179,11 +196,13 @@
64*4882a593Smuzhiyun 	data[i++] = '\02';
65*4882a593Smuzhiyun 	data[i++] = (nbits >> 8);
66*4882a593Smuzhiyun 	data[i++] = nbits;
67*4882a593Smuzhiyun-	BN_bn2bin(key->n, &(data[i]));
68*4882a593Smuzhiyun+	RSA_get0_key(key, &key_n, NULL, NULL);
69*4882a593Smuzhiyun+	BN_bn2bin(key_n, &(data[i]));
70*4882a593Smuzhiyun 	i += nbytes;
71*4882a593Smuzhiyun 	data[i++] = (ebits >> 8);
72*4882a593Smuzhiyun 	data[i++] = ebits;
73*4882a593Smuzhiyun-	BN_bn2bin(key->e, &(data[i]));
74*4882a593Smuzhiyun+	RSA_get0_key(key, NULL, &key_e, NULL);
75*4882a593Smuzhiyun+	BN_bn2bin(key_e, &(data[i]));
76*4882a593Smuzhiyun 	i += ebytes;
77*4882a593Smuzhiyun 	SHA1(data, len + 3, hash);
78*4882a593Smuzhiyun 	to_hex(sig, (char *)hash, ECRYPTFS_SIG_SIZE);
79*4882a593Smuzhiyun@@ -278,7 +297,9 @@
80*4882a593Smuzhiyun 	BIO *in = NULL;
81*4882a593Smuzhiyun 	int rc;
82*4882a593Smuzhiyun
83*4882a593Smuzhiyun+	#if OPENSSL_VERSION_NUMBER < 0x10100000L
84*4882a593Smuzhiyun 	CRYPTO_malloc_init();
85*4882a593Smuzhiyun+	#endif
86*4882a593Smuzhiyun 	ERR_load_crypto_strings();
87*4882a593Smuzhiyun 	OpenSSL_add_all_algorithms();
88*4882a593Smuzhiyun 	ENGINE_load_builtin_engines();
89*4882a593Smuzhiyun
90*4882a593Smuzhiyun=== modified file 'src/key_mod/ecryptfs_key_mod_pkcs11_helper.c'
91*4882a593Smuzhiyun--- a/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c	2013-10-25 19:45:09 +0000
92*4882a593Smuzhiyun+++ b/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c	2017-06-02 18:27:28 +0000
93*4882a593Smuzhiyun@@ -41,6 +41,7 @@
94*4882a593Smuzhiyun #include <errno.h>
95*4882a593Smuzhiyun #include <stdlib.h>
96*4882a593Smuzhiyun #include <unistd.h>
97*4882a593Smuzhiyun+#include <openssl/bn.h>
98*4882a593Smuzhiyun #include <openssl/err.h>
99*4882a593Smuzhiyun #include <openssl/pem.h>
100*4882a593Smuzhiyun #include <openssl/x509.h>
101*4882a593Smuzhiyun@@ -77,6 +78,19 @@
102*4882a593Smuzhiyun typedef const unsigned char *__pkcs11_openssl_d2i_t;
103*4882a593Smuzhiyun #endif
104*4882a593Smuzhiyun
105*4882a593Smuzhiyun+#if OPENSSL_VERSION_NUMBER < 0x10100000L
106*4882a593Smuzhiyun+static void RSA_get0_key(const RSA *r,
107*4882a593Smuzhiyun+                 const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
108*4882a593Smuzhiyun+{
109*4882a593Smuzhiyun+   if (n != NULL)
110*4882a593Smuzhiyun+       *n = r->n;
111*4882a593Smuzhiyun+   if (e != NULL)
112*4882a593Smuzhiyun+       *e = r->e;
113*4882a593Smuzhiyun+   if (d != NULL)
114*4882a593Smuzhiyun+       *d = r->d;
115*4882a593Smuzhiyun+}
116*4882a593Smuzhiyun+#endif
117*4882a593Smuzhiyun+
118*4882a593Smuzhiyun /**
119*4882a593Smuzhiyun  * ecryptfs_pkcs11h_deserialize
120*4882a593Smuzhiyun  * @pkcs11h_data: The deserialized version of the key module data;
121*4882a593Smuzhiyun@@ -282,7 +296,11 @@
122*4882a593Smuzhiyun 		goto out;
123*4882a593Smuzhiyun 	}
124*4882a593Smuzhiyun
125*4882a593Smuzhiyun+	#if OPENSSL_VERSION_NUMBER < 0x10100000L
126*4882a593Smuzhiyun 	if (pubkey->type != EVP_PKEY_RSA) {
127*4882a593Smuzhiyun+	#else
128*4882a593Smuzhiyun+	if (EVP_PKEY_base_id(pubkey) != EVP_PKEY_RSA) {
129*4882a593Smuzhiyun+	#endif
130*4882a593Smuzhiyun 		syslog(LOG_ERR, "PKCS#11: Invalid public key algorithm");
131*4882a593Smuzhiyun 		rc = -EIO;
132*4882a593Smuzhiyun 		goto out;
133*4882a593Smuzhiyun@@ -318,6 +336,7 @@
134*4882a593Smuzhiyun 	int nbytes, ebytes;
135*4882a593Smuzhiyun 	char *hash = NULL;
136*4882a593Smuzhiyun 	char *data = NULL;
137*4882a593Smuzhiyun+	const BIGNUM *rsa_n, *rsa_e;
138*4882a593Smuzhiyun 	int rc;
139*4882a593Smuzhiyun
140*4882a593Smuzhiyun 	if ((rc = ecryptfs_pkcs11h_get_public_key(&rsa, blob))) {
141*4882a593Smuzhiyun@@ -331,11 +350,13 @@
142*4882a593Smuzhiyun 		rc = -ENOMEM;
143*4882a593Smuzhiyun 		goto out;
144*4882a593Smuzhiyun 	}
145*4882a593Smuzhiyun-	nbits = BN_num_bits(rsa->n);
146*4882a593Smuzhiyun+	RSA_get0_key(rsa, &rsa_n, NULL, NULL);
147*4882a593Smuzhiyun+	nbits = BN_num_bits(rsa_n);
148*4882a593Smuzhiyun 	nbytes = nbits / 8;
149*4882a593Smuzhiyun 	if (nbits % 8)
150*4882a593Smuzhiyun 		nbytes++;
151*4882a593Smuzhiyun-	ebits = BN_num_bits(rsa->e);
152*4882a593Smuzhiyun+	RSA_get0_key(rsa, NULL, &rsa_e, NULL);
153*4882a593Smuzhiyun+	ebits = BN_num_bits(rsa_e);
154*4882a593Smuzhiyun 	ebytes = ebits / 8;
155*4882a593Smuzhiyun 	if (ebits % 8)
156*4882a593Smuzhiyun 		ebytes++;
157*4882a593Smuzhiyun@@ -358,11 +379,13 @@
158*4882a593Smuzhiyun 	data[i++] = '\02';
159*4882a593Smuzhiyun 	data[i++] = (char)(nbits >> 8);
160*4882a593Smuzhiyun 	data[i++] = (char)nbits;
161*4882a593Smuzhiyun-	BN_bn2bin(rsa->n, &(data[i]));
162*4882a593Smuzhiyun+	RSA_get0_key(rsa, &rsa_n, NULL, NULL);
163*4882a593Smuzhiyun+	BN_bn2bin(rsa_n, &(data[i]));
164*4882a593Smuzhiyun 	i += nbytes;
165*4882a593Smuzhiyun 	data[i++] = (char)(ebits >> 8);
166*4882a593Smuzhiyun 	data[i++] = (char)ebits;
167*4882a593Smuzhiyun-	BN_bn2bin(rsa->e, &(data[i]));
168*4882a593Smuzhiyun+	RSA_get0_key(rsa, NULL, &rsa_e, NULL);
169*4882a593Smuzhiyun+	BN_bn2bin(rsa_e, &(data[i]));
170*4882a593Smuzhiyun 	i += ebytes;
171*4882a593Smuzhiyun 	SHA1(data, len + 3, hash);
172*4882a593Smuzhiyun 	to_hex(sig, hash, ECRYPTFS_SIG_SIZE);
173*4882a593Smuzhiyun
174