rpms / tpm2-tss

Clone
Source Code
GIT

Files

c7 c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta
  1.   c9
  2.   SOURCES
  3.   0005-FAPI-Test-Call-EVP_DigestSignInit-in-the-correct-ord.patch
Blob Blame History Raw 
From 563f9c951d9b050378b9d3659a932c98ab587b21 Mon Sep 17 00:00:00 2001
From: Petr Gotthard <petr.gotthard@centrum.cz>
Date: Sat, 17 Jul 2021 21:22:28 +0200
Subject: FAPI Test: Call EVP_DigestSignInit in the correct order
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The EVP_DigestSignInit should be called only once and before calling
EVP_PKEY_CTX_set_rsa_padding. See a corresponding example
[here](https://www.openssl.org/docs/man1.0.2/man3/EVP_PKEY_sign_init.html)

Current code works with OpenSSL 1.x, but fails with OpenSSL 3.0.
This PR makes the code compatible with OpenSSL 1.0 through 3.0.

Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz>
---
 test/integration/fapi-data-crypt.int.c               | 8 ++------
 test/integration/fapi-key-create-policy-signed.int.c | 8 ++------
 2 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/test/integration/fapi-data-crypt.int.c b/test/integration/fapi-data-crypt.int.c
index b2d20b28..d42466db 100644
--- a/test/integration/fapi-data-crypt.int.c
+++ b/test/integration/fapi-data-crypt.int.c
@@ -129,8 +129,8 @@ signatureCallback(
     mdctx = EVP_MD_CTX_create();
     chknull(mdctx);
 
-    if (1 != EVP_DigestSignInit(mdctx, &pctx, NULL, NULL, priv_key)) {
-        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL digest sign init.",
+    if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) {
+        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.",
                    error_cleanup);
     }
     if (EVP_PKEY_type(EVP_PKEY_id(priv_key)) == EVP_PKEY_RSA) {
@@ -140,10 +140,6 @@ signatureCallback(
                        error_cleanup);
         }
     }
-    if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) {
-        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.",
-                   error_cleanup);
-    }
     if (1 != EVP_DigestSignUpdate(mdctx, dataToSign, dataToSignSize)) {
         goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign update.",
                    error_cleanup);
diff --git a/test/integration/fapi-key-create-policy-signed.int.c b/test/integration/fapi-key-create-policy-signed.int.c
index e51289a6..b903dec0 100644
--- a/test/integration/fapi-key-create-policy-signed.int.c
+++ b/test/integration/fapi-key-create-policy-signed.int.c
@@ -144,8 +144,8 @@ signatureCallback(
     mdctx = EVP_MD_CTX_create();
     chknull(mdctx);
 
-    if (1 != EVP_DigestSignInit(mdctx, &pctx, NULL, NULL, priv_key)) {
-        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL digest sign init.",
+    if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) {
+        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.",
                    error_cleanup);
     }
     if (EVP_PKEY_type(EVP_PKEY_id(priv_key)) == EVP_PKEY_RSA) {
@@ -155,10 +155,6 @@ signatureCallback(
                        error_cleanup);
         }
     }
-    if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) {
-        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.",
-                   error_cleanup);
-    }
     if (1 != EVP_DigestSignUpdate(mdctx, dataToSign, dataToSignSize)) {
         goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign update.",
                    error_cleanup);
-- 
2.26.3

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation