Compare commits
17 commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
ce309c5fe2 | ||
|
|
4216267211 | ||
|
|
19d0837df6 | ||
|
|
ac05dbd9a0 | ||
|
|
0083ee8d68 | ||
|
|
6480292490 | ||
|
|
02ab2b34f8 | ||
|
|
2cfb0f540b | ||
|
|
cbc9967da9 | ||
|
|
6e29c2d4d6 | ||
|
|
796488def8 | ||
|
|
b9b459ee13 | ||
|
|
7dbf3c5fee | ||
|
|
9d582cc0c7 | ||
|
|
fa2d681abb | ||
|
|
5b871ceabd | ||
|
|
ecc43918fc |
5 changed files with 254 additions and 56 deletions
15
.gitignore
vendored
15
.gitignore
vendored
|
|
@ -8,3 +8,18 @@
|
|||
/AusweisApp-2.0.3.tar.gz
|
||||
/AusweisApp-2.0.3.tar.gz.asc
|
||||
/AusweisApp-2.0.3.tar.gz.sha256
|
||||
/AusweisApp-2.1.0.tar.gz
|
||||
/AusweisApp-2.1.0.tar.gz.asc
|
||||
/AusweisApp-2.1.0.tar.gz.sha256
|
||||
/AusweisApp-2.1.1.tar.gz
|
||||
/AusweisApp-2.1.1.tar.gz.asc
|
||||
/AusweisApp-2.1.1.tar.gz.sha256
|
||||
/AusweisApp-2.2.0.tar.gz
|
||||
/AusweisApp-2.2.0.tar.gz.asc
|
||||
/AusweisApp-2.2.0.tar.gz.sha256
|
||||
/AusweisApp-2.2.1.tar.gz
|
||||
/AusweisApp-2.2.1.tar.gz.asc
|
||||
/AusweisApp-2.2.1.tar.gz.sha256
|
||||
/AusweisApp-2.2.2.tar.gz
|
||||
/AusweisApp-2.2.2.tar.gz.asc
|
||||
/AusweisApp-2.2.2.tar.gz.sha256
|
||||
|
|
|
|||
|
|
@ -1,7 +1,27 @@
|
|||
diff -up AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp.legacyapi AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp
|
||||
--- AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp.legacyapi 2023-11-08 16:55:33.000000000 +0100
|
||||
+++ AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp 2024-01-05 22:06:07.585023942 +0100
|
||||
@@ -182,7 +182,6 @@ QByteArray EcdsaPublicKey::getUncompress
|
||||
From 360d75e9ac2977a99b3e45e0e472a0abb02655cf Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Thu, 4 Jul 2024 20:10:17 +0200
|
||||
Subject: [PATCH] AusweisApp2-2.0.1-use-legacy-openssl-api.patch
|
||||
|
||||
---
|
||||
src/card/base/asn1/EcdsaPublicKey.cpp | 39 ------
|
||||
src/card/base/asn1/EcdsaPublicKey.h | 6 +-
|
||||
src/card/base/pace/ec/EcdhGenericMapping.cpp | 15 ---
|
||||
src/card/base/pace/ec/EcdhGenericMapping.h | 4 -
|
||||
src/card/base/pace/ec/EcdhKeyAgreement.cpp | 7 -
|
||||
src/card/base/pace/ec/EcUtil.cpp | 134 -------------------
|
||||
src/card/base/pace/ec/EcUtil.h | 12 --
|
||||
src/card/simulator/SimulatorCard.cpp | 45 +------
|
||||
src/card/simulator/SimulatorCard.h | 4 -
|
||||
src/card/simulator/SimulatorFileSystem.cpp | 9 --
|
||||
src/card/simulator/SimulatorFileSystem.h | 4 -
|
||||
11 files changed, 2 insertions(+), 277 deletions(-)
|
||||
|
||||
diff --git a/src/card/base/asn1/EcdsaPublicKey.cpp b/src/card/base/asn1/EcdsaPublicKey.cpp
|
||||
index ea07eda..0f19c11 100644
|
||||
--- a/src/card/base/asn1/EcdsaPublicKey.cpp
|
||||
+++ b/src/card/base/asn1/EcdsaPublicKey.cpp
|
||||
@@ -182,7 +182,6 @@ QByteArray EcdsaPublicKey::getUncompressedPublicPoint() const
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -9,7 +29,7 @@ diff -up AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp.legacyapi Auswei
|
|||
QSharedPointer<EC_GROUP> EcdsaPublicKey::createGroup(const CurveData& pData) const
|
||||
{
|
||||
QSharedPointer<EC_GROUP> group = EcUtil::create(EC_GROUP_new_curve_GFp(pData.p.data(), pData.a.data(), pData.b.data(), nullptr));
|
||||
@@ -209,8 +208,6 @@ QSharedPointer<EC_GROUP> EcdsaPublicKey:
|
||||
@@ -209,8 +208,6 @@ QSharedPointer<EC_GROUP> EcdsaPublicKey::createGroup(const CurveData& pData) con
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -18,7 +38,7 @@ diff -up AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp.legacyapi Auswei
|
|||
QSharedPointer<EVP_PKEY> EcdsaPublicKey::createKey(const QByteArray& pPublicPoint) const
|
||||
{
|
||||
return createKey(reinterpret_cast<const uchar*>(pPublicPoint.constData()), static_cast<int>(pPublicPoint.size()));
|
||||
@@ -239,7 +236,6 @@ QSharedPointer<EVP_PKEY> EcdsaPublicKey:
|
||||
@@ -239,7 +236,6 @@ QSharedPointer<EVP_PKEY> EcdsaPublicKey::createKey(const uchar* pPublicPoint, in
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
|
|
@ -26,7 +46,7 @@ diff -up AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp.legacyapi Auswei
|
|||
const auto& group = createGroup(curveData);
|
||||
if (group.isNull())
|
||||
{
|
||||
@@ -275,39 +271,4 @@ QSharedPointer<EVP_PKEY> EcdsaPublicKey:
|
||||
@@ -275,39 +271,4 @@ QSharedPointer<EVP_PKEY> EcdsaPublicKey::createKey(const uchar* pPublicPoint, in
|
||||
|
||||
return key;
|
||||
|
||||
|
|
@ -66,9 +86,10 @@ diff -up AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp.legacyapi Auswei
|
|||
-
|
||||
-#endif
|
||||
}
|
||||
diff -up AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.h.legacyapi AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.h
|
||||
--- AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.h.legacyapi 2023-11-08 16:55:33.000000000 +0100
|
||||
+++ AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.h 2024-01-05 21:26:24.850152676 +0100
|
||||
diff --git a/src/card/base/asn1/EcdsaPublicKey.h b/src/card/base/asn1/EcdsaPublicKey.h
|
||||
index 36f768e..45f78ec 100644
|
||||
--- a/src/card/base/asn1/EcdsaPublicKey.h
|
||||
+++ b/src/card/base/asn1/EcdsaPublicKey.h
|
||||
@@ -13,9 +13,7 @@
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/evp.h>
|
||||
|
|
@ -80,7 +101,7 @@ diff -up AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.h.legacyapi AusweisA
|
|||
|
||||
|
||||
namespace governikus
|
||||
@@ -105,9 +103,7 @@ using EcdsaPublicKey = struct ecdsapubli
|
||||
@@ -105,9 +103,7 @@ using EcdsaPublicKey = struct ecdsapublickey_st
|
||||
|
||||
[[nodiscard]] CurveData createCurveData() const;
|
||||
[[nodiscard]] QSharedPointer<EVP_PKEY> createKey(const uchar* pPublicPoint, int pPublicPointLength) const;
|
||||
|
|
@ -90,68 +111,71 @@ diff -up AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.h.legacyapi AusweisA
|
|||
|
||||
public:
|
||||
static int decodeCallback(int pOperation, ASN1_VALUE** pVal, const ASN1_ITEM* pIt, void* pExarg);
|
||||
diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.cpp.legacyapi AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.cpp
|
||||
--- AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.cpp.legacyapi 2023-11-08 16:55:33.000000000 +0100
|
||||
+++ AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.cpp 2024-01-05 21:51:28.494919678 +0100
|
||||
@@ -37,13 +37,8 @@ QByteArray EcdhGenericMapping::generateT
|
||||
diff --git a/src/card/base/pace/ec/EcdhGenericMapping.cpp b/src/card/base/pace/ec/EcdhGenericMapping.cpp
|
||||
index 3e2d1d4..1a8e6a2 100644
|
||||
--- a/src/card/base/pace/ec/EcdhGenericMapping.cpp
|
||||
+++ b/src/card/base/pace/ec/EcdhGenericMapping.cpp
|
||||
@@ -37,13 +37,8 @@ QByteArray EcdhGenericMapping::generateLocalMappingData()
|
||||
|
||||
mTerminalKey = EcUtil::generateKey(mCurve);
|
||||
mLocalKey = EcUtil::generateKey(mCurve);
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
- return EcUtil::getEncodedPublicKey(mTerminalKey);
|
||||
- return EcUtil::getEncodedPublicKey(mLocalKey);
|
||||
-
|
||||
-#else
|
||||
return EcUtil::point2oct(mCurve, EC_KEY_get0_public_key(mTerminalKey.data()));
|
||||
return EcUtil::point2oct(mCurve, EC_KEY_get0_public_key(mLocalKey.data()));
|
||||
|
||||
-#endif
|
||||
}
|
||||
|
||||
|
||||
@@ -56,12 +51,7 @@ bool EcdhGenericMapping::generateEphemer
|
||||
@@ -56,12 +51,7 @@ bool EcdhGenericMapping::generateEphemeralDomainParameters(const QByteArray& pRe
|
||||
return false;
|
||||
}
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
- const QSharedPointer<const EC_POINT> terminalPubKeyPtr = EcUtil::oct2point(mCurve, EcUtil::getEncodedPublicKey(mTerminalKey));
|
||||
- const EC_POINT* terminalPubKey = terminalPubKeyPtr.data();
|
||||
- const QSharedPointer<const EC_POINT> localPubKeyPtr = EcUtil::oct2point(mCurve, EcUtil::getEncodedPublicKey(mLocalKey));
|
||||
- const EC_POINT* localPubKey = localPubKeyPtr.data();
|
||||
-#else
|
||||
const EC_POINT* terminalPubKey = EC_KEY_get0_public_key(mTerminalKey.data());
|
||||
const EC_POINT* localPubKey = EC_KEY_get0_public_key(mLocalKey.data());
|
||||
-#endif
|
||||
if (!EC_POINT_cmp(mCurve.data(), terminalPubKey, cardPubKey.data(), nullptr))
|
||||
if (!EC_POINT_cmp(mCurve.data(), localPubKey, remotePubKey.data(), nullptr))
|
||||
{
|
||||
qCCritical(card) << "The exchanged public keys are equal.";
|
||||
@@ -81,12 +71,7 @@ bool EcdhGenericMapping::generateEphemer
|
||||
@@ -81,12 +71,7 @@ bool EcdhGenericMapping::generateEphemeralDomainParameters(const QByteArray& pRe
|
||||
|
||||
QSharedPointer<EC_POINT> EcdhGenericMapping::createNewGenerator(const QSharedPointer<const EC_POINT>& pCardPubKey, const QSharedPointer<const BIGNUM>& pS)
|
||||
QSharedPointer<EC_POINT> EcdhGenericMapping::createNewGenerator(const QSharedPointer<const EC_POINT>& pRemotePubKey, const QSharedPointer<const BIGNUM>& pS)
|
||||
{
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
- const auto& privKeyPtr = EcUtil::getPrivateKey(mTerminalKey);
|
||||
- const auto& privKeyPtr = EcUtil::getPrivateKey(mLocalKey);
|
||||
- const BIGNUM* privKey = privKeyPtr.data();
|
||||
-#else
|
||||
const BIGNUM* privKey = EC_KEY_get0_private_key(mTerminalKey.data());
|
||||
const BIGNUM* privKey = EC_KEY_get0_private_key(mLocalKey.data());
|
||||
-#endif
|
||||
|
||||
if (!privKey)
|
||||
{
|
||||
diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.h.legacyapi AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.h
|
||||
--- AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.h.legacyapi 2023-11-08 16:55:33.000000000 +0100
|
||||
+++ AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.h 2024-01-05 21:52:19.801808499 +0100
|
||||
diff --git a/src/card/base/pace/ec/EcdhGenericMapping.h b/src/card/base/pace/ec/EcdhGenericMapping.h
|
||||
index bdfa5a8..dea4bf0 100644
|
||||
--- a/src/card/base/pace/ec/EcdhGenericMapping.h
|
||||
+++ b/src/card/base/pace/ec/EcdhGenericMapping.h
|
||||
@@ -22,11 +22,7 @@ class EcdhGenericMapping
|
||||
|
||||
private:
|
||||
const QSharedPointer<EC_GROUP> mCurve;
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
- QSharedPointer<EVP_PKEY> mTerminalKey;
|
||||
- QSharedPointer<EVP_PKEY> mLocalKey;
|
||||
-#else
|
||||
QSharedPointer<EC_KEY> mTerminalKey;
|
||||
QSharedPointer<EC_KEY> mLocalKey;
|
||||
-#endif
|
||||
|
||||
QSharedPointer<EC_POINT> createNewGenerator(const QSharedPointer<const EC_POINT>& pCardPubKey, const QSharedPointer<const BIGNUM>& pS);
|
||||
QSharedPointer<EC_POINT> createNewGenerator(const QSharedPointer<const EC_POINT>& pRemotePubKey, const QSharedPointer<const BIGNUM>& pS);
|
||||
|
||||
diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcdhKeyAgreement.cpp.legacyapi AusweisApp-2.0.1/src/card/base/pace/ec/EcdhKeyAgreement.cpp
|
||||
--- AusweisApp-2.0.1/src/card/base/pace/ec/EcdhKeyAgreement.cpp.legacyapi 2023-11-08 16:55:33.000000000 +0100
|
||||
+++ AusweisApp-2.0.1/src/card/base/pace/ec/EcdhKeyAgreement.cpp 2024-01-05 21:37:17.920243239 +0100
|
||||
@@ -105,15 +105,8 @@ KeyAgreement::CardResult EcdhKeyAgreemen
|
||||
diff --git a/src/card/base/pace/ec/EcdhKeyAgreement.cpp b/src/card/base/pace/ec/EcdhKeyAgreement.cpp
|
||||
index 0f0ae09..45c8a76 100644
|
||||
--- a/src/card/base/pace/ec/EcdhKeyAgreement.cpp
|
||||
+++ b/src/card/base/pace/ec/EcdhKeyAgreement.cpp
|
||||
@@ -96,15 +96,8 @@ KeyAgreement::CardResult EcdhKeyAgreement::performKeyExchange()
|
||||
return {CardReturnCode::PROTOCOL_ERROR};
|
||||
}
|
||||
|
||||
|
|
@ -167,10 +191,11 @@ diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcdhKeyAgreement.cpp.legacyapi A
|
|||
|
||||
// Make a copy of the terminal public key for later mutual authentication.
|
||||
mTerminalPublicKey = EcUtil::oct2point(curve, terminalEphemeralPublicKeyBytes);
|
||||
diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.cpp.legacyapi AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.cpp
|
||||
--- AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.cpp.legacyapi 2023-11-08 16:55:33.000000000 +0100
|
||||
+++ AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.cpp 2024-01-05 20:33:28.156797843 +0100
|
||||
@@ -88,137 +88,6 @@ QSharedPointer<EC_POINT> EcUtil::oct2poi
|
||||
diff --git a/src/card/base/pace/ec/EcUtil.cpp b/src/card/base/pace/ec/EcUtil.cpp
|
||||
index 10db88f..5c0ff53 100644
|
||||
--- a/src/card/base/pace/ec/EcUtil.cpp
|
||||
+++ b/src/card/base/pace/ec/EcUtil.cpp
|
||||
@@ -103,137 +103,6 @@ QSharedPointer<EC_POINT> EcUtil::oct2point(const QSharedPointer<const EC_GROUP>&
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -308,17 +333,18 @@ diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.cpp.legacyapi AusweisApp-
|
|||
QSharedPointer<EC_KEY> EcUtil::generateKey(const QSharedPointer<const EC_GROUP>& pCurve)
|
||||
{
|
||||
if (pCurve.isNull())
|
||||
@@ -242,6 +111,3 @@ QSharedPointer<EC_KEY> EcUtil::generateK
|
||||
@@ -257,6 +126,3 @@ QSharedPointer<EC_KEY> EcUtil::generateKey(const QSharedPointer<const EC_GROUP>&
|
||||
|
||||
return key;
|
||||
}
|
||||
-
|
||||
-
|
||||
-#endif
|
||||
diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h.legacyapi AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h
|
||||
--- AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h.legacyapi 2023-11-08 16:55:33.000000000 +0100
|
||||
+++ AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h 2024-01-05 22:15:17.157430740 +0100
|
||||
@@ -30,9 +30,7 @@ class EcUtil
|
||||
diff --git a/src/card/base/pace/ec/EcUtil.h b/src/card/base/pace/ec/EcUtil.h
|
||||
index b575341..f7db521 100644
|
||||
--- a/src/card/base/pace/ec/EcUtil.h
|
||||
+++ b/src/card/base/pace/ec/EcUtil.h
|
||||
@@ -32,9 +32,7 @@ class EcUtil
|
||||
|
||||
static QSharedPointer<EC_GROUP> create(EC_GROUP* pEcGroup);
|
||||
|
||||
|
|
@ -328,7 +354,7 @@ diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h.legacyapi AusweisApp-2.
|
|||
|
||||
static QSharedPointer<EC_POINT> create(EC_POINT* pEcPoint);
|
||||
|
||||
@@ -42,14 +40,7 @@ class EcUtil
|
||||
@@ -44,14 +42,7 @@ class EcUtil
|
||||
|
||||
static QSharedPointer<EVP_PKEY_CTX> create(EVP_PKEY_CTX* pEcGroup);
|
||||
|
||||
|
|
@ -343,7 +369,7 @@ diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h.legacyapi AusweisApp-2.
|
|||
|
||||
static QSharedPointer<EC_GROUP> createCurve(int pNid);
|
||||
};
|
||||
@@ -66,7 +57,6 @@ inline QSharedPointer<EC_GROUP> EcUtil::
|
||||
@@ -68,7 +59,6 @@ inline QSharedPointer<EC_GROUP> EcUtil::create(EC_GROUP* pEcGroup)
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -351,7 +377,7 @@ diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h.legacyapi AusweisApp-2.
|
|||
inline QSharedPointer<EC_KEY> EcUtil::create(EC_KEY* pEcKey)
|
||||
{
|
||||
static auto deleter = [](EC_KEY* ecKey)
|
||||
@@ -78,8 +68,6 @@ inline QSharedPointer<EC_KEY> EcUtil::cr
|
||||
@@ -80,8 +70,6 @@ inline QSharedPointer<EC_KEY> EcUtil::create(EC_KEY* pEcKey)
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -360,3 +386,147 @@ diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h.legacyapi AusweisApp-2.
|
|||
inline QSharedPointer<EC_POINT> EcUtil::create(EC_POINT* pEcPoint)
|
||||
{
|
||||
static auto deleter = [](EC_POINT* ecPoint)
|
||||
diff --git a/src/card/simulator/SimulatorCard.cpp b/src/card/simulator/SimulatorCard.cpp
|
||||
index 87491d7..2da83b1 100644
|
||||
--- a/src/card/simulator/SimulatorCard.cpp
|
||||
+++ b/src/card/simulator/SimulatorCard.cpp
|
||||
@@ -22,9 +22,7 @@
|
||||
#include <QScopeGuard>
|
||||
#include <QThread>
|
||||
#include <QtEndian>
|
||||
-#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
- #include <openssl/bn.h>
|
||||
-#endif
|
||||
+#include <openssl/bn.h>
|
||||
|
||||
|
||||
using namespace governikus;
|
||||
@@ -369,12 +367,8 @@ ResponseApduResult SimulatorCard::executeGeneralAuthenticate(const CommandApdu&
|
||||
mPaceTerminalKey = cmdData.getData(V_ASN1_CONTEXT_SPECIFIC, ASN1Struct::PACE_EPHEMERAL_PUBLIC_KEY);
|
||||
|
||||
auto asn1KeyAgreement = newObject<GA_PERFORMKEYAGREEMENTDATA>();
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
- const auto& encodedPublicKey = EcUtil::getEncodedPublicKey(mCardKey);
|
||||
-#else
|
||||
const auto& curve = EcUtil::create(EC_GROUP_dup(EC_KEY_get0_group(mCardKey.data())));
|
||||
const auto& encodedPublicKey = EcUtil::point2oct(curve, EC_KEY_get0_public_key(mCardKey.data()));
|
||||
-#endif
|
||||
Asn1OctetStringUtil::setValue(encodedPublicKey, asn1KeyAgreement->mEphemeralPublicKey);
|
||||
responseData = encodeObject(asn1KeyAgreement.data());
|
||||
break;
|
||||
@@ -461,42 +455,6 @@ QByteArray SimulatorCard::ecMultiplication(const QByteArray& pPoint) const
|
||||
return QByteArray();
|
||||
}
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
- const auto& terminalKey = EcUtil::create(EVP_PKEY_new());
|
||||
- if (terminalKey.isNull() || EVP_PKEY_copy_parameters(terminalKey.data(), mCardKey.data()) == 0)
|
||||
- {
|
||||
- qCCritical(card_simulator) << "Initialization of the terminal key failed";
|
||||
- return QByteArray();
|
||||
- }
|
||||
- if (!EVP_PKEY_set1_encoded_public_key(
|
||||
- terminalKey.data(),
|
||||
- reinterpret_cast<const unsigned char*>(pPoint.data()),
|
||||
- static_cast<size_t>(pPoint.length())))
|
||||
- {
|
||||
- qCCritical(card_simulator) << "Interpreting the terminal key failed";
|
||||
- return QByteArray();
|
||||
- }
|
||||
-
|
||||
- const auto& ctx = EcUtil::create(EVP_PKEY_CTX_new_from_pkey(nullptr, mCardKey.data(), nullptr));
|
||||
- size_t resultLen = 0;
|
||||
- if (EVP_PKEY_derive_init(ctx.data()) <= 0
|
||||
- || EVP_PKEY_derive_set_peer(ctx.data(), terminalKey.data()) <= 0
|
||||
- || EVP_PKEY_derive(ctx.data(), nullptr, &resultLen) <= 0)
|
||||
- {
|
||||
- qCCritical(card_simulator) << "Initialization or calculation of the result failed";
|
||||
- return QByteArray();
|
||||
- }
|
||||
-
|
||||
- QByteArray result(static_cast<qsizetype>(resultLen), '\0');
|
||||
- if (EVP_PKEY_derive(ctx.data(), reinterpret_cast<uchar*>(result.data()), &resultLen) <= 0)
|
||||
- {
|
||||
- qCCritical(card_simulator) << "Calculation of the result failed";
|
||||
- return QByteArray();
|
||||
- }
|
||||
-
|
||||
- return result;
|
||||
-
|
||||
-#else
|
||||
const auto& curve = EcUtil::create(EC_GROUP_dup(EC_KEY_get0_group(mCardKey.data())));
|
||||
auto point = EcUtil::oct2point(curve, pPoint);
|
||||
if (!point)
|
||||
@@ -515,7 +473,6 @@ QByteArray SimulatorCard::ecMultiplication(const QByteArray& pPoint) const
|
||||
|
||||
return EcUtil::point2oct(curve, result.data(), true);
|
||||
|
||||
-#endif
|
||||
}
|
||||
|
||||
|
||||
diff --git a/src/card/simulator/SimulatorCard.h b/src/card/simulator/SimulatorCard.h
|
||||
index b709d17..23f858b 100644
|
||||
--- a/src/card/simulator/SimulatorCard.h
|
||||
+++ b/src/card/simulator/SimulatorCard.h
|
||||
@@ -35,11 +35,7 @@ class SimulatorCard
|
||||
QSharedPointer<CHAT> mPaceChat;
|
||||
QByteArray mPaceNonce;
|
||||
QByteArray mPaceTerminalKey;
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
- QSharedPointer<EVP_PKEY> mCardKey;
|
||||
-#else
|
||||
QSharedPointer<EC_KEY> mCardKey;
|
||||
-#endif
|
||||
QSharedPointer<AuthenticatedAuxiliaryData> mTaAuxData;
|
||||
|
||||
public:
|
||||
diff --git a/src/card/simulator/SimulatorFileSystem.cpp b/src/card/simulator/SimulatorFileSystem.cpp
|
||||
index 122ca4f..046d540 100644
|
||||
--- a/src/card/simulator/SimulatorFileSystem.cpp
|
||||
+++ b/src/card/simulator/SimulatorFileSystem.cpp
|
||||
@@ -327,11 +327,7 @@ QByteArray SimulatorFileSystem::getEfCardAccess() const
|
||||
}
|
||||
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
-QSharedPointer<EVP_PKEY> SimulatorFileSystem::getKey(int pKeyId) const
|
||||
-#else
|
||||
QSharedPointer<EC_KEY> SimulatorFileSystem::getKey(int pKeyId) const
|
||||
-#endif
|
||||
{
|
||||
if (!mKeys.contains(pKeyId))
|
||||
{
|
||||
@@ -347,13 +343,8 @@ QSharedPointer<EC_KEY> SimulatorFileSystem::getKey(int pKeyId) const
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
- return privateKey;
|
||||
-
|
||||
-#else
|
||||
return EcUtil::create(EVP_PKEY_get1_EC_KEY(privateKey.data()));
|
||||
|
||||
-#endif
|
||||
}
|
||||
|
||||
|
||||
diff --git a/src/card/simulator/SimulatorFileSystem.h b/src/card/simulator/SimulatorFileSystem.h
|
||||
index cb9704b..44d4054 100644
|
||||
--- a/src/card/simulator/SimulatorFileSystem.h
|
||||
+++ b/src/card/simulator/SimulatorFileSystem.h
|
||||
@@ -38,11 +38,7 @@ class SimulatorFileSystem
|
||||
[[nodiscard]] StatusCode write(qsizetype pOffset, const QByteArray& pData);
|
||||
|
||||
[[nodiscard]] QByteArray getEfCardAccess() const;
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
- [[nodiscard]] QSharedPointer<EVP_PKEY> getKey(int pKeyId) const;
|
||||
-#else
|
||||
[[nodiscard]] QSharedPointer<EC_KEY> getKey(int pKeyId) const;
|
||||
-#endif
|
||||
|
||||
[[nodiscard]] StatusCode verify(const Oid& pOid, const QSharedPointer<AuthenticatedAuxiliaryData>& pAuxiliaryData) const;
|
||||
|
||||
--
|
||||
2.45.2
|
||||
|
||||
|
|
|
|||
|
|
@ -41,11 +41,11 @@ fi \
|
|||
%global newname AusweisApp
|
||||
|
||||
Name: AusweisApp2
|
||||
Version: 2.0.3
|
||||
Version: 2.2.2
|
||||
Release: %autorelease
|
||||
Summary: %{pkg_sum}
|
||||
|
||||
License: EUPL 1.2
|
||||
License: EUPL-1.2
|
||||
URL: https://www.ausweisapp.bund.de/en
|
||||
|
||||
# Url to releases on github.
|
||||
|
|
@ -64,6 +64,9 @@ Source1000: gen_openssl_cnf.py
|
|||
|
||||
# Downstream.
|
||||
Patch01000: %{name}-1.24.1-use_Qt_TranslationsPath.patch
|
||||
# Needed because Fedora's openssl does not support elliptic curves using custom parameters.
|
||||
# Request to enable them was denied: https://bugzilla.redhat.com/show_bug.cgi?id=2259403
|
||||
# It is currently not clear if the legacy API works by accident or by design. It does work as of January 2024.
|
||||
Patch01001: %{name}-2.0.1-use-legacy-openssl-api.patch
|
||||
|
||||
BuildRequires: cmake
|
||||
|
|
|
|||
|
|
@ -76,10 +76,14 @@ class _Const(object):
|
|||
@constant
|
||||
def KEYSIZE_SECTIONS():
|
||||
return [
|
||||
'minStaticKeySizes',
|
||||
'minEphemeralKeySizes',
|
||||
'minKeySizes',
|
||||
'sizesIfd',
|
||||
]
|
||||
|
||||
@constant
|
||||
def KEYSIZE_MIN_SECTION():
|
||||
return 'min'
|
||||
|
||||
@constant
|
||||
def TLS_VERSIONS():
|
||||
return {
|
||||
|
|
@ -101,9 +105,15 @@ def get_min_ssl_sec_level(json_data):
|
|||
if option in json_data[section]:
|
||||
if min_keysize > json_data[section][option]:
|
||||
min_keysize = json_data[section][option]
|
||||
elif option in json_data[section][CONST.KEYSIZE_MIN_SECTION]:
|
||||
if min_keysize > json_data[section][CONST.KEYSIZE_MIN_SECTION][option]:
|
||||
min_keysize = json_data[section][CONST.KEYSIZE_MIN_SECTION][option]
|
||||
if CONST.KEYSIZE_EC_OPTION in json_data[section]:
|
||||
if min_ecsize > json_data[section][CONST.KEYSIZE_EC_OPTION]:
|
||||
min_ecsize = json_data[section][CONST.KEYSIZE_EC_OPTION]
|
||||
elif CONST.KEYSIZE_EC_OPTION in json_data[section][CONST.KEYSIZE_MIN_SECTION]:
|
||||
if min_ecsize > json_data[section][CONST.KEYSIZE_MIN_SECTION][CONST.KEYSIZE_EC_OPTION]:
|
||||
min_ecsize = json_data[section][CONST.KEYSIZE_MIN_SECTION][CONST.KEYSIZE_EC_OPTION]
|
||||
|
||||
if min_keysize >= 1000 and min_ecsize >= 160:
|
||||
sec_level = 1
|
||||
|
|
|
|||
6
sources
6
sources
|
|
@ -1,4 +1,4 @@
|
|||
SHA512 (AusweisApp-2.0.3.tar.gz) = 4843c1cc0e510a350ef99e5c3810a1ed526832894d269b3791ff55341ad781186396275168d7c82d1abaf06cfb825ae626dad0a9bde2baec4db4e72103252053
|
||||
SHA512 (AusweisApp-2.0.3.tar.gz.asc) = 6efb1afff620f557c8b17e698c273086ea9189fd8689ada6ea2aaa0f3c8a41f4871472e9f35a626e63668e787f056fb15964b0f860808a923413ead3ece76f4c
|
||||
SHA512 (AusweisApp-2.0.3.tar.gz.sha256) = 5b349772a7bc456ff3912d2f9d885840ddb104bd4d45e77cf4b4e0d63650de3865a0fb6ade88983142f21b28165c366c2ca313e37979082c2d9b12559c20f828
|
||||
SHA512 (AusweisApp-2.2.2.tar.gz) = f86dabd4d7347e3986045407e0d2f94174552a676215292954d558d0b3c7df1ab5212b623a809bd36136ad79bd57541969e30783c46ddd01c786581ad01e727f
|
||||
SHA512 (AusweisApp-2.2.2.tar.gz.asc) = 416cba597bd35a4688c516b6d6812d5750be167b633fc7e367567d7af66dc02c22684c866e2c0e42cdd712052cabe0811321e2937c36793967855275d773993e
|
||||
SHA512 (AusweisApp-2.2.2.tar.gz.sha256) = 8dbc58f33a90eb05971bff008e3752bba55f5291be4269d970ec1a794c2295aa304ee32aba729ac22c9521edebce2a9c7420741fe35155ce18c6b91e9ec3e08b
|
||||
SHA512 (AusweisApp2-pubring.gpg) = 3aae27b673f4eb2f7d3bda6c839b3d11829a730bde546e92abb889abb1c2453e786dc906154074485406692f5b9abbb3e1fb293e6b397696b6371016723621cd
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue