forked from pool/tboot
Matthias Gerstner
77676033d6
functionality like in lcp2_crtpollist (bnc#1083693). Fix has not yet been commented on by upstream (posted on tboot-devel mailing list). OBS-URL: https://build.opensuse.org/package/show/security/tboot?expand=0&rev=75
81 lines
2.9 KiB
Diff
81 lines
2.9 KiB
Diff
changeset: 506:09fae64a7515
|
|
user: Ning Sun <ning.sun@intel.com>
|
|
date: Sat Sep 02 01:40:15 2017 -0700
|
|
summary: Fix openssl-1.0.2 double frees
|
|
|
|
Index: tboot-1.9.6/lcptools-v2/crtpollist.c
|
|
===================================================================
|
|
--- tboot-1.9.6.orig/lcptools-v2/crtpollist.c
|
|
+++ tboot-1.9.6/lcptools-v2/crtpollist.c
|
|
@@ -160,15 +160,14 @@ static lcp_signature_t2 *read_rsa_pubkey
|
|
|
|
memset(sig, 0, sizeof(lcp_rsa_signature_t) + 2*keysize);
|
|
sig->rsa_signature.pubkey_size = keysize;
|
|
-
|
|
- BIGNUM *modulus = BN_new();
|
|
-
|
|
+
|
|
/* OpenSSL Version 1.1.0 and later don't allow direct access to RSA
|
|
stuct */
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
+ BIGNUM *modulus = BN_new();
|
|
RSA_get0_key(pubkey, (const BIGNUM **)&modulus, NULL, NULL);
|
|
#else
|
|
- modulus = pubkey->n;
|
|
+ BIGNUM *modulus = BN_dup(pubkey->n);
|
|
#endif
|
|
|
|
unsigned char key[keysize];
|
|
Index: tboot-1.9.6/lcptools-v2/lcputils.c
|
|
===================================================================
|
|
--- tboot-1.9.6.orig/lcptools-v2/lcputils.c
|
|
+++ tboot-1.9.6/lcptools-v2/lcputils.c
|
|
@@ -384,8 +384,8 @@ bool verify_signature(const uint8_t *dat
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
RSA_set0_key(rsa_pubkey, modulus, exponent, NULL);
|
|
#else
|
|
- rsa_pubkey->n = modulus;
|
|
- rsa_pubkey->e = exponent;
|
|
+ rsa_pubkey->n = BN_dup(modulus);
|
|
+ rsa_pubkey->e = BN_dup(exponent);
|
|
rsa_pubkey->d = rsa_pubkey->p = rsa_pubkey->q = NULL;
|
|
#endif
|
|
|
|
Index: tboot-1.9.6/lcptools/crtpollist.c
|
|
===================================================================
|
|
--- tboot-1.9.6.orig/lcptools/crtpollist.c
|
|
+++ tboot-1.9.6/lcptools/crtpollist.c
|
|
@@ -155,14 +155,14 @@ static lcp_signature_t *read_pubkey_file
|
|
|
|
memset(sig, 0, sizeof(*sig) + 2*keysize);
|
|
sig->pubkey_size = keysize;
|
|
-
|
|
- BIGNUM *modulus = BN_new();
|
|
+
|
|
/* OpenSSL Version 1.1.0 and later don't allow direct access to RSA
|
|
stuct */
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
+ BIGNUM *modulus = BN_new();
|
|
RSA_get0_key(pubkey, (const BIGNUM **)&modulus, NULL, NULL);
|
|
#else
|
|
- modulus = pubkey->n;
|
|
+ BIGNUM *modulus = BN_dup(pubkey->n);
|
|
#endif
|
|
unsigned char key[keysize];
|
|
BN_bn2bin(modulus, key);
|
|
Index: tboot-1.9.6/lcptools/lcputils2.c
|
|
===================================================================
|
|
--- tboot-1.9.6.orig/lcptools/lcputils2.c
|
|
+++ tboot-1.9.6/lcptools/lcputils2.c
|
|
@@ -288,8 +288,8 @@ bool verify_signature(const uint8_t *dat
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
RSA_set0_key(rsa_pubkey, modulus, exponent, NULL);
|
|
#else
|
|
- rsa_pubkey->n = modulus;
|
|
- rsa_pubkey->e = exponent;
|
|
+ rsa_pubkey->n = BN_dup(modulus);
|
|
+ rsa_pubkey->e = BN_dup(exponent);
|
|
rsa_pubkey->d = rsa_pubkey->p = rsa_pubkey->q = NULL;
|
|
#endif
|
|
|