From: Andre Noll Date: Mon, 1 May 2023 19:43:18 +0000 (+0200) Subject: openssl: Don't pass pointers to RSA structures around. X-Git-Url: http://git.tuebingen.mpg.de/?a=commitdiff_plain;h=4f6e210de71010e2e071ba98b4273be938f3e699;p=paraslash.git openssl: Don't pass pointers to RSA structures around. The RSA structure has been made opaque in openssl-3. As a preparation for not using this structure any more, pass pointers to the containing asymmetric key structure instead. --- diff --git a/openssl.c b/openssl.c index 09d11e1e..e3416949 100644 --- a/openssl.c +++ b/openssl.c @@ -97,7 +97,8 @@ static int read_bignum(const unsigned char *buf, size_t len, BIGNUM **result) return bnsize + 4; } -static int read_public_key(const unsigned char *blob, int blen, RSA **result) +static int read_public_key(const unsigned char *blob, int blen, + struct asymmetric_key *result) { int ret; RSA *rsa; @@ -120,7 +121,7 @@ static int read_public_key(const unsigned char *blob, int blen, RSA **result) rsa->n = n; rsa->e = e; #endif - *result = rsa; + result->rsa = rsa; return 1; free_e: BN_free(e); @@ -129,12 +130,12 @@ free_rsa: return ret; } -static int read_pem_private_key(const char *path, RSA **rsa) +static int read_pem_private_key(const char *path, struct asymmetric_key *priv) { EVP_PKEY *pkey; BIO *bio = BIO_new(BIO_s_file()); - *rsa = NULL; + priv->rsa = NULL; if (!bio) return -E_PRIVATE_KEY; if (BIO_read_filename(bio, path) <= 0) @@ -142,15 +143,15 @@ static int read_pem_private_key(const char *path, RSA **rsa) pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL); if (!pkey) goto bio_free; - *rsa = EVP_PKEY_get1_RSA(pkey); + priv->rsa = EVP_PKEY_get1_RSA(pkey); EVP_PKEY_free(pkey); bio_free: BIO_free(bio); - return *rsa? RSA_size(*rsa) : -E_PRIVATE_KEY; + return priv->rsa? RSA_size(priv->rsa) : -E_PRIVATE_KEY; } static int read_openssh_private_key(const unsigned char *blob, - const unsigned char *end, RSA **result) + const unsigned char *end, struct asymmetric_key *priv) { int ret; RSA *rsa; @@ -196,7 +197,7 @@ static int read_openssh_private_key(const unsigned char *blob, rsa->p = p; rsa->q = q; #endif - *result = rsa; + priv->rsa = rsa; return 1; free_p: BN_clear_free(p); @@ -213,13 +214,13 @@ free_rsa: return ret; } -static int get_private_key(const char *path, RSA **rsa) +static int get_private_key(const char *path, struct asymmetric_key *priv) { int ret; unsigned char *blob, *end; size_t blob_size; - *rsa = NULL; + priv->rsa = NULL; ret = decode_private_key(path, &blob, &blob_size); if (ret < 0) return ret; @@ -229,9 +230,9 @@ static int get_private_key(const char *path, RSA **rsa) if (ret < 0) goto free_blob; PARA_INFO_LOG("reading RSA params at offset %d\n", ret); - ret = read_openssh_private_key(blob + ret, end, rsa); + ret = read_openssh_private_key(blob + ret, end, priv); } else - ret = read_pem_private_key(path, rsa); + ret = read_pem_private_key(path, priv); free_blob: free(blob); return ret; @@ -247,7 +248,7 @@ int apc_get_pubkey(const char *key_file, struct asymmetric_key **result) ret = decode_public_key(key_file, &blob, &decoded_size); if (ret < 0) goto out; - ret = read_public_key(blob + ret, decoded_size - ret, &pub->rsa); + ret = read_public_key(blob + ret, decoded_size - ret, pub); if (ret < 0) goto free_blob; ret = RSA_size(pub->rsa); @@ -284,7 +285,7 @@ int apc_priv_decrypt(const char *key_file, unsigned char *outbuf, if (inlen < 0) return -E_RSA; priv = alloc(sizeof(*priv)); - ret = get_private_key(key_file, &priv->rsa); + ret = get_private_key(key_file, priv); if (ret < 0) { free(priv); return ret;