Overview

File xca-OpenSSL3-compat.patch of Package xca

From 802a8787cfffe5d944e74ffd9acb87a52f9e2362 Mon Sep 17 00:00:00 2001
From: Christian Hohnstaedt <christian@hohnstaedt.de>
Date: Wed, 12 May 2021 08:41:34 +0200
Subject: Adaptions to stay OpenSSL 3.0 alpha16 compatible

---
 lib/pkcs11.cpp    |  9 +++------
 lib/pki_evp.cpp   |  4 ++--
 lib/pki_key.cpp   | 14 +++++++-------
 lib/pki_scard.cpp | 12 ++++++------
 4 files changed, 18 insertions(+), 21 deletions(-)

Index: lib/pkcs11.cpp
===================================================================
--- lib/pkcs11.cpp.orig
+++ lib/pkcs11.cpp
@@ -815,8 +815,7 @@ EVP_PKEY *pkcs11::getPrivateKey(EVP_PKEY
 
 	switch (EVP_PKEY_type(keytype)) {
 	case EVP_PKEY_RSA:
-		rsa = EVP_PKEY_get0_RSA(pub);
-		rsa = RSAPublicKey_dup(rsa);
+		rsa = RSAPublicKey_dup(EVP_PKEY_get0_RSA(pub));
 		openssl_error();
 		if (!rsa_meth) {
 #if OPENSSL_VERSION_NUMBER >= 0x1010000L
@@ -840,8 +839,7 @@ EVP_PKEY *pkcs11::getPrivateKey(EVP_PKEY
 		EVP_PKEY_assign_RSA(evp, rsa);
 		break;
 	case EVP_PKEY_DSA:
-		dsa = EVP_PKEY_get0_DSA(pub);
-		dsa = DSAparams_dup(dsa);
+		dsa = DSAparams_dup(EVP_PKEY_get0_DSA(pub));
 		openssl_error();
 		if (!dsa_meth) {
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
@@ -864,8 +862,7 @@ EVP_PKEY *pkcs11::getPrivateKey(EVP_PKEY
 		break;
 #if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x10100000L
 	case EVP_PKEY_EC:
-		ec = EVP_PKEY_get0_EC_KEY(pub);
-		ec = EC_KEY_dup(ec);
+		ec = EC_KEY_dup(EVP_PKEY_get0_EC_KEY(pub));
 		openssl_error();
 		if (!ec_key_meth) {
 			ec_key_meth = setup_ec_key_meth();
Index: lib/pki_evp.cpp
===================================================================
--- lib/pki_evp.cpp.orig
+++ lib/pki_evp.cpp
@@ -263,7 +263,7 @@ void pki_evp::fromPEMbyteArray(const QBy
 static void search_ec_oid(EVP_PKEY *pkey)
 {
 #ifndef OPENSSL_NO_EC
-	EC_KEY *ec;
+	const EC_KEY *ec;
 	int keytype = EVP_PKEY_id(pkey);
 
 	if (keytype != EVP_PKEY_EC)
@@ -388,7 +388,7 @@ void pki_evp::fload(const QString &fname
 void pki_evp::fromData(const unsigned char *p, db_header_t *head)
 {
 	int version, type, size;
-	void *ptr = NULL;
+	const void *ptr = NULL;
 
 	if (key)
 		EVP_PKEY_free(key);
@@ -408,8 +408,23 @@ void pki_evp::fromData(const unsigned ch
 	}
 	pki_openssl_error();
 
-	if (key)
-		ptr = EVP_PKEY_get0(key);
+	if (key) {
+		switch (EVP_PKEY_type(EVP_PKEY_id(key))) {
+		case EVP_PKEY_RSA:
+			ptr = EVP_PKEY_get0_RSA(key);
+			break;
+		case EVP_PKEY_DSA:
+			ptr = EVP_PKEY_get0_DSA(key);
+			break;
+#ifndef OPENSSL_NO_EX
+		case EVP_PKEY_EC:
+			ptr = EVP_PKEY_get0_EC_KEY(key);
+			break;
+#endif
+		default:
+			ptr = EVP_PKEY_get0(key);
+		}
+	}
 	if (!ptr)
 		throw errorEx(tr("Ignoring unsupported private key"));
 
@@ -523,8 +538,8 @@ EVP_PKEY *pki_evp::legacyDecryptKey(QByt
 #endif
 	pki_openssl_error();
 	if (EVP_PKEY_type(getKeyType()) == EVP_PKEY_RSA) {
-		RSA *rsa = EVP_PKEY_get0_RSA(tmpkey);
-		RSA_blinding_on(rsa, NULL);
+		const RSA *rsa = EVP_PKEY_get0_RSA(tmpkey);
+		RSA_blinding_on((RSA *) rsa, NULL);
 	}
 	myencKey.fill(0);
 	return tmpkey;
@@ -833,7 +848,7 @@ bool pki_evp::verify_priv(EVP_PKEY *pkey
 		EVP_PKEY_CTX_free(ctx);
 #endif
 	if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA && EVP_PKEY_isPrivKey(pkey)) {
-		RSA *rsa = EVP_PKEY_get0_RSA(pkey);
+		const RSA *rsa = EVP_PKEY_get0_RSA(pkey);
 		if (RSA_check_key(rsa) != 1)
 			verify = false;
 	}
Index: lib/pki_key.cpp
===================================================================
--- lib/pki_key.cpp.orig
+++ lib/pki_key.cpp
@@ -147,7 +147,7 @@ QString pki_key::length() const
 
 	if (EVP_PKEY_id(key) == EVP_PKEY_DSA) {
 		const BIGNUM *p = NULL;
-		DSA *dsa = EVP_PKEY_get0_DSA(key);
+		const DSA *dsa = EVP_PKEY_get0_DSA(key);
 		if (dsa)
 			DSA_get0_pqg(dsa, &p, NULL, NULL);
 		dsa_unset = p == NULL;
@@ -264,7 +264,7 @@ QString pki_key::modulus() const
 	if (getKeyType() == EVP_PKEY_RSA) {
 		const BIGNUM *n = NULL;
 
-		RSA *rsa = EVP_PKEY_get0_RSA(key);
+		const RSA *rsa = EVP_PKEY_get0_RSA(key);
 		RSA_get0_key(rsa, &n, NULL, NULL);
 		return BN2QString(n);
 	}
@@ -275,7 +275,7 @@ QString pki_key::pubEx() const
 {
 	if (getKeyType() == EVP_PKEY_RSA) {
 		const BIGNUM *e = NULL;
-		RSA *rsa = EVP_PKEY_get0_RSA(key);
+		const RSA *rsa = EVP_PKEY_get0_RSA(key);
 		RSA_get0_key(rsa, NULL, &e, NULL);
 		return BN2QString(e);
 	}
@@ -286,7 +286,7 @@ QString pki_key::subprime() const
 {
 	if (getKeyType() == EVP_PKEY_DSA) {
 		const BIGNUM *q = NULL;
-		DSA *dsa = EVP_PKEY_get0_DSA(key);
+		const DSA *dsa = EVP_PKEY_get0_DSA(key);
 		if (dsa)
 			DSA_get0_pqg(dsa, NULL, &q, NULL);
 		return BN2QString(q);
@@ -298,7 +298,7 @@ QString pki_key::pubkey() const
 {
 	if (getKeyType() == EVP_PKEY_DSA) {
 		const BIGNUM *pubkey = NULL;
-		DSA *dsa = EVP_PKEY_get0_DSA(key);
+		const DSA *dsa = EVP_PKEY_get0_DSA(key);
 		if (dsa)
 			DSA_get0_key(dsa, &pubkey, NULL);
 		return BN2QString(pubkey);
@@ -678,7 +678,7 @@ QByteArray pki_key::SSH2publicQByteArray
 		txt = "ssh-rsa";
 		ssh_key_QBA2data(txt, &data);
 		{
-			RSA *rsa = EVP_PKEY_get0_RSA(key);
+			const RSA *rsa = EVP_PKEY_get0_RSA(key);
 			const BIGNUM *n, *e;
 			RSA_get0_key(rsa, &n, &e, NULL);
 			ssh_key_bn2data(e, &data);
@@ -689,7 +689,7 @@ QByteArray pki_key::SSH2publicQByteArray
 		txt = "ssh-dss";
 		ssh_key_QBA2data(txt, &data);
 		{
-			DSA *dsa = EVP_PKEY_get0_DSA(key);
+			const DSA *dsa = EVP_PKEY_get0_DSA(key);
 			const BIGNUM *p, *q, *g, *pubkey;
 			DSA_get0_pqg(dsa, &p, &q, &g);
 			DSA_get0_key(dsa, &pubkey, NULL);
Index: lib/pki_scard.cpp
===================================================================
--- lib/pki_scard.cpp.orig
+++ lib/pki_scard.cpp
@@ -298,10 +298,10 @@ void pki_scard::deleteFromToken()
 pk11_attlist pki_scard::objectAttributesNoId(EVP_PKEY *pk, bool priv) const
 {
 	QByteArray ba;
-	RSA *rsa;
-	DSA *dsa;
+	const RSA *rsa;
+	const DSA *dsa;
 #ifndef OPENSSL_NO_EC
-	EC_KEY *ec;
+	const EC_KEY *ec;
 #endif
 	const BIGNUM *n = NULL;
 	const BIGNUM *e = NULL;
@@ -406,10 +406,10 @@ int pki_scard::renameOnToken(const sloti
 void pki_scard::store_token(const slotid &slot, EVP_PKEY *pkey)
 {
 	QByteArray ba;
-	RSA *rsa;
-	DSA *dsa;
+	const RSA *rsa;
+	const DSA *dsa;
 #ifndef OPENSSL_NO_EC
-	EC_KEY *ec;
+	const EC_KEY *ec;
 #endif
 	pk11_attlist pub_atts;
 	pk11_attlist priv_atts;
@@ -714,7 +714,7 @@ pki_scard::~pki_scard()
 void pki_scard::fromData(const unsigned char *p, db_header_t *head )
 {
 	int version, size;
-	void *ptr = NULL;
+	const void *ptr = NULL;
 
 	size = head->len - sizeof(db_header_t);
         version = head->version;
@@ -736,8 +736,23 @@ void pki_scard::fromData(const unsigned
 
 	d2i(ba);
 
-	if (key)
-		ptr = EVP_PKEY_get0(key);
+	if (key) {
+		switch (EVP_PKEY_type(EVP_PKEY_id(key))) {
+		case EVP_PKEY_RSA:
+			ptr = EVP_PKEY_get0_RSA(key);
+			break;
+		case EVP_PKEY_DSA:
+			ptr = EVP_PKEY_get0_DSA(key);
+			break;
+#ifndef OPENSSL_NO_EX
+		case EVP_PKEY_EC:
+			ptr = EVP_PKEY_get0_EC_KEY(key);
+			break;
+#endif
+		default:
+			ptr = EVP_PKEY_get0(key);
+		}
+	}
 
 	if (!ptr)
 		throw errorEx(tr("Ignoring unsupported token key"));
openSUSE Build Service is sponsored by
Places