|
|
a56c8e |
From 9ca735ab8f71a6b64f31867e55d43f3f5a51bfec Mon Sep 17 00:00:00 2001
|
|
|
a56c8e |
From: Petr Gotthard <petr.gotthard@centrum.cz>
|
|
|
a56c8e |
Date: Sun, 18 Jul 2021 11:54:50 +0200
|
|
|
a56c8e |
Subject: FAPI Test: Change RSA_sign to EVP_PKEY_sign
|
|
|
a56c8e |
MIME-Version: 1.0
|
|
|
a56c8e |
Content-Type: text/plain; charset=UTF-8
|
|
|
a56c8e |
Content-Transfer-Encoding: 8bit
|
|
|
a56c8e |
|
|
|
a56c8e |
The EVP_PKEY_sign functions are available since OpenSSL 1.0.0.
|
|
|
a56c8e |
The RSA_sign function is deprecated in OpenSSL 3.0.0.
|
|
|
a56c8e |
|
|
|
a56c8e |
This PR should work with OpenSSL 1.0.0 through 3.0.0.
|
|
|
a56c8e |
|
|
|
a56c8e |
Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz>
|
|
|
a56c8e |
---
|
|
|
a56c8e |
test/integration/fapi-ext-public-key.int.c | 38 +++++++++++-----------
|
|
|
a56c8e |
1 file changed, 19 insertions(+), 19 deletions(-)
|
|
|
a56c8e |
|
|
|
a56c8e |
diff --git a/test/integration/fapi-ext-public-key.int.c b/test/integration/fapi-ext-public-key.int.c
|
|
|
a56c8e |
index 363c58b7..971d7897 100644
|
|
|
a56c8e |
--- a/test/integration/fapi-ext-public-key.int.c
|
|
|
a56c8e |
+++ b/test/integration/fapi-ext-public-key.int.c
|
|
|
a56c8e |
@@ -49,7 +49,7 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)
|
|
|
a56c8e |
BIO *bufio = NULL;
|
|
|
a56c8e |
|
|
|
a56c8e |
EVP_PKEY *evp_key = NULL;
|
|
|
a56c8e |
- RSA *rsa_key = NULL;
|
|
|
a56c8e |
+ EVP_PKEY_CTX *ctx = NULL;
|
|
|
a56c8e |
|
|
|
a56c8e |
/* Key will be used for non TPM signature verfication. */
|
|
|
a56c8e |
char *pubkey_pem =
|
|
|
a56c8e |
@@ -186,10 +186,8 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)
|
|
|
a56c8e |
|
|
|
a56c8e |
bufio = BIO_new_mem_buf((void *)priv_pem, strlen(priv_pem));
|
|
|
a56c8e |
evp_key = PEM_read_bio_PrivateKey(bufio, NULL, NULL, NULL);
|
|
|
a56c8e |
- rsa_key = EVP_PKEY_get1_RSA(evp_key);
|
|
|
a56c8e |
|
|
|
a56c8e |
-
|
|
|
a56c8e |
- if (!bufio || !evp_key || !rsa_key) {
|
|
|
a56c8e |
+ if (!bufio || !evp_key) {
|
|
|
a56c8e |
LOG_ERROR("Generation of test key failed.");
|
|
|
a56c8e |
goto error;
|
|
|
a56c8e |
}
|
|
|
a56c8e |
@@ -199,10 +197,20 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)
|
|
|
a56c8e |
0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, 0x9c, 0xd0, 0xd8, 0x9d
|
|
|
a56c8e |
};
|
|
|
a56c8e |
uint8_t signature[256];
|
|
|
a56c8e |
- unsigned int signatureLength = 256;
|
|
|
a56c8e |
+ size_t signatureLength = 256;
|
|
|
a56c8e |
|
|
|
a56c8e |
- if (!RSA_sign(NID_sha1, digest, 20, signature, &signatureLength, rsa_key)) {
|
|
|
a56c8e |
- LOG_ERROR("Test RSA_sign failed.");
|
|
|
a56c8e |
+ if ((ctx = EVP_PKEY_CTX_new(evp_key, NULL)) == NULL) {
|
|
|
a56c8e |
+ LOG_ERROR("Test EVP_PKEY_CTX_new failed.");
|
|
|
a56c8e |
+ goto error;
|
|
|
a56c8e |
+ }
|
|
|
a56c8e |
+ if (EVP_PKEY_sign_init(ctx) <= 0
|
|
|
a56c8e |
+ || EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0
|
|
|
a56c8e |
+ || EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha1()) <= 0) {
|
|
|
a56c8e |
+ LOG_ERROR("Test EVP_PKEY_sign_init failed.");
|
|
|
a56c8e |
+ goto error;
|
|
|
a56c8e |
+ }
|
|
|
a56c8e |
+ if (EVP_PKEY_sign(ctx, signature, &signatureLength, digest, 20) <= 0) {
|
|
|
a56c8e |
+ LOG_ERROR("Test EVP_PKEY_sign failed.");
|
|
|
a56c8e |
goto error;
|
|
|
a56c8e |
}
|
|
|
a56c8e |
|
|
|
a56c8e |
@@ -243,12 +251,8 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)
|
|
|
a56c8e |
if (bufio) {
|
|
|
a56c8e |
BIO_free(bufio);
|
|
|
a56c8e |
}
|
|
|
a56c8e |
- if (evp_key) {
|
|
|
a56c8e |
- EVP_PKEY_free(evp_key);
|
|
|
a56c8e |
- }
|
|
|
a56c8e |
- if (rsa_key) {
|
|
|
a56c8e |
- RSA_free(rsa_key);
|
|
|
a56c8e |
- }
|
|
|
a56c8e |
+ EVP_PKEY_CTX_free(ctx);
|
|
|
a56c8e |
+ EVP_PKEY_free(evp_key);
|
|
|
a56c8e |
SAFE_FREE(path_list);
|
|
|
a56c8e |
SAFE_FREE(cert2);
|
|
|
a56c8e |
return EXIT_SUCCESS;
|
|
|
a56c8e |
@@ -258,12 +262,8 @@ error:
|
|
|
a56c8e |
if (bufio) {
|
|
|
a56c8e |
BIO_free(bufio);
|
|
|
a56c8e |
}
|
|
|
a56c8e |
- if (evp_key) {
|
|
|
a56c8e |
- EVP_PKEY_free(evp_key);
|
|
|
a56c8e |
- }
|
|
|
a56c8e |
- if (rsa_key) {
|
|
|
a56c8e |
- RSA_free(rsa_key);
|
|
|
a56c8e |
- }
|
|
|
a56c8e |
+ EVP_PKEY_CTX_free(ctx);
|
|
|
a56c8e |
+ EVP_PKEY_free(evp_key);
|
|
|
a56c8e |
SAFE_FREE(path_list);
|
|
|
a56c8e |
SAFE_FREE(cert2);
|
|
|
a56c8e |
return EXIT_FAILURE;
|
|
|
a56c8e |
--
|
|
|
a56c8e |
2.26.3
|
|
|
a56c8e |
|