Remove unused patches
This commit is contained in:
Jakub Jelen
parent
9b0290edd0
commit
269905c915
@ -1,26 +0,0 @@
|
||||
From 6d02503e19680a9f3f4e556e4cd99b1c2bbf6d1a Mon Sep 17 00:00:00 2001
|
||||
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
||||
Date: Fri, 28 Feb 2014 16:17:37 +0100
|
||||
Subject: [PATCH] Call dlclose() only when having a valid handle.
|
||||
|
||||
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
||||
---
|
||||
src/common/libpkcs11.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/common/libpkcs11.c b/src/common/libpkcs11.c
|
||||
index f8c70a7..b22d16d 100644
|
||||
--- a/src/common/libpkcs11.c
|
||||
+++ b/src/common/libpkcs11.c
|
||||
@@ -74,7 +74,7 @@ C_UnloadModule(void *module)
|
||||
if (!mod || mod->_magic != MAGIC)
|
||||
return CKR_ARGUMENTS_BAD;
|
||||
|
||||
- if (sc_dlclose(mod->handle) < 0)
|
||||
+ if (mod->handle != NULL && sc_dlclose(mod->handle) < 0)
|
||||
return CKR_FUNCTION_FAILED;
|
||||
|
||||
memset(mod, 0, sizeof(*mod));
|
||||
--
|
||||
1.8.5.3
|
||||
|
||||
@ -1,24 +0,0 @@
|
||||
diff --git a/src/libopensc/card-epass2003.c b/src/libopensc/card-epass2003.c
|
||||
index 80088b9..6f04573 100644
|
||||
--- a/src/libopensc/card-epass2003.c
|
||||
+++ b/src/libopensc/card-epass2003.c
|
||||
@@ -117,8 +117,8 @@ openssl_enc(const EVP_CIPHER * cipher, const unsigned char *key, const unsigned
|
||||
|
||||
memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH);
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
|
||||
EVP_EncryptInit_ex(&ctx, cipher, NULL, key, iv_tmp);
|
||||
+ EVP_CIPHER_CTX_set_padding(&ctx, 0);
|
||||
|
||||
if (!EVP_EncryptUpdate(&ctx, output, &outl, input, length))
|
||||
goto out;
|
||||
@@ -146,8 +146,8 @@ openssl_dec(const EVP_CIPHER * cipher, const unsigned char *key, const unsigned
|
||||
|
||||
memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH);
|
||||
EVP_CIPHER_CTX_init(&ctx);
|
||||
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
|
||||
EVP_DecryptInit_ex(&ctx, cipher, NULL, key, iv_tmp);
|
||||
+ EVP_CIPHER_CTX_set_padding(&ctx, 0);
|
||||
|
||||
if (!EVP_DecryptUpdate(&ctx, output, &outl, input, length))
|
||||
goto out;
|
||||
@ -1,12 +0,0 @@
|
||||
diff -ur opensc-0.13.0.orig/src/pkcs15init/myeid.profile opensc-0.13.0/src/pkcs15init/myeid.profile
|
||||
--- opensc-0.13.0.orig/src/pkcs15init/myeid.profile 2012-12-04 15:43:40.000000000 +0100
|
||||
+++ opensc-0.13.0/src/pkcs15init/myeid.profile 2014-01-06 14:04:22.795401836 +0100
|
||||
@@ -201,7 +201,7 @@
|
||||
acl = READ=$PIN, UPDATE=$PIN, DELETE=$PIN;
|
||||
}
|
||||
EF data {
|
||||
- file-id = 4501;
|
||||
+ file-id = 4601;
|
||||
structure = transparent;
|
||||
acl = READ=NONE, UPDATE=$PIN, DELETE=$PIN;
|
||||
}
|
||||
@ -1,64 +0,0 @@
|
||||
diff -ur opensc-0.13.0.orig/src/tools/pkcs11-tool.c opensc-0.13.0/src/tools/pkcs11-tool.c
|
||||
--- opensc-0.13.0.orig/src/tools/pkcs11-tool.c 2012-12-04 15:43:40.000000000 +0100
|
||||
+++ opensc-0.13.0/src/tools/pkcs11-tool.c 2014-02-28 16:33:19.234607615 +0100
|
||||
@@ -1778,6 +1778,9 @@
|
||||
CK_RV rv;
|
||||
int need_to_parse_certdata = 0;
|
||||
unsigned char *oid_buf = NULL;
|
||||
+ CK_OBJECT_CLASS clazz;
|
||||
+ CK_CERTIFICATE_TYPE cert_type;
|
||||
+ CK_KEY_TYPE type = CKK_RSA;
|
||||
#ifdef ENABLE_OPENSSL
|
||||
struct x509cert_info cert;
|
||||
struct rsakey_info rsa;
|
||||
@@ -1858,8 +1861,8 @@
|
||||
}
|
||||
|
||||
if (opt_object_class == CKO_CERTIFICATE) {
|
||||
- CK_OBJECT_CLASS clazz = CKO_CERTIFICATE;
|
||||
- CK_CERTIFICATE_TYPE cert_type = CKC_X_509;
|
||||
+ clazz = CKO_CERTIFICATE;
|
||||
+ cert_type = CKC_X_509;
|
||||
|
||||
FILL_ATTR(cert_templ[0], CKA_TOKEN, &_true, sizeof(_true));
|
||||
FILL_ATTR(cert_templ[1], CKA_VALUE, contents, contents_len);
|
||||
@@ -1892,7 +1895,7 @@
|
||||
}
|
||||
else
|
||||
if (opt_object_class == CKO_PRIVATE_KEY) {
|
||||
- CK_OBJECT_CLASS clazz = CKO_PRIVATE_KEY;
|
||||
+ clazz = CKO_PRIVATE_KEY;
|
||||
|
||||
n_privkey_attr = 0;
|
||||
FILL_ATTR(privkey_templ[n_privkey_attr], CKA_CLASS, &clazz, sizeof(clazz));
|
||||
@@ -1940,7 +1943,7 @@
|
||||
}
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(OPENSSL_NO_EC)
|
||||
else if (evp_key->type == NID_id_GostR3410_2001) {
|
||||
- CK_KEY_TYPE type = CKK_GOSTR3410;
|
||||
+ type = CKK_GOSTR3410;
|
||||
|
||||
FILL_ATTR(privkey_templ[n_privkey_attr], CKA_KEY_TYPE, &type, sizeof(type));
|
||||
n_privkey_attr++;
|
||||
@@ -1958,8 +1961,8 @@
|
||||
}
|
||||
else
|
||||
if (opt_object_class == CKO_PUBLIC_KEY) {
|
||||
- CK_OBJECT_CLASS clazz = CKO_PUBLIC_KEY;
|
||||
- CK_KEY_TYPE type = CKK_RSA;
|
||||
+ clazz = CKO_PUBLIC_KEY;
|
||||
+ type = CKK_RSA;
|
||||
|
||||
FILL_ATTR(pubkey_templ[0], CKA_CLASS, &clazz, sizeof(clazz));
|
||||
FILL_ATTR(pubkey_templ[1], CKA_KEY_TYPE, &type, sizeof(type));
|
||||
@@ -1998,7 +2001,7 @@
|
||||
}
|
||||
else
|
||||
if (opt_object_class == CKO_DATA) {
|
||||
- CK_OBJECT_CLASS clazz = CKO_DATA;
|
||||
+ clazz = CKO_DATA;
|
||||
FILL_ATTR(data_templ[0], CKA_CLASS, &clazz, sizeof(clazz));
|
||||
FILL_ATTR(data_templ[1], CKA_TOKEN, &_true, sizeof(_true));
|
||||
FILL_ATTR(data_templ[2], CKA_VALUE, &contents, contents_len);
|
||||
Only in opensc-0.13.0/src/tools: pkcs11-tool.c~
|
||||
Only in opensc-0.13.0/src/tools: pkcs11-tool.c.orig
|
||||
@ -1,107 +0,0 @@
|
||||
From c6c7a27bc90f0c5b8e8ecf0fe2fc1db89ac56fd9 Mon Sep 17 00:00:00 2001
|
||||
From: Doug Engert <deengert@gmail.com>
|
||||
Date: Tue, 25 Oct 2016 21:49:48 -0500
|
||||
Subject: [PATCH] prkey_fixup_rsa changes for OpenSSL-1.1.0
|
||||
|
||||
Remove restrictions in prkey_fixup_rsa:
|
||||
/* Not thread safe, but much better than a memory leak */
|
||||
/* TODO put on stack, or allocate and clear and then free */
|
||||
Compute dmp1, dmp1 and/or iqmp if not in sc_pkcs15_prkey_rsa
|
||||
|
||||
Remove the GETBN macro that was causing problems.
|
||||
|
||||
Changes to be committed:
|
||||
modified: src/pkcs15init/pkcs15-lib.c
|
||||
---
|
||||
src/pkcs15init/pkcs15-lib.c | 43 +++++++++++++++++++++++++++++++------------
|
||||
1 file changed, 31 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/src/pkcs15init/pkcs15-lib.c b/src/pkcs15init/pkcs15-lib.c
|
||||
index 72a4b4a..eabcd4f 100644
|
||||
--- a/src/pkcs15init/pkcs15-lib.c
|
||||
+++ b/src/pkcs15init/pkcs15-lib.c
|
||||
@@ -46,6 +46,7 @@
|
||||
#endif
|
||||
#include <assert.h>
|
||||
#ifdef ENABLE_OPENSSL
|
||||
+#include <openssl/opensslv.h>
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/pem.h>
|
||||
@@ -55,6 +56,7 @@
|
||||
#include <openssl/pkcs12.h>
|
||||
#endif
|
||||
|
||||
+#include "libopensc/sc-ossl-compat.h"
|
||||
#include "common/compat_strlcpy.h"
|
||||
#include "common/libscdl.h"
|
||||
#include "libopensc/pkcs15.h"
|
||||
@@ -2162,11 +2164,6 @@ prkey_fixup_rsa(struct sc_pkcs15_card *p15card, struct sc_pkcs15_prkey_rsa *key)
|
||||
}
|
||||
|
||||
#ifdef ENABLE_OPENSSL
|
||||
-#define GETBN(dst, src, mem) \
|
||||
- do { dst.len = BN_num_bytes(src); \
|
||||
- assert(dst.len <= sizeof(mem)); \
|
||||
- BN_bn2bin(src, dst.data = mem); \
|
||||
- } while (0)
|
||||
|
||||
/* Generate additional parameters.
|
||||
* At least the GPK seems to need the full set of CRT
|
||||
@@ -2178,7 +2175,6 @@ prkey_fixup_rsa(struct sc_pkcs15_card *p15card, struct sc_pkcs15_prkey_rsa *key)
|
||||
/* We don't really need an RSA structure, only the BIGNUMs */
|
||||
|
||||
if (!key->dmp1.len || !key->dmq1.len || !key->iqmp.len) {
|
||||
- static u8 dmp1[256], dmq1[256], iqmp[256];
|
||||
BIGNUM *aux;
|
||||
BN_CTX *bn_ctx;
|
||||
BIGNUM *rsa_n, *rsa_e, *rsa_d, *rsa_p, *rsa_q, *rsa_dmp1, *rsa_dmq1, *rsa_iqmp;
|
||||
@@ -2206,11 +2202,35 @@ prkey_fixup_rsa(struct sc_pkcs15_card *p15card, struct sc_pkcs15_prkey_rsa *key)
|
||||
BN_clear_free(aux);
|
||||
BN_CTX_free(bn_ctx);
|
||||
|
||||
- /* Not thread safe, but much better than a memory leak */
|
||||
- /* TODO put on stack, or allocate and clear and then free */
|
||||
- GETBN(key->dmp1, rsa_dmp1, dmp1);
|
||||
- GETBN(key->dmq1, rsa_dmq1, dmq1);
|
||||
- GETBN(key->iqmp, rsa_iqmp, iqmp);
|
||||
+ /* Do not replace, only fill in missing */
|
||||
+ if (key->dmp1.data == NULL) {
|
||||
+ key->dmp1.len = BN_num_bytes(rsa_dmp1);
|
||||
+ key->dmp1.data = malloc(key->dmp1.len);
|
||||
+ if (key->dmp1.data) {
|
||||
+ BN_bn2bin(rsa_dmp1, key->dmp1.data);
|
||||
+ } else {
|
||||
+ key->dmp1.len = 0;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if (key->dmq1.data == NULL) {
|
||||
+ key->dmq1.len = BN_num_bytes(rsa_dmq1);
|
||||
+ key->dmq1.data = malloc(key->dmq1.len);
|
||||
+ if (key->dmq1.data) {
|
||||
+ BN_bn2bin(rsa_dmq1, key->dmq1.data);
|
||||
+ } else {
|
||||
+ key->dmq1.len = 0;
|
||||
+ }
|
||||
+ }
|
||||
+ if (key->iqmp.data == NULL) {
|
||||
+ key->iqmp.len = BN_num_bytes(rsa_iqmp);
|
||||
+ key->iqmp.data = malloc(key->iqmp.len);
|
||||
+ if (key->iqmp.data) {
|
||||
+ BN_bn2bin(rsa_iqmp, key->iqmp.data);
|
||||
+ } else {
|
||||
+ key->iqmp.len = 0;
|
||||
+ }
|
||||
+ }
|
||||
|
||||
BN_clear_free(rsa_n);
|
||||
BN_clear_free(rsa_e);
|
||||
@@ -2222,7 +2242,6 @@ prkey_fixup_rsa(struct sc_pkcs15_card *p15card, struct sc_pkcs15_prkey_rsa *key)
|
||||
BN_clear_free(rsa_iqmp);
|
||||
|
||||
}
|
||||
-#undef GETBN
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user