← Back to branch summary

~kernevil/ubuntu/trusty/bind9/sdlz-hmac-keys

« back to all changes in this revision

Viewing changes to lib/dns/opensslrsa_link.c

  • Committer: Package Import Robot
  • Author(s): LaMont Jones, Matthew Grant, LaMont Jones
  • Date: 2012-10-29 08:37:49 UTC
  • mfrom: (1.9.2)
  • Revision ID: package-import@ubuntu.com-20121029083749-r9inpzl0yuj9xdlu
Tags: 1:9.8.4.dfsg-1
[Matthew Grant]

* Turn off dlopen as it was causing test compile failures.
* Add missing library .postrm files for debhelper

[LaMont Jones]

* New upstream version
* soname fixup
* Ack NMUs

Show diffs side-by-side

added added

removed removed

Lines of Context:
lib/dns/opensslrsa_link.c
1
1
/*
2
 
 * Copyright (C) 2004-2009, 2011  Internet Systems Consortium, Inc. ("ISC")
 
2
 * Copyright (C) 2004-2009, 2011, 2012  Internet Systems Consortium, Inc. ("ISC")
3
3
 * Copyright (C) 2000-2003  Internet Software Consortium.
4
4
 *
5
5
 * Permission to use, copy, modify, and/or distribute this software for any
17
17
 
18
18
/*
19
19
 * Principal Author: Brian Wellington
20
 
 * $Id: opensslrsa_link.c,v 1.39.10.2 2011-03-11 02:57:35 marka Exp $
 
20
 * $Id$
21
21
 */
22
22
#ifdef OPENSSL
23
23
#include <config.h>
156
156
 
157
157
        if (!EVP_DigestInit_ex(evp_md_ctx, type, NULL)) {
158
158
                EVP_MD_CTX_destroy(evp_md_ctx);
159
 
                return (ISC_R_FAILURE);
 
159
                return (dst__openssl_toresult2("EVP_DigestInit_ex",
 
160
                                               ISC_R_FAILURE));
160
161
        }
161
162
        dctx->ctxdata.evp_md_ctx = evp_md_ctx;
162
163
#else
304
305
 
305
306
#if USE_EVP
306
307
        if (!EVP_DigestUpdate(evp_md_ctx, data->base, data->length)) {
307
 
                return (ISC_R_FAILURE);
 
308
                return (dst__openssl_toresult2("EVP_DigestUpdate",
 
309
                                               ISC_R_FAILURE));
308
310
        }
309
311
#else
310
312
        switch (dctx->key->key_alg) {
374
376
        int status;
375
377
        int type = 0;
376
378
        unsigned int digestlen = 0;
377
 
        char *message;
378
 
        unsigned long err;
379
 
        const char* file;
380
 
        int line;
381
379
#if OPENSSL_VERSION_NUMBER < 0x00908000L
382
380
        unsigned int prefixlen = 0;
383
381
        const unsigned char *prefix = NULL;
397
395
                return (ISC_R_NOSPACE);
398
396
 
399
397
        if (!EVP_SignFinal(evp_md_ctx, r.base, &siglen, pkey)) {
400
 
                return (ISC_R_FAILURE);
 
398
                return (dst__openssl_toresult2("EVP_SignFinal",
 
399
                                               ISC_R_FAILURE));
401
400
        }
402
401
#else
403
402
        if (r.length < (unsigned int) RSA_size(rsa))
489
488
        INSIST(type != 0);
490
489
        status = RSA_sign(type, digest, digestlen, r.base, &siglen, rsa);
491
490
#endif
492
 
        if (status == 0) {
493
 
                err = ERR_peek_error_line(&file, &line);
494
 
                if (err != 0U) {
495
 
                        message = ERR_error_string(err, NULL);
496
 
                }
497
 
                return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
498
 
        }
 
491
        if (status == 0)
 
492
                return (dst__openssl_toresult2("RSA_sign",
 
493
                                               DST_R_OPENSSLFAILURE));
499
494
#endif
500
495
 
501
496
        isc_buffer_add(sig, siglen);
615
610
                                                    original, rsa,
616
611
                                                    RSA_PKCS1_PADDING);
617
612
                        if (status <= 0)
618
 
                                return (DST_R_VERIFYFAILURE);
 
613
                                return (dst__openssl_toresult2(
 
614
                                                "RSA_public_decrypt",
 
615
                                                DST_R_VERIFYFAILURE));
619
616
                        if (status != (int)(prefixlen + digestlen))
620
617
                                return (DST_R_VERIFYFAILURE);
621
618
                        if (memcmp(original, prefix, prefixlen))
636
633
#endif
637
634
#endif
638
635
        if (status != 1)
639
 
                return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
 
636
                return (dst__openssl_toresult2("RSA_verify",
 
637
                                               DST_R_VERIFYFAILURE));
640
638
 
641
639
        return (ISC_R_SUCCESS);
642
640
}
727
725
static isc_result_t
728
726
opensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) {
729
727
#if OPENSSL_VERSION_NUMBER > 0x00908000L
 
728
        isc_result_t ret = DST_R_OPENSSLFAILURE;
730
729
        BN_GENCB cb;
731
730
        union {
732
731
                void *dptr;
776
775
#endif
777
776
                return (ISC_R_SUCCESS);
778
777
        }
 
778
        ret = dst__openssl_toresult2("RSA_generate_key_ex",
 
779
                                     DST_R_OPENSSLFAILURE);
779
780
 
780
781
err:
781
782
#if USE_EVP
786
787
                BN_free(e);
787
788
        if (rsa != NULL)
788
789
                RSA_free(rsa);
789
 
        return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
 
790
        return (dst__openssl_toresult(ret));
790
791
#else
791
792
        RSA *rsa;
792
793
        unsigned long e;
810
811
#if USE_EVP
811
812
                EVP_PKEY_free(pkey);
812
813
#endif
813
 
                return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
 
814
                return (dst__openssl_toresult2("RSA_generate_key",
 
815
                                               DST_R_OPENSSLFAILURE));
814
816
        }
815
817
        SET_FLAGS(rsa);
816
818
#if USE_EVP
1009
1011
        rsa = key->keydata.rsa;
1010
1012
#endif
1011
1013
 
 
1014
        memset(bufs, 0, sizeof(bufs));
1012
1015
        for (i = 0; i < 8; i++) {
1013
1016
                bufs[i] = isc_mem_get(key->mctx, BN_num_bytes(rsa->n));
1014
1017
                if (bufs[i] == NULL) {
1162
1165
        /* read private key file */
1163
1166
        ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv);
1164
1167
        if (ret != ISC_R_SUCCESS)
1165
 
                return (ret);
 
1168
                goto err;
1166
1169
 
1167
1170
        for (i = 0; i < priv.nelements; i++) {
1168
1171
                switch (priv.elements[i].tag) {
1188
1191
                if (e == NULL)
1189
1192
                        DST_RET(DST_R_NOENGINE);
1190
1193
                pkey = ENGINE_load_private_key(e, label, NULL, NULL);
1191
 
                if (pkey == NULL) {
1192
 
                        /* ERR_print_errors_fp(stderr); */
1193
 
                        DST_RET(ISC_R_NOTFOUND);
1194
 
                }
 
1194
                if (pkey == NULL)
 
1195
                        DST_RET(dst__openssl_toresult2(
 
1196
                                        "ENGINE_load_private_key",
 
1197
                                        ISC_R_NOTFOUND));
1195
1198
                key->engine = isc_mem_strdup(key->mctx, engine);
1196
1199
                if (key->engine == NULL)
1197
1200
                        DST_RET(ISC_R_NOMEMORY);
1336
1339
        }
1337
1340
        pkey = ENGINE_load_private_key(e, label, NULL, NULL);
1338
1341
        if (pkey == NULL)
1339
 
                DST_RET(ISC_R_NOTFOUND);
 
1342
                DST_RET(dst__openssl_toresult2("ENGINE_load_private_key",
 
1343
                                               ISC_R_NOTFOUND));
1340
1344
        if (engine != NULL) {
1341
1345
                key->engine = isc_mem_strdup(key->mctx, engine);
1342
1346
                if (key->engine == NULL)