You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
76 lines
3.3 KiB
76 lines
3.3 KiB
From 563f9c951d9b050378b9d3659a932c98ab587b21 Mon Sep 17 00:00:00 2001 |
|
From: Petr Gotthard <petr.gotthard@centrum.cz> |
|
Date: Sat, 17 Jul 2021 21:22:28 +0200 |
|
Subject: FAPI Test: Call EVP_DigestSignInit in the correct order |
|
MIME-Version: 1.0 |
|
Content-Type: text/plain; charset=UTF-8 |
|
Content-Transfer-Encoding: 8bit |
|
|
|
The EVP_DigestSignInit should be called only once and before calling |
|
EVP_PKEY_CTX_set_rsa_padding. See a corresponding example |
|
[here](https://www.openssl.org/docs/man1.0.2/man3/EVP_PKEY_sign_init.html) |
|
|
|
Current code works with OpenSSL 1.x, but fails with OpenSSL 3.0. |
|
This PR makes the code compatible with OpenSSL 1.0 through 3.0. |
|
|
|
Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz> |
|
--- |
|
test/integration/fapi-data-crypt.int.c | 8 ++------ |
|
test/integration/fapi-key-create-policy-signed.int.c | 8 ++------ |
|
2 files changed, 4 insertions(+), 12 deletions(-) |
|
|
|
diff --git a/test/integration/fapi-data-crypt.int.c b/test/integration/fapi-data-crypt.int.c |
|
index b2d20b28..d42466db 100644 |
|
--- a/test/integration/fapi-data-crypt.int.c |
|
+++ b/test/integration/fapi-data-crypt.int.c |
|
@@ -129,8 +129,8 @@ signatureCallback( |
|
mdctx = EVP_MD_CTX_create(); |
|
chknull(mdctx); |
|
|
|
- if (1 != EVP_DigestSignInit(mdctx, &pctx, NULL, NULL, priv_key)) { |
|
- goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL digest sign init.", |
|
+ if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) { |
|
+ goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.", |
|
error_cleanup); |
|
} |
|
if (EVP_PKEY_type(EVP_PKEY_id(priv_key)) == EVP_PKEY_RSA) { |
|
@@ -140,10 +140,6 @@ signatureCallback( |
|
error_cleanup); |
|
} |
|
} |
|
- if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) { |
|
- goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.", |
|
- error_cleanup); |
|
- } |
|
if (1 != EVP_DigestSignUpdate(mdctx, dataToSign, dataToSignSize)) { |
|
goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign update.", |
|
error_cleanup); |
|
diff --git a/test/integration/fapi-key-create-policy-signed.int.c b/test/integration/fapi-key-create-policy-signed.int.c |
|
index e51289a6..b903dec0 100644 |
|
--- a/test/integration/fapi-key-create-policy-signed.int.c |
|
+++ b/test/integration/fapi-key-create-policy-signed.int.c |
|
@@ -144,8 +144,8 @@ signatureCallback( |
|
mdctx = EVP_MD_CTX_create(); |
|
chknull(mdctx); |
|
|
|
- if (1 != EVP_DigestSignInit(mdctx, &pctx, NULL, NULL, priv_key)) { |
|
- goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL digest sign init.", |
|
+ if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) { |
|
+ goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.", |
|
error_cleanup); |
|
} |
|
if (EVP_PKEY_type(EVP_PKEY_id(priv_key)) == EVP_PKEY_RSA) { |
|
@@ -155,10 +155,6 @@ signatureCallback( |
|
error_cleanup); |
|
} |
|
} |
|
- if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) { |
|
- goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.", |
|
- error_cleanup); |
|
- } |
|
if (1 != EVP_DigestSignUpdate(mdctx, dataToSign, dataToSignSize)) { |
|
goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign update.", |
|
error_cleanup); |
|
-- |
|
2.26.3 |
|
|
|
|