mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[crypto,pkey] add openssl3 support

Browse Source
This commit is contained in:
akallabeth 2023-04-25 08:25:48 +02:00 committed by Martin Fleisz
parent be74ce00a7
commit 9ebbeeb2f6
3 changed files with 45 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/freerdp/crypto/privatekey.h
View File

@ -38,6 +38,8 @@ extern "C"
FREERDP_API BOOL freerdp_key_is_rsa(const rdpPrivateKey* key); FREERDP_API BOOL freerdp_key_is_rsa(const rdpPrivateKey* key);
FREERDP_API size_t freerdp_key_get_bits(const rdpPrivateKey* key);
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

41
libfreerdp/crypto/privatekey.c
View File

@ -44,6 +44,10 @@
#include <openssl/evp.h> #include <openssl/evp.h>
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
#include <openssl/core_names.h>
#endif
#include "x509_utils.h" #include "x509_utils.h"
#include "crypto.h" #include "crypto.h"
#include "opensslcompat.h" #include "opensslcompat.h"
@ -84,6 +88,7 @@ static const rdpPrivateKey tssk = { .PrivateExponent = tssk_privateExponent,
.ModulusLength = sizeof(tssk_modulus) } }; .ModulusLength = sizeof(tssk_modulus) } };
const rdpPrivateKey* priv_key_tssk = &tssk; const rdpPrivateKey* priv_key_tssk = &tssk;
#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
static RSA* evp_pkey_to_rsa(const rdpPrivateKey* key) static RSA* evp_pkey_to_rsa(const rdpPrivateKey* key)
{ {
if (!freerdp_key_is_rsa(key)) if (!freerdp_key_is_rsa(key))
@ -104,6 +109,7 @@ fail:
BIO_free_all(bio); BIO_free_all(bio);
return rsa; return rsa;
} }
#endif
static EVP_PKEY* evp_pkey_utils_from_pem(const char* data, size_t len, BOOL fromFile) static EVP_PKEY* evp_pkey_utils_from_pem(const char* data, size_t len, BOOL fromFile)
{ {
@ -139,6 +145,7 @@ static BOOL key_read_private(rdpPrivateKey* key)
if (!freerdp_key_is_rsa(key)) if (!freerdp_key_is_rsa(key))
return TRUE; return TRUE;
#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
RSA* rsa = evp_pkey_to_rsa(key); RSA* rsa = evp_pkey_to_rsa(key);
if (!rsa) if (!rsa)
{ {
@ -166,7 +173,18 @@ static BOOL key_read_private(rdpPrivateKey* key)
const BIGNUM* rsa_d = NULL; const BIGNUM* rsa_d = NULL;
RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d);
#else
BIGNUM* rsa_e = NULL;
BIGNUM* rsa_n = NULL;
BIGNUM* rsa_d = NULL;
if (!EVP_PKEY_get_bn_param(key->evp, OSSL_PKEY_PARAM_RSA_N, &rsa_n))
goto fail;
if (!EVP_PKEY_get_bn_param(key->evp, OSSL_PKEY_PARAM_RSA_E, &rsa_e))
goto fail;
if (!EVP_PKEY_get_bn_param(key->evp, OSSL_PKEY_PARAM_RSA_D, &rsa_d))
goto fail;
#endif
if (BN_num_bytes(rsa_e) > 4) if (BN_num_bytes(rsa_e) > 4)
{ {
WLog_ERR(TAG, "RSA public exponent too large"); WLog_ERR(TAG, "RSA public exponent too large");
@ -180,7 +198,13 @@ static BOOL key_read_private(rdpPrivateKey* key)
goto fail; goto fail;
rc = TRUE; rc = TRUE;
fail: fail:
#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
RSA_free(rsa); RSA_free(rsa);
#else
BN_free(rsa_d);
BN_free(rsa_e);
BN_free(rsa_n);
#endif
return rc; return rc;
} }
@ -297,11 +321,13 @@ const BYTE* freerdp_key_get_exponent(const rdpPrivateKey* key, size_t* plength)
return key->PrivateExponent; return key->PrivateExponent;
} }
#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
RSA* freerdp_key_get_RSA(const rdpPrivateKey* key) RSA* freerdp_key_get_RSA(const rdpPrivateKey* key)
{ {
WINPR_ASSERT(key); WINPR_ASSERT(key);
return evp_pkey_to_rsa(key); return evp_pkey_to_rsa(key);
} }
#endif
EVP_PKEY* freerdp_key_get_evp_pkey(const rdpPrivateKey* key) EVP_PKEY* freerdp_key_get_evp_pkey(const rdpPrivateKey* key)
{ {
@ -322,3 +348,18 @@ BOOL freerdp_key_is_rsa(const rdpPrivateKey* key)
WINPR_ASSERT(key->evp); WINPR_ASSERT(key->evp);
return (EVP_PKEY_id(key->evp) == EVP_PKEY_RSA); return (EVP_PKEY_id(key->evp) == EVP_PKEY_RSA);
} }
size_t freerdp_key_get_bits(const rdpPrivateKey* key)
{
#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
RSA* rsa = freerdp_key_get_RSA(key);
if (!rsa)
return -1;
const int size = RSA_size(rsa);
RSA_free(rsa);
return size;
#else
return EVP_PKEY_get_bits(key->evp);
#endif
}

2
libfreerdp/crypto/privatekey.h
View File

@ -35,10 +35,12 @@ extern "C"
FREERDP_LOCAL const rdpCertInfo* freerdp_key_get_info(const rdpPrivateKey* key); FREERDP_LOCAL const rdpCertInfo* freerdp_key_get_info(const rdpPrivateKey* key);
FREERDP_LOCAL const BYTE* freerdp_key_get_exponent(const rdpPrivateKey* key, size_t* plength); FREERDP_LOCAL const BYTE* freerdp_key_get_exponent(const rdpPrivateKey* key, size_t* plength);
#if !defined(OPENSSL_VERSION_MAJOR) || (OPENSSL_VERSION_MAJOR < 3)
/** \brief returns a pointer to a RSA structure. /** \brief returns a pointer to a RSA structure.
* Call RSA_free when done. * Call RSA_free when done.
*/ */
FREERDP_LOCAL RSA* freerdp_key_get_RSA(const rdpPrivateKey* key); FREERDP_LOCAL RSA* freerdp_key_get_RSA(const rdpPrivateKey* key);
#endif
/** \brief returns a pointer to a EVP_PKEY structure. /** \brief returns a pointer to a EVP_PKEY structure.
* Call EVP_PKEY_free when done. * Call EVP_PKEY_free when done.