[pkg-opensc-commit] [libp11] 17/86: More compatability changes

Eric Dorland eric at moszumanska.debian.org
Sun Jul 24 21:40:18 UTC 2016 

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository libp11.

commit 932e8e036d8f8a0ef74446cf65c2c11129a36c03
Author: Doug Engert <deengert at gmail.com>
Date:   Mon Jan 25 08:01:15 2016 -0600

    More compatability changes
    
    Define both old and new functions  ruturn NULL if not supported.
    
    Fix more references to hidden structures in 1.1
---
 examples/auth.c    |  4 ++++
 examples/decrypt.c | 15 ++++++++++++++-
 src/libp11.h       |  1 +
 src/p11_ec.c       | 12 ++++++++++++
 src/p11_key.c      |  7 ++++++-
 5 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/examples/auth.c b/examples/auth.c
index 9180ae4..0c11e38 100644
--- a/examples/auth.c
+++ b/examples/auth.c
@@ -209,7 +209,11 @@ int main(int argc, char *argv[])
 
 	/* now verify the result */
 	rc = RSA_verify(NID_sha1, random, RANDOM_SIZE,
+#if OPENSSL_VERSION_NUMBER >= 0x10100003L
+			signature, siglen, EVP_PKEY_get0_RSA(pubkey));
+#else
 			signature, siglen, pubkey->pkey.rsa);
+#endif
 	if (rc != 1) {
 		fprintf(stderr, "fatal: RSA_verify failed\n");
 		goto failed;
diff --git a/examples/decrypt.c b/examples/decrypt.c
index 5a9fb1d..57ddc6b 100644
--- a/examples/decrypt.c
+++ b/examples/decrypt.c
@@ -125,7 +125,11 @@ int main(int argc, char *argv[])
 	}
 
 	/* allocate destination buffer */
+#if OPENSSL_VERSION_NUMBER >= 0x10100003L
+	encrypted = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pubkey)));
+#else
 	encrypted = OPENSSL_malloc(RSA_size(pubkey->pkey.rsa));
+#endif
 	if (encrypted == NULL) {
 		fprintf(stderr,"out of memory for encrypted data");
 		goto failed;
@@ -133,7 +137,12 @@ int main(int argc, char *argv[])
 
 	/* use public key for encryption */
 	len = RSA_public_encrypt(RANDOM_SIZE, random, encrypted,
-			pubkey->pkey.rsa, RSA_PKCS1_PADDING);
+#if OPENSSL_VERSION_NUMBER >= 0x10100003L
+			EVP_PKEY_get0_RSA(pubkey),
+#else
+			pubkey->pkey.rsa,
+#endif
+			RSA_PKCS1_PADDING);
 	if (len < 0) {
 		fprintf(stderr, "fatal: RSA_public_encrypt failed\n");
 		goto failed;
@@ -186,7 +195,11 @@ loggedin:
 	}
 
 	/* allocate space for decrypted data */
+#if OPENSSL_VERSION_NUMBER >= 0x10100003L
+	decrypted = OPENSSL_malloc(RSA_size(EVP_PKEY_get0_RSA(pubkey)));
+#else
 	decrypted = OPENSSL_malloc(RSA_size(pubkey->pkey.rsa));
+#endif
 	if (decrypted == NULL)
 		goto failed;
 
diff --git a/src/libp11.h b/src/libp11.h
index cc57ae3..63f8458 100644
--- a/src/libp11.h
+++ b/src/libp11.h
@@ -414,6 +414,7 @@ extern int PKCS11_generate_random(PKCS11_SLOT *, unsigned char *r, unsigned int
 /* using with openssl method mechanism */
 RSA_METHOD *PKCS11_get_rsa_method(void);
 
+/* define old an new to keep mix match of engine from failinig to load. */
 #if OPENSSL_VERSION_NUMBER >= 0x10100002L
 EC_KEY_METHOD *PKCS11_get_ec_key_method(void);
 void PKCS11_ec_key_method_free(void);
diff --git a/src/p11_ec.c b/src/p11_ec.c
index 5fbb2c9..0fb9c7a 100644
--- a/src/p11_ec.c
+++ b/src/p11_ec.c
@@ -352,6 +352,12 @@ static void free_ecdsa_ex_index() {
 /* OpenSSL 1.1 has single method  EC_KEY_METHOD for ECDSA and ECDH */
 
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
+/* define old way to keep  old engines working with out ECDSA */
+void *PKCS11_get_ecdsa_method(void)
+{
+    return NULL;
+}
+
 EC_KEY_METHOD *PKCS11_get_ec_key_method(void)
 {
 	int (*orig_sign)(int type, const unsigned char *dgst,
@@ -393,6 +399,12 @@ void PKCS11_EC_KEY_METHOD_free(void)
 }
 
 #else /* OPENSSL_VERSION_NUMBER >= 0x1000200fL */
+/* define new way to keep new engines from crashing  with older libp11 */
+void *PKCS11_get_ec_key_method(void)
+{
+    return NULL;
+}
+
 ECDSA_METHOD *PKCS11_get_ecdsa_method(void)
 {
 
diff --git a/src/p11_key.c b/src/p11_key.c
index 7cf1793..c7523a5 100644
--- a/src/p11_key.c
+++ b/src/p11_key.c
@@ -256,8 +256,13 @@ static int pkcs11_store_key(PKCS11_TOKEN * token, EVP_PKEY * pk,
 		pkcs11_addattr_bool(attrs + n++, CKA_VERIFY, TRUE);
 		pkcs11_addattr_bool(attrs + n++, CKA_WRAP, TRUE);
 	}
-	if (pk->type == EVP_PKEY_RSA) {
+#if OPENSSL_VERSION_NUMBER >= 0x10100003L
+	if (EVP_PKEY_base_id(pk) == EVP_PKEY_RSA) {
 		RSA *rsa = EVP_PKEY_get1_RSA(pk);
+#else
+	if (pk->type == EVP_PKEY_RSA) {
+		RSA *rsa = pk->pkey.rsa;
+#endif
 		pkcs11_addattr_int(attrs + n++, CKA_KEY_TYPE, CKK_RSA);
 		pkcs11_addattr_bn(attrs + n++, CKA_MODULUS, rsa->n);
 		pkcs11_addattr_bn(attrs + n++, CKA_PUBLIC_EXPONENT, rsa->e);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git

More information about the pkg-opensc-commit mailing list