wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

RT3674: Make no-cms build work.

Browse source 
Also has changes from from David Woodhouse <David.Woodhouse@intel.com>
and some tweaks from me.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
David Bar 2015-08-03 12:45:26 -04:00 committed by Rich Salz
parent 231efb9365
commit e968561d5e
8 changed files with 39 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
crypto/dh/Makefile
View file

@ -120,7 +120,7 @@ dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
dh_gen.o: ../include/internal/cryptlib.h dh_gen.c
dh_kdf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
dh_kdf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
dh_kdf.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
dh_kdf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
dh_kdf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h

6
crypto/dh/dh_kdf.c
View file

@ -51,13 +51,18 @@
* ====================================================================
*/
#include <e_os.h>
#ifndef OPENSSL_NO_CMS
#include <string.h>
#include <openssl/dh.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
#include <openssl/cms.h>
/* Key derivation from X9.42/RFC2631 */
/* Uses CMS functions, hence the #ifdef wrapper. */
#define DH_KDF_MAX (1L << 30)
@ -184,3 +189,4 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen,
EVP_MD_CTX_cleanup(&mctx);
return rv;
}
#endif

12
crypto/dh/dh_pmeth.c
View file

@ -205,7 +205,11 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
case EVP_PKEY_CTRL_DH_KDF_TYPE:
if (p1 == -2)
return dctx->kdf_type;
#ifdef OPENSSL_NO_CMS
if (p1 != EVP_PKEY_DH_KDF_NONE)
#else
if (p1 != EVP_PKEY_DH_KDF_NONE && p1 != EVP_PKEY_DH_KDF_X9_42)
#endif
return -2;
dctx->kdf_type = p1;
return 1;
@ -447,7 +451,10 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
return ret;
*keylen = ret;
return 1;
} else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
}
#ifndef OPENSSL_NO_CMS
else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
unsigned char *Z = NULL;
size_t Zlen = 0;
if (!dctx->kdf_outlen || !dctx->kdf_oid)
@ -475,7 +482,8 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
OPENSSL_clear_free(Z, Zlen);
return ret;
}
return 1;
#endif
return 0;
}
const EVP_PKEY_METHOD dh_pkey_meth = {

2
crypto/ec/ec_ameth.c
View file

@ -67,8 +67,10 @@
#include <openssl/asn1t.h>
#include "internal/asn1_int.h"
#ifndef OPENSSL_NO_CMS
static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
static int ecdh_cms_encrypt(CMS_RecipientInfo *ri);
#endif
static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
{

8
crypto/rsa/rsa_ameth.c
View file

@ -68,10 +68,12 @@
#endif
#include "internal/asn1_int.h"
#ifndef OPENSSL_NO_CMS
static int rsa_cms_sign(CMS_SignerInfo *si);
static int rsa_cms_verify(CMS_SignerInfo *si);
static int rsa_cms_decrypt(CMS_RecipientInfo *ri);
static int rsa_cms_encrypt(CMS_RecipientInfo *ri);
#endif
static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
{
@ -653,6 +655,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
return rv;
}
#ifndef OPENSSL_NO_CMS
static int rsa_cms_verify(CMS_SignerInfo *si)
{
int nid, nid2;
@ -671,6 +674,7 @@ static int rsa_cms_verify(CMS_SignerInfo *si)
}
return 0;
}
#endif
/*
* Customised RSA item verification routine. This is called when a signature
@ -693,6 +697,7 @@ static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
return -1;
}
#ifndef OPENSSL_NO_CMS
static int rsa_cms_sign(CMS_SignerInfo *si)
{
int pad_mode = RSA_PKCS1_PADDING;
@ -717,6 +722,7 @@ static int rsa_cms_sign(CMS_SignerInfo *si)
X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsassaPss), V_ASN1_SEQUENCE, os);
return 1;
}
#endif
static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
X509_ALGOR *alg1, X509_ALGOR *alg2,
@ -750,6 +756,7 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
return 2;
}
#ifndef OPENSSL_NO_CMS
static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg,
X509_ALGOR **pmaskHash)
{
@ -900,6 +907,7 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri)
ASN1_STRING_free(os);
return rv;
}
#endif
const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = {
{

4
include/openssl/dh.h
View file

@ -239,11 +239,13 @@ DH *DH_get_1024_160(void);
DH *DH_get_2048_224(void);
DH *DH_get_2048_256(void);
# ifndef OPENSSL_NO_CMS
/* RFC2631 KDF */
int DH_KDF_X9_42(unsigned char *out, size_t outlen,
const unsigned char *Z, size_t Zlen,
ASN1_OBJECT *key_oid,
const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
# endif
# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
@ -336,7 +338,9 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen,
/* KDF types */
# define EVP_PKEY_DH_KDF_NONE 1
# ifndef OPENSSL_NO_CMS
# define EVP_PKEY_DH_KDF_X9_42 2
# endif
/* BEGIN ERROR CODES */
/*

7
test/cms-test.pl
View file

@ -100,6 +100,13 @@ my $no_ec2m;
my $no_ecdh;
my $ossl8 = `$ossl_path version -v` =~ /0\.9\.8/;
system ("$ossl_path no-cms > $null_path");
if ($? == 0)
{
print "CMS disabled\n";
exit 0;
}
system ("$ossl_path no-ec > $null_path");
if ($? == 0)
{

2
util/libeay.num
View file

@ -4368,7 +4368,7 @@ DH_compute_key_padded 4732 EXIST::FUNCTION:DH
ECDSA_METHOD_set_sign 4733 EXIST::FUNCTION:EC
CMS_RecipientEncryptedKey_cert_cmp 4734 EXIST:!VMS:FUNCTION:CMS
CMS_RecipEncryptedKey_cert_cmp 4734 EXIST:VMS:FUNCTION:CMS
DH_KDF_X9_42 4735 EXIST::FUNCTION:DH
DH_KDF_X9_42 4735 EXIST::FUNCTION:CMS,DH
RSA_OAEP_PARAMS_free 4736 EXIST::FUNCTION:RSA
EVP_des_ede3_wrap 4737 EXIST::FUNCTION:DES
RSA_OAEP_PARAMS_it 4738 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA