rpms/AusweisApp2
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
AusweisApp2/AusweisApp2-2.0.1-use-legacy-openssl-api.patch

362 lines
13 KiB
Diff
Raw Blame History

diff -up AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp.legacyapi AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp
--- AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp.legacyapi 2023-11-08 16:55:33.000000000 +0100
+++ AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.cpp 2024-01-05 22:06:07.585023942 +0100
@@ -182,7 +182,6 @@ QByteArray EcdsaPublicKey::getUncompress
}
-#if OPENSSL_VERSION_NUMBER < 0x30000000L
QSharedPointer<EC_GROUP> EcdsaPublicKey::createGroup(const CurveData& pData) const
{
QSharedPointer<EC_GROUP> group = EcUtil::create(EC_GROUP_new_curve_GFp(pData.p.data(), pData.a.data(), pData.b.data(), nullptr));
@@ -209,8 +208,6 @@ QSharedPointer<EC_GROUP> EcdsaPublicKey:
}
-#endif
-
QSharedPointer<EVP_PKEY> EcdsaPublicKey::createKey(const QByteArray& pPublicPoint) const
{
return createKey(reinterpret_cast<const uchar*>(pPublicPoint.constData()), static_cast<int>(pPublicPoint.size()));
@@ -239,7 +236,6 @@ QSharedPointer<EVP_PKEY> EcdsaPublicKey:
return nullptr;
}
-#if OPENSSL_VERSION_NUMBER < 0x30000000L
const auto& group = createGroup(curveData);
if (group.isNull())
{
@@ -275,39 +271,4 @@ QSharedPointer<EVP_PKEY> EcdsaPublicKey:
return key;
-#else
- const auto& params = EcUtil::create([&curveData, pPublicPoint, pPublicPointLength, this](OSSL_PARAM_BLD* pBuilder){
- return OSSL_PARAM_BLD_push_BN(pBuilder, "p", curveData.p.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "a", curveData.a.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "b", curveData.b.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "order", curveData.order.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "cofactor", curveData.cofactor.data())
- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "pub", pPublicPoint, static_cast<size_t>(pPublicPointLength))
- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "generator", mBasePoint->data, static_cast<size_t>(mBasePoint->length))
- && OSSL_PARAM_BLD_push_utf8_string(pBuilder, "field-type", "prime-field", 12);
- });
-
- if (params == nullptr)
- {
- qCCritical(card) << "Cannot set parameter";
- return nullptr;
- }
-
- auto ctx = EcUtil::create(EVP_PKEY_CTX_new_from_name(nullptr, "EC", nullptr));
- if (!EVP_PKEY_fromdata_init(ctx.data()))
- {
- qCCritical(card) << "Cannot init pkey";
- return nullptr;
- }
-
- EVP_PKEY* key = nullptr;
- if (!EVP_PKEY_fromdata(ctx.data(), &key, EVP_PKEY_PUBLIC_KEY, params.data()))
- {
- qCCritical(card) << "Cannot fetch data for pkey";
- return nullptr;
- }
-
- return EcUtil::create(key);
-
-#endif
}
diff -up AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.h.legacyapi AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.h
--- AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.h.legacyapi 2023-11-08 16:55:33.000000000 +0100
+++ AusweisApp-2.0.1/src/card/base/asn1/EcdsaPublicKey.h 2024-01-05 21:26:24.850152676 +0100
@@ -13,9 +13,7 @@
#include <openssl/asn1t.h>
#include <openssl/evp.h>
-#if OPENSSL_VERSION_NUMBER < 0x30000000L
- #include <openssl/ec.h>
-#endif
+#include <openssl/ec.h>
namespace governikus
@@ -105,9 +103,7 @@ using EcdsaPublicKey = struct ecdsapubli
[[nodiscard]] CurveData createCurveData() const;
[[nodiscard]] QSharedPointer<EVP_PKEY> createKey(const uchar* pPublicPoint, int pPublicPointLength) const;
-#if OPENSSL_VERSION_NUMBER < 0x30000000L
[[nodiscard]] QSharedPointer<EC_GROUP> createGroup(const CurveData& pData) const;
-#endif
public:
static int decodeCallback(int pOperation, ASN1_VALUE** pVal, const ASN1_ITEM* pIt, void* pExarg);
diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.cpp.legacyapi AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.cpp
--- AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.cpp.legacyapi 2023-11-08 16:55:33.000000000 +0100
+++ AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.cpp 2024-01-05 21:51:28.494919678 +0100
@@ -37,13 +37,8 @@ QByteArray EcdhGenericMapping::generateT
mTerminalKey = EcUtil::generateKey(mCurve);
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- return EcUtil::getEncodedPublicKey(mTerminalKey);
-
-#else
return EcUtil::point2oct(mCurve, EC_KEY_get0_public_key(mTerminalKey.data()));
-#endif
}
@@ -56,12 +51,7 @@ bool EcdhGenericMapping::generateEphemer
return false;
}
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- const QSharedPointer<const EC_POINT> terminalPubKeyPtr = EcUtil::oct2point(mCurve, EcUtil::getEncodedPublicKey(mTerminalKey));
- const EC_POINT* terminalPubKey = terminalPubKeyPtr.data();
-#else
const EC_POINT* terminalPubKey = EC_KEY_get0_public_key(mTerminalKey.data());
-#endif
if (!EC_POINT_cmp(mCurve.data(), terminalPubKey, cardPubKey.data(), nullptr))
{
qCCritical(card) << "The exchanged public keys are equal.";
@@ -81,12 +71,7 @@ bool EcdhGenericMapping::generateEphemer
QSharedPointer<EC_POINT> EcdhGenericMapping::createNewGenerator(const QSharedPointer<const EC_POINT>& pCardPubKey, const QSharedPointer<const BIGNUM>& pS)
{
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- const auto& privKeyPtr = EcUtil::getPrivateKey(mTerminalKey);
- const BIGNUM* privKey = privKeyPtr.data();
-#else
const BIGNUM* privKey = EC_KEY_get0_private_key(mTerminalKey.data());
-#endif
if (!privKey)
{
diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.h.legacyapi AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.h
--- AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.h.legacyapi 2023-11-08 16:55:33.000000000 +0100
+++ AusweisApp-2.0.1/src/card/base/pace/ec/EcdhGenericMapping.h 2024-01-05 21:52:19.801808499 +0100
@@ -22,11 +22,7 @@ class EcdhGenericMapping
private:
const QSharedPointer<EC_GROUP> mCurve;
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- QSharedPointer<EVP_PKEY> mTerminalKey;
-#else
QSharedPointer<EC_KEY> mTerminalKey;
-#endif
QSharedPointer<EC_POINT> createNewGenerator(const QSharedPointer<const EC_POINT>& pCardPubKey, const QSharedPointer<const BIGNUM>& pS);
diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcdhKeyAgreement.cpp.legacyapi AusweisApp-2.0.1/src/card/base/pace/ec/EcdhKeyAgreement.cpp
--- AusweisApp-2.0.1/src/card/base/pace/ec/EcdhKeyAgreement.cpp.legacyapi 2023-11-08 16:55:33.000000000 +0100
+++ AusweisApp-2.0.1/src/card/base/pace/ec/EcdhKeyAgreement.cpp 2024-01-05 21:37:17.920243239 +0100
@@ -105,15 +105,8 @@ KeyAgreement::CardResult EcdhKeyAgreemen
return {CardReturnCode::PROTOCOL_ERROR};
}
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- const QByteArray terminalEphemeralPublicKeyBytes = EcUtil::getEncodedPublicKey(terminalEphemeralKey);
-
- const auto& privKeyPtr = EcUtil::getPrivateKey(terminalEphemeralKey);
- const BIGNUM* terminalEphemeralPrivateKey = privKeyPtr.data();
-#else
const QByteArray terminalEphemeralPublicKeyBytes = EcUtil::point2oct(curve, EC_KEY_get0_public_key(terminalEphemeralKey.data()));
const BIGNUM* const terminalEphemeralPrivateKey = EC_KEY_get0_private_key(terminalEphemeralKey.data());
-#endif
// Make a copy of the terminal public key for later mutual authentication.
mTerminalPublicKey = EcUtil::oct2point(curve, terminalEphemeralPublicKeyBytes);
diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.cpp.legacyapi AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.cpp
--- AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.cpp.legacyapi 2023-11-08 16:55:33.000000000 +0100
+++ AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.cpp 2024-01-05 20:33:28.156797843 +0100
@@ -88,137 +88,6 @@ QSharedPointer<EC_POINT> EcUtil::oct2poi
}
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-QByteArray EcUtil::getEncodedPublicKey(const QSharedPointer<EVP_PKEY>& pKey)
-{
- if (pKey.isNull())
- {
- qCCritical(card) << "Cannot use undefined key";
- return nullptr;
- }
-
- uchar* key = nullptr;
- const size_t length = EVP_PKEY_get1_encoded_public_key(pKey.data(), &key);
- const auto guard = qScopeGuard([key] {
- OPENSSL_free(key);
- });
-
- return length > 0 ? QByteArray(reinterpret_cast<char*>(key), static_cast<int>(length)) : QByteArray();
-}
-
-
-QSharedPointer<BIGNUM> EcUtil::getPrivateKey(const QSharedPointer<const EVP_PKEY>& pKey)
-{
- BIGNUM* privKey = nullptr;
- EVP_PKEY_get_bn_param(pKey.data(), "priv", &privKey);
- return EcUtil::create(privKey);
-}
-
-
-QSharedPointer<OSSL_PARAM> EcUtil::create(const std::function<bool(OSSL_PARAM_BLD* pBuilder)>& pFunc)
-{
- OSSL_PARAM_BLD* bld = OSSL_PARAM_BLD_new();
- const auto guard = qScopeGuard([bld] {
- OSSL_PARAM_BLD_free(bld);
- });
-
- if (bld == nullptr)
- {
- qCCritical(card) << "Cannot create parameter builder";
- return nullptr;
- }
-
- if (OSSL_PARAM* params = nullptr;
- pFunc(bld) && (params = OSSL_PARAM_BLD_to_param(bld)) != nullptr)
- {
- static auto deleter = [](OSSL_PARAM* pParam)
- {
- OSSL_PARAM_free(pParam);
- };
-
- return QSharedPointer<OSSL_PARAM>(params, deleter);
- }
-
- qCCritical(card) << "Cannot create parameter";
- return nullptr;
-}
-
-
-QSharedPointer<EVP_PKEY> EcUtil::generateKey(const QSharedPointer<const EC_GROUP>& pCurve)
-{
- if (pCurve.isNull())
- {
- qCCritical(card) << "Curve is undefined";
- return nullptr;
- }
-
- auto generator = EcUtil::point2oct(pCurve, EC_GROUP_get0_generator(pCurve.data()));
-
- auto order = EcUtil::create(BN_new());
- if (!EC_GROUP_get_order(pCurve.data(), order.data(), nullptr))
- {
- qCCritical(card) << "Cannot fetch order";
- return nullptr;
- }
-
- auto cofactor = EcUtil::create(BN_new());
- if (!EC_GROUP_get_cofactor(pCurve.data(), cofactor.data(), nullptr))
- {
- qCCritical(card) << "Cannot fetch cofactor";
- return nullptr;
- }
-
- auto p = EcUtil::create(BN_new());
- auto a = EcUtil::create(BN_new());
- auto b = EcUtil::create(BN_new());
- if (!EC_GROUP_get_curve(pCurve.data(), p.data(), a.data(), b.data(), nullptr))
- {
- qCCritical(card) << "Cannot fetch a, b or p";
- return nullptr;
- }
-
- const auto& params = EcUtil::create([&p, &a, &b, &order, &cofactor, &generator](OSSL_PARAM_BLD* pBuilder){
- return OSSL_PARAM_BLD_push_BN(pBuilder, "p", p.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "a", a.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "b", b.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "order", order.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "cofactor", cofactor.data())
- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "generator", generator.data(), static_cast<size_t>(generator.size()))
- && OSSL_PARAM_BLD_push_utf8_string(pBuilder, "field-type", "prime-field", 12);
- });
-
- if (params == nullptr)
- {
- qCCritical(card) << "Cannot set parameter";
- return nullptr;
- }
-
- auto ctx = EcUtil::create(EVP_PKEY_CTX_new_from_name(nullptr, "EC", nullptr));
- if (!ctx)
- {
- qCCritical(card) << "Cannot create EVP_PKEY_CTX";
- return nullptr;
- }
- EVP_PKEY_keygen_init(ctx.data());
-
- if (!EVP_PKEY_CTX_set_params(ctx.data(), params.data()))
- {
- qCCritical(card) << "Cannot set params to EVP_PKEY_CTX";
- return nullptr;
- }
-
- EVP_PKEY* key = nullptr;
- if (!EVP_PKEY_generate(ctx.data(), &key))
- {
- qCCritical(card) << "Cannot create EVP_PKEY";
- return nullptr;
- }
-
- return EcUtil::create(key);
-}
-
-
-#else
QSharedPointer<EC_KEY> EcUtil::generateKey(const QSharedPointer<const EC_GROUP>& pCurve)
{
if (pCurve.isNull())
@@ -242,6 +111,3 @@ QSharedPointer<EC_KEY> EcUtil::generateK
return key;
}
-
-
-#endif
diff -up AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h.legacyapi AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h
--- AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h.legacyapi 2023-11-08 16:55:33.000000000 +0100
+++ AusweisApp-2.0.1/src/card/base/pace/ec/EcUtil.h 2024-01-05 22:15:17.157430740 +0100
@@ -30,9 +30,7 @@ class EcUtil
static QSharedPointer<EC_GROUP> create(EC_GROUP* pEcGroup);
-#if OPENSSL_VERSION_NUMBER < 0x30000000L
static QSharedPointer<EC_KEY> create(EC_KEY* pEcKey);
-#endif
static QSharedPointer<EC_POINT> create(EC_POINT* pEcPoint);
@@ -42,14 +40,7 @@ class EcUtil
static QSharedPointer<EVP_PKEY_CTX> create(EVP_PKEY_CTX* pEcGroup);
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- static QByteArray getEncodedPublicKey(const QSharedPointer<EVP_PKEY>& pKey);
- static QSharedPointer<BIGNUM> getPrivateKey(const QSharedPointer<const EVP_PKEY>& pKey);
- static QSharedPointer<OSSL_PARAM> create(const std::function<bool(OSSL_PARAM_BLD* pBuilder)>& pFunc);
- static QSharedPointer<EVP_PKEY> generateKey(const QSharedPointer<const EC_GROUP>& pCurve);
-#else
static QSharedPointer<EC_KEY> generateKey(const QSharedPointer<const EC_GROUP>& pCurve);
-#endif
static QSharedPointer<EC_GROUP> createCurve(int pNid);
};
@@ -66,7 +57,6 @@ inline QSharedPointer<EC_GROUP> EcUtil::
}
-#if OPENSSL_VERSION_NUMBER < 0x30000000L
inline QSharedPointer<EC_KEY> EcUtil::create(EC_KEY* pEcKey)
{
static auto deleter = [](EC_KEY* ecKey)
@@ -78,8 +68,6 @@ inline QSharedPointer<EC_KEY> EcUtil::cr
}
-#endif
-
inline QSharedPointer<EC_POINT> EcUtil::create(EC_POINT* pEcPoint)
{
static auto deleter = [](EC_POINT* ecPoint)
Reference in a new issue View git blame Copy permalink