[U-Boot] [PATCH 1/2] rsa: Fix build with OpenSSL 1.1.x
The rsa_st struct has been made opaque in 1.1.x, add forward compatible code to access the n, e, d members of rsa_struct.
EVP_MD_CTX_cleanup has been removed in 1.1.x and EVP_MD_CTX_reset should be called to reinitialise an already created structure. --- lib/rsa/rsa-sign.c | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 8c6637e328..965fb00f95 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -20,6 +20,19 @@ #define HAVE_ERR_REMOVE_THREAD_STATE #endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L +void RSA_get0_key(const RSA *r, + const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) +{ + if (n != NULL) + *n = r->n; + if (e != NULL) + *e = r->e; + if (d != NULL) + *d = r->d; +} +#endif + static int rsa_err(const char *msg) { unsigned long sslErr = ERR_get_error(); @@ -409,7 +422,11 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, ret = rsa_err("Could not obtain signature"); goto err_sign; } - EVP_MD_CTX_cleanup(context); + #if OPENSSL_VERSION_NUMBER < 0x10100000L + EVP_MD_CTX_cleanup(context); + #else + EVP_MD_CTX_reset(context); + #endif EVP_MD_CTX_destroy(context); EVP_PKEY_free(key);
@@ -479,6 +496,7 @@ static int rsa_get_exponent(RSA *key, uint64_t *e) { int ret; BIGNUM *bn_te; + const BIGNUM *key_e; uint64_t te;
ret = -EINVAL; @@ -487,17 +505,18 @@ static int rsa_get_exponent(RSA *key, uint64_t *e) if (!e) goto cleanup;
- if (BN_num_bits(key->e) > 64) + RSA_get0_key(key, NULL, &key_e, NULL); + if (BN_num_bits(key_e) > 64) goto cleanup;
- *e = BN_get_word(key->e); + *e = BN_get_word(key_e);
- if (BN_num_bits(key->e) < 33) { + if (BN_num_bits(key_e) < 33) { ret = 0; goto cleanup; }
- bn_te = BN_dup(key->e); + bn_te = BN_dup(key_e); if (!bn_te) goto cleanup;
@@ -527,6 +546,7 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp, { BIGNUM *big1, *big2, *big32, *big2_32; BIGNUM *n, *r, *r_squared, *tmp; + const BIGNUM *key_n; BN_CTX *bn_ctx = BN_CTX_new(); int ret = 0;
@@ -548,7 +568,8 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp, if (0 != rsa_get_exponent(key, exponent)) ret = -1;
- if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) || + RSA_get0_key(key, NULL, &key_n, NULL); + if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) || !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) ret = -1;
ERR_remove_thread_state is deprecated in OpenSSL 1.1.x and does not do anything anymore. Thread initialisation and deinitialisation is now handled by the OpenSSL library.
Signed-off-by: Jelle van der Waa jelle@vdwaa.nl --- lib/rsa/rsa-sign.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 965fb00f95..347a6aa89e 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -16,10 +16,6 @@ #include <openssl/evp.h> #include <openssl/engine.h>
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L -#define HAVE_ERR_REMOVE_THREAD_STATE -#endif - #if OPENSSL_VERSION_NUMBER < 0x10100000L void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) @@ -356,9 +352,9 @@ static void rsa_remove(void) { CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); -#ifdef HAVE_ERR_REMOVE_THREAD_STATE +#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L ERR_remove_thread_state(NULL); -#else +#elif OPENSSL_VERSION_NUMBER < 0x10000000L ERR_remove_state(0); #endif EVP_cleanup();
On 13 February 2017 at 02:00, Jelle van der Waa jelle@vdwaa.nl wrote:
ERR_remove_thread_state is deprecated in OpenSSL 1.1.x and does not do anything anymore. Thread initialisation and deinitialisation is now handled by the OpenSSL library.
Signed-off-by: Jelle van der Waa jelle@vdwaa.nl
lib/rsa/rsa-sign.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-)
Reviewed-by: Simon Glass sjg@chromium.org
On Mon, Feb 13, 2017 at 9:00 AM, Jelle van der Waa jelle@vdwaa.nl wrote:
The rsa_st struct has been made opaque in 1.1.x, add forward compatible code to access the n, e, d members of rsa_struct.
EVP_MD_CTX_cleanup has been removed in 1.1.x and EVP_MD_CTX_reset should be called to reinitialise an already created structure.
You can add my tested by. Built on Fedora 26 with 1.1.0d. gcc 7 etc.
Peter
lib/rsa/rsa-sign.c | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 8c6637e328..965fb00f95 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -20,6 +20,19 @@ #define HAVE_ERR_REMOVE_THREAD_STATE #endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L +void RSA_get0_key(const RSA *r,
const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)+{
- if (n != NULL)
*n = r->n;- if (e != NULL)
*e = r->e;- if (d != NULL)
*d = r->d;+} +#endif
static int rsa_err(const char *msg) { unsigned long sslErr = ERR_get_error(); @@ -409,7 +422,11 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, ret = rsa_err("Could not obtain signature"); goto err_sign; }
EVP_MD_CTX_cleanup(context);
#if OPENSSL_VERSION_NUMBER < 0x10100000LEVP_MD_CTX_cleanup(context);#elseEVP_MD_CTX_reset(context);#endif EVP_MD_CTX_destroy(context); EVP_PKEY_free(key);@@ -479,6 +496,7 @@ static int rsa_get_exponent(RSA *key, uint64_t *e) { int ret; BIGNUM *bn_te;
const BIGNUM *key_e; uint64_t te; ret = -EINVAL;@@ -487,17 +505,18 @@ static int rsa_get_exponent(RSA *key, uint64_t *e) if (!e) goto cleanup;
if (BN_num_bits(key->e) > 64)
RSA_get0_key(key, NULL, &key_e, NULL);if (BN_num_bits(key_e) > 64) goto cleanup;
*e = BN_get_word(key->e);
*e = BN_get_word(key_e);
if (BN_num_bits(key->e) < 33) {
if (BN_num_bits(key_e) < 33) { ret = 0; goto cleanup; }
bn_te = BN_dup(key->e);
bn_te = BN_dup(key_e); if (!bn_te) goto cleanup;@@ -527,6 +546,7 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp, { BIGNUM *big1, *big2, *big32, *big2_32; BIGNUM *n, *r, *r_squared, *tmp;
const BIGNUM *key_n; BN_CTX *bn_ctx = BN_CTX_new(); int ret = 0;@@ -548,7 +568,8 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp, if (0 != rsa_get_exponent(key, exponent)) ret = -1;
if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) ||
RSA_get0_key(key, NULL, &key_n, NULL);if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) || !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) ret = -1;-- 2.11.1
U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
On Mon, Feb 13, 2017 at 9:57 AM, Peter Robinson pbrobinson@gmail.com wrote:
On Mon, Feb 13, 2017 at 9:00 AM, Jelle van der Waa jelle@vdwaa.nl wrote:
The rsa_st struct has been made opaque in 1.1.x, add forward compatible code to access the n, e, d members of rsa_struct.
EVP_MD_CTX_cleanup has been removed in 1.1.x and EVP_MD_CTX_reset should be called to reinitialise an already created structure.
You can add my tested by. Built on Fedora 26 with 1.1.0d. gcc 7 etc.
Although it needs to be updated for 2017.03rc2 for tools/kwbimage.c as it now supports secure boot and I get the following errors on build:
gcc -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -march=armv7-a -mfpu=vfpv3-d16 -mfloat-abi=hard -Wp,-MD,tools/.mxsimage.o.d -Itools -Wall -Wstrict-prototypes -O2 -fomit-frame-pointer -include /builddir/build/BUILD/u-boot-2017.03-rc2/include/libfdt_env.h -idirafterinclude -idirafter/builddir/build/BUILD/u-boot-2017.03-rc2/include -idirafter/builddir/build/BUILD/u-boot-2017.03-rc2/arch/arm/include -I/builddir/build/BUILD/u-boot-2017.03-rc2/lib/libfdt -I/builddir/build/BUILD/u-boot-2017.03-rc2/tools -DCONFIG_SYS_TEXT_BASE=0x00800000 -DUSE_HOSTCC -D__KERNEL_STRICT_NAMES -D_GNU_SOURCE -c -o tools/mxsimage.o /builddir/build/BUILD/u-boot-2017.03-rc2/tools/mxsimage.c /builddir/build/BUILD/u-boot-2017.03-rc2/tools/kwbimage.c: In function 'kwb_compute_pubkey_hash': /builddir/build/BUILD/u-boot-2017.03-rc2/tools/kwbimage.c:441:2: warning: implicit declaration of function 'EVP_MD_CTX_cleanup'; did you mean 'EVP_MD_CTX_create'? [-Wimplicit-function-declaration] EVP_MD_CTX_cleanup(ctx); ^~~~~~~~~~~~~~~~~~ EVP_MD_CTX_create /builddir/build/BUILD/u-boot-2017.03-rc2/tools/kwbimage.c: In function 'kwb_export_pubkey': /builddir/build/BUILD/u-boot-2017.03-rc2/tools/kwbimage.c:476:18: error: dereferencing pointer to incomplete type 'RSA {aka struct rsa_st}' if (!key || !key->e || !key->n || !dst) { ^~ /builddir/build/BUILD/u-boot-2017.03-rc2/tools/kwbimage.c:505:59: warning: format '%lu' expects argument of type 'long unsigned int', but argument 4 has type 'unsigned int' [-Wformat=] fprintf(stderr, "export pk failed: seq too large (%d, %lu)\n", ~~^ %u make[2]: *** [scripts/Makefile.host:116: tools/kwbimage.o] Error 1
lib/rsa/rsa-sign.c | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 8c6637e328..965fb00f95 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -20,6 +20,19 @@ #define HAVE_ERR_REMOVE_THREAD_STATE #endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L +void RSA_get0_key(const RSA *r,
const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)+{
- if (n != NULL)
*n = r->n;- if (e != NULL)
*e = r->e;- if (d != NULL)
*d = r->d;+} +#endif
static int rsa_err(const char *msg) { unsigned long sslErr = ERR_get_error(); @@ -409,7 +422,11 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, ret = rsa_err("Could not obtain signature"); goto err_sign; }
EVP_MD_CTX_cleanup(context);
#if OPENSSL_VERSION_NUMBER < 0x10100000LEVP_MD_CTX_cleanup(context);#elseEVP_MD_CTX_reset(context);#endif EVP_MD_CTX_destroy(context); EVP_PKEY_free(key);@@ -479,6 +496,7 @@ static int rsa_get_exponent(RSA *key, uint64_t *e) { int ret; BIGNUM *bn_te;
const BIGNUM *key_e; uint64_t te; ret = -EINVAL;@@ -487,17 +505,18 @@ static int rsa_get_exponent(RSA *key, uint64_t *e) if (!e) goto cleanup;
if (BN_num_bits(key->e) > 64)
RSA_get0_key(key, NULL, &key_e, NULL);if (BN_num_bits(key_e) > 64) goto cleanup;
*e = BN_get_word(key->e);
*e = BN_get_word(key_e);
if (BN_num_bits(key->e) < 33) {
if (BN_num_bits(key_e) < 33) { ret = 0; goto cleanup; }
bn_te = BN_dup(key->e);
bn_te = BN_dup(key_e); if (!bn_te) goto cleanup;@@ -527,6 +546,7 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp, { BIGNUM *big1, *big2, *big32, *big2_32; BIGNUM *n, *r, *r_squared, *tmp;
const BIGNUM *key_n; BN_CTX *bn_ctx = BN_CTX_new(); int ret = 0;@@ -548,7 +568,8 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp, if (0 != rsa_get_exponent(key, exponent)) ret = -1;
if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) ||
RSA_get0_key(key, NULL, &key_n, NULL);if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) || !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) ret = -1;-- 2.11.1
U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
On 02/14/17 at 12:43pm, Peter Robinson wrote:
On Mon, Feb 13, 2017 at 9:57 AM, Peter Robinson pbrobinson@gmail.com wrote:
On Mon, Feb 13, 2017 at 9:00 AM, Jelle van der Waa jelle@vdwaa.nl wrote:
The rsa_st struct has been made opaque in 1.1.x, add forward compatible code to access the n, e, d members of rsa_struct.
EVP_MD_CTX_cleanup has been removed in 1.1.x and EVP_MD_CTX_reset should be called to reinitialise an already created structure.
You can add my tested by. Built on Fedora 26 with 1.1.0d. gcc 7 etc.
Although it needs to be updated for 2017.03rc2 for tools/kwbimage.c as it now supports secure boot and I get the following errors on build:
I've created a patch for it here. I'll send it to the list tommorow
http://vps.vdwaa.nl/~jelle/0001-tools-kwbimage-fix-build-with-OpenSSL-1.1.x....
These version tests should be
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
or better yet have tests based on functionality rather than version.
opensslv.h on OpenBSD-current/LibreSSL portable master has
/* $OpenBSD: opensslv.h,v 1.39 2017/02/14 03:50:25 bcook Exp $ */ #ifndef HEADER_OPENSSLV_H #define HEADER_OPENSSLV_H
/* These will change with each release of LibreSSL-portable */ #define LIBRESSL_VERSION_NUMBER 0x2050200fL #define LIBRESSL_VERSION_TEXT "LibreSSL 2.5.2"
/* These will never change */ #define OPENSSL_VERSION_NUMBER 0x20000000L #define OPENSSL_VERSION_TEXT LIBRESSL_VERSION_TEXT #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
#define SHLIB_VERSION_HISTORY "" #define SHLIB_VERSION_NUMBER "1.0.0"
#endif /* HEADER_OPENSSLV_H */
On Mon, Feb 13, 2017 at 10:00:36AM +0100, Jelle van der Waa wrote:
The rsa_st struct has been made opaque in 1.1.x, add forward compatible code to access the n, e, d members of rsa_struct.
EVP_MD_CTX_cleanup has been removed in 1.1.x and EVP_MD_CTX_reset should be called to reinitialise an already created structure.
lib/rsa/rsa-sign.c | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 8c6637e328..965fb00f95 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -20,6 +20,19 @@ #define HAVE_ERR_REMOVE_THREAD_STATE #endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L +void RSA_get0_key(const RSA *r,
const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)+{
- if (n != NULL)
*n = r->n;- if (e != NULL)
*e = r->e;- if (d != NULL)
*d = r->d;+} +#endif
static int rsa_err(const char *msg) { unsigned long sslErr = ERR_get_error(); @@ -409,7 +422,11 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, ret = rsa_err("Could not obtain signature"); goto err_sign; }
- EVP_MD_CTX_cleanup(context);
- #if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_MD_CTX_cleanup(context);- #else
EVP_MD_CTX_reset(context);- #endif EVP_MD_CTX_destroy(context); EVP_PKEY_free(key);
@@ -479,6 +496,7 @@ static int rsa_get_exponent(RSA *key, uint64_t *e) { int ret; BIGNUM *bn_te;
const BIGNUM *key_e; uint64_t te;
ret = -EINVAL;
@@ -487,17 +505,18 @@ static int rsa_get_exponent(RSA *key, uint64_t *e) if (!e) goto cleanup;
- if (BN_num_bits(key->e) > 64)
- RSA_get0_key(key, NULL, &key_e, NULL);
- if (BN_num_bits(key_e) > 64) goto cleanup;
- *e = BN_get_word(key->e);
- *e = BN_get_word(key_e);
- if (BN_num_bits(key->e) < 33) {
- if (BN_num_bits(key_e) < 33) { ret = 0; goto cleanup; }
- bn_te = BN_dup(key->e);
- bn_te = BN_dup(key_e); if (!bn_te) goto cleanup;
@@ -527,6 +546,7 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp, { BIGNUM *big1, *big2, *big32, *big2_32; BIGNUM *n, *r, *r_squared, *tmp;
- const BIGNUM *key_n; BN_CTX *bn_ctx = BN_CTX_new(); int ret = 0;
@@ -548,7 +568,8 @@ int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp, if (0 != rsa_get_exponent(key, exponent)) ret = -1;
- if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) ||
- RSA_get0_key(key, NULL, &key_n, NULL);
- if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) || !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) ret = -1;
-- 2.11.1
U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
participants (4)
-
Jelle van der Waa -
Jonathan Gray -
Peter Robinson -
Simon Glass