Use openssl instead of nss to fix failure for RSA-SHA1 signature
(cherry picked from commit b8055739468f47d2541eca35a4c855f99beab116)
This commit is contained in:
yixiangzhike
openeuler-sync-bot
parent
b5daf3a24f
commit
b9a98adda0
3736
backport-NOOP-whitespace-indent.patch
Normal file
3736
backport-NOOP-whitespace-indent.patch
Normal file
File diff suppressed because it is too large
Load Diff
116
backport-Update-OpenSSL-1.1.0-API.patch
Normal file
116
backport-Update-OpenSSL-1.1.0-API.patch
Normal file
@ -0,0 +1,116 @@
|
||||
From acb7538ac1b70029ea1560a4338ae5a0b770c75e Mon Sep 17 00:00:00 2001
|
||||
From: Robin Gareus <robin@gareus.org>
|
||||
Date: Sun, 27 Jan 2019 09:31:50 +0100
|
||||
Subject: [PATCH] Update OpenSSL 1.1.0 API
|
||||
|
||||
---
|
||||
src/hash.c | 44 +++++++++++++++++++++++---------------------
|
||||
1 file changed, 23 insertions(+), 21 deletions(-)
|
||||
|
||||
diff --git a/src/hash.c b/src/hash.c
|
||||
index b7c016b..5e59047 100644
|
||||
--- a/src/hash.c
|
||||
+++ b/src/hash.c
|
||||
@@ -388,7 +388,7 @@ char *oauth_sign_rsa_sha1 (const char *m, const char *k) {
|
||||
unsigned char *sig = NULL;
|
||||
unsigned char *passphrase = NULL;
|
||||
unsigned int len=0;
|
||||
- EVP_MD_CTX md_ctx;
|
||||
+ EVP_MD_CTX* md_ctx = EVP_MD_CTX_create();
|
||||
|
||||
EVP_PKEY *pkey;
|
||||
BIO *in;
|
||||
@@ -404,21 +404,23 @@ char *oauth_sign_rsa_sha1 (const char *m, const char *k) {
|
||||
len = EVP_PKEY_size(pkey);
|
||||
sig = (unsigned char*)xmalloc((len+1)*sizeof(char));
|
||||
|
||||
- EVP_SignInit(&md_ctx, EVP_sha1());
|
||||
- EVP_SignUpdate(&md_ctx, m, strlen(m));
|
||||
- if (EVP_SignFinal (&md_ctx, sig, &len, pkey)) {
|
||||
+ EVP_SignInit(md_ctx, EVP_sha1());
|
||||
+ EVP_SignUpdate(md_ctx, m, strlen(m));
|
||||
+ if (EVP_SignFinal (md_ctx, sig, &len, pkey)) {
|
||||
char *tmp;
|
||||
sig[len] = '\0';
|
||||
tmp = oauth_encode_base64(len,sig);
|
||||
OPENSSL_free(sig);
|
||||
EVP_PKEY_free(pkey);
|
||||
+ EVP_MD_CTX_destroy (md_ctx);
|
||||
return tmp;
|
||||
}
|
||||
+ EVP_MD_CTX_destroy (md_ctx);
|
||||
return xstrdup("liboauth/OpenSSL: rsa-sha1 signing failed");
|
||||
}
|
||||
|
||||
int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) {
|
||||
- EVP_MD_CTX md_ctx;
|
||||
+ EVP_MD_CTX* md_ctx = EVP_MD_CTX_create();
|
||||
EVP_PKEY *pkey;
|
||||
BIO *in;
|
||||
X509 *cert = NULL;
|
||||
@@ -442,10 +444,10 @@ int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) {
|
||||
b64d= (unsigned char*) xmalloc(sizeof(char)*strlen(s));
|
||||
slen = oauth_decode_base64(b64d, s);
|
||||
|
||||
- EVP_VerifyInit(&md_ctx, EVP_sha1());
|
||||
- EVP_VerifyUpdate(&md_ctx, m, strlen(m));
|
||||
- err = EVP_VerifyFinal(&md_ctx, b64d, slen, pkey);
|
||||
- EVP_MD_CTX_cleanup(&md_ctx);
|
||||
+ EVP_VerifyInit(md_ctx, EVP_sha1());
|
||||
+ EVP_VerifyUpdate(md_ctx, m, strlen(m));
|
||||
+ err = EVP_VerifyFinal(md_ctx, b64d, slen, pkey);
|
||||
+ EVP_MD_CTX_destroy(md_ctx);
|
||||
EVP_PKEY_free(pkey);
|
||||
xfree(b64d);
|
||||
return (err);
|
||||
@@ -457,35 +459,35 @@ int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) {
|
||||
*/
|
||||
char *oauth_body_hash_file(char *filename) {
|
||||
unsigned char fb[BUFSIZ];
|
||||
- EVP_MD_CTX ctx;
|
||||
+ EVP_MD_CTX* ctx = EVP_MD_CTX_create();
|
||||
size_t len=0;
|
||||
unsigned char *md;
|
||||
FILE *F= fopen(filename, "r");
|
||||
if (!F) return NULL;
|
||||
|
||||
- EVP_MD_CTX_init(&ctx);
|
||||
- EVP_DigestInit(&ctx,EVP_sha1());
|
||||
+ EVP_MD_CTX_init(ctx);
|
||||
+ EVP_DigestInit(ctx,EVP_sha1());
|
||||
while (!feof(F) && (len=fread(fb,sizeof(char),BUFSIZ, F))>0) {
|
||||
- EVP_DigestUpdate(&ctx, fb, len);
|
||||
+ EVP_DigestUpdate(ctx, fb, len);
|
||||
}
|
||||
fclose(F);
|
||||
len=0;
|
||||
md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char));
|
||||
- EVP_DigestFinal(&ctx, md,(unsigned int*) &len);
|
||||
- EVP_MD_CTX_cleanup(&ctx);
|
||||
+ EVP_DigestFinal(ctx, md,(unsigned int*) &len);
|
||||
+ EVP_MD_CTX_destroy(ctx);
|
||||
return oauth_body_hash_encode(len, md);
|
||||
}
|
||||
|
||||
char *oauth_body_hash_data(size_t length, const char *data) {
|
||||
- EVP_MD_CTX ctx;
|
||||
+ EVP_MD_CTX* ctx = EVP_MD_CTX_create();
|
||||
size_t len=0;
|
||||
unsigned char *md;
|
||||
md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char));
|
||||
- EVP_MD_CTX_init(&ctx);
|
||||
- EVP_DigestInit(&ctx,EVP_sha1());
|
||||
- EVP_DigestUpdate(&ctx, data, length);
|
||||
- EVP_DigestFinal(&ctx, md,(unsigned int*) &len);
|
||||
- EVP_MD_CTX_cleanup(&ctx);
|
||||
+ EVP_MD_CTX_init(ctx);
|
||||
+ EVP_DigestInit(ctx,EVP_sha1());
|
||||
+ EVP_DigestUpdate(ctx, data, length);
|
||||
+ EVP_DigestFinal(ctx, md,(unsigned int*) &len);
|
||||
+ EVP_MD_CTX_destroy(ctx);
|
||||
return oauth_body_hash_encode(len, md);
|
||||
}
|
||||
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -0,0 +1,52 @@
|
||||
From 3d5fd48ddcc1a844251fe92004a98936b2d7eb69 Mon Sep 17 00:00:00 2001
|
||||
From: Robin Gareus <robin@gareus.org>
|
||||
Date: Tue, 1 Jul 2014 14:32:27 +0200
|
||||
Subject: [PATCH] pedantic ANSI ISO-C 89/90 for MSVC 2013 - fixes #2
|
||||
|
||||
---
|
||||
src/hash.c | 12 +++++++-----
|
||||
1 file changed, 7 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/hash.c b/src/hash.c
|
||||
index 17ff5c8..a337b0e 100644
|
||||
--- a/src/hash.c
|
||||
+++ b/src/hash.c
|
||||
@@ -48,12 +48,13 @@ char *oauth_sign_hmac_sha1 (const char *m, const char *k) {
|
||||
}
|
||||
|
||||
char *oauth_body_hash_file(char *filename) {
|
||||
- FILE *F= fopen(filename, "r");
|
||||
- if (!F) return NULL;
|
||||
-
|
||||
size_t len=0;
|
||||
char fb[BUFSIZ];
|
||||
sha1nfo s;
|
||||
+
|
||||
+ FILE *F= fopen(filename, "r");
|
||||
+
|
||||
+ if (!F) return NULL;
|
||||
sha1_init(&s);
|
||||
|
||||
while (!feof(F) && (len=fread(fb,sizeof(char),BUFSIZ, F))>0) {
|
||||
@@ -271,7 +272,8 @@ char *oauth_body_hash_file(char *filename) {
|
||||
SECStatus s;
|
||||
char *rv=NULL;
|
||||
size_t bl;
|
||||
- unsigned char fb[BUFSIZ];
|
||||
+ unsigned char fb[BUFSIZ];
|
||||
+ unsigned char *dgst;
|
||||
|
||||
FILE *F= fopen(filename, "r");
|
||||
if (!F) return NULL;
|
||||
@@ -292,7 +294,7 @@ char *oauth_body_hash_file(char *filename) {
|
||||
s = PK11_DigestFinal(context, digest, &len, sizeof digest);
|
||||
if (s != SECSuccess) goto looser;
|
||||
|
||||
- unsigned char *dgst = xmalloc(len*sizeof(char)); // oauth_body_hash_encode frees the digest..
|
||||
+ dgst = xmalloc(len*sizeof(char)); // oauth_body_hash_encode frees the digest..
|
||||
memcpy(dgst, digest, len);
|
||||
rv=oauth_body_hash_encode(len, dgst);
|
||||
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -1,12 +1,16 @@
|
||||
Name: liboauth
|
||||
Version: 1.0.3
|
||||
Release: 14
|
||||
Release: 15
|
||||
Summary: OAuth library functions
|
||||
License: MIT
|
||||
URL: http://liboauth.sourceforge.net/
|
||||
Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
|
||||
|
||||
BuildRequires: gcc curl-devel nss-devel
|
||||
Patch1: backport-pedantic-ANSI-ISO-C-89-90-for-MSVC-2013-fixes-2.patch
|
||||
Patch2: backport-NOOP-whitespace-indent.patch
|
||||
Patch3: backport-Update-OpenSSL-1.1.0-API.patch
|
||||
|
||||
BuildRequires: gcc curl-devel openssl-devel
|
||||
# fix the failure of the test_uniencoding testcase
|
||||
BuildRequires: glibc-locale-archive
|
||||
|
||||
@ -31,7 +35,7 @@ document files for %{name}
|
||||
%autosetup -n %{name}-%{version} -p1
|
||||
|
||||
%build
|
||||
%configure --disable-static --enable-nss
|
||||
%configure --disable-static
|
||||
make
|
||||
|
||||
|
||||
@ -58,6 +62,9 @@ make check
|
||||
%doc ChangeLog
|
||||
|
||||
%changelog
|
||||
* Fri Jul 19 2024 yixiangzhike <yixiangzhike007@163.com> - 1.0.3-15
|
||||
- Use openssl instead of nss to fix failure for RSA-SHA1 signature
|
||||
|
||||
* Mon Jun 13 2022 yixiangzhike <yixiangzhike007@163.com> - 1.0.3-14
|
||||
- Fix the failure of the test_uniencoding testcase
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user