1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
diff --git libpkg/rsa.c libpkg/rsa.c
index 41a12466..eea6e0bb 100644
--- libpkg/rsa.c
+++ libpkg/rsa.c
@@ -37,31 +37,6 @@
#include "private/event.h"
#include "private/pkg.h"
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-/*
- * This matches the historical usage for pkg. Older versions sign the hex
- * encoding of the SHA256 checksum. If we ever deprecated RSA, this can go
- * away.
- */
-static EVP_MD *md_pkg_sha1;
-
-static EVP_MD *
-EVP_md_pkg_sha1(void)
-{
-
- if (md_pkg_sha1 != NULL)
- return (md_pkg_sha1);
-
- md_pkg_sha1 = EVP_MD_meth_dup(EVP_sha1());
- if (md_pkg_sha1 == NULL)
- return (NULL);
-
- EVP_MD_meth_set_result_size(md_pkg_sha1,
- pkg_checksum_type_size(PKG_HASH_TYPE_SHA256_HEX));
- return (md_pkg_sha1);
-}
-#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
-
struct pkg_key {
pkg_password_cb *pw_cb;
char *path;
@@ -217,6 +192,7 @@ rsa_verify_cert(unsigned char *key, int keylen,
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
+
ret = pkg_emit_sandbox_call(rsa_verify_cert_cb, fd, &cbdata);
if (need_close)
close(fd);
@@ -232,6 +208,7 @@ rsa_verify_cb(int fd, void *ud)
char errbuf[1024];
EVP_PKEY *pkey = NULL;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ const EVP_MD *md;
EVP_PKEY_CTX *ctx;
#else
RSA *rsa;
@@ -276,7 +253,8 @@ rsa_verify_cb(int fd, void *ud)
return (EPKG_FATAL);
}
- if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_md_pkg_sha1()) <= 0) {
+ md = EVP_sha1();
+ if (EVP_PKEY_CTX_set_signature_md(ctx, md) <= 0) {
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
free(sha256);
@@ -284,7 +262,7 @@ rsa_verify_cb(int fd, void *ud)
}
ret = EVP_PKEY_verify(ctx, cbdata->sig, cbdata->siglen, sha256,
- pkg_checksum_type_size(PKG_HASH_TYPE_SHA256_HEX));
+ EVP_MD_size(md));
#else
rsa = EVP_PKEY_get1_RSA(pkey);
@@ -360,6 +338,7 @@ rsa_sign(char *path, struct pkg_key *keyinfo, unsigned char **sigret,
char errbuf[1024];
int max_len = 0, ret;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ const EVP_MD *md;
EVP_PKEY_CTX *ctx;
size_t siglen;
#else
@@ -403,15 +382,15 @@ rsa_sign(char *path, struct pkg_key *keyinfo, unsigned char **sigret,
return (EPKG_FATAL);
}
- if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_md_pkg_sha1()) <= 0) {
+ md = EVP_sha1();
+ if (EVP_PKEY_CTX_set_signature_md(ctx, md) <= 0) {
EVP_PKEY_CTX_free(ctx);
free(sha256);
return (EPKG_FATAL);
}
-
siglen = max_len;
ret = EVP_PKEY_sign(ctx, *sigret, &siglen, sha256,
- pkg_checksum_type_size(PKG_HASH_TYPE_SHA256_HEX));
+ EVP_MD_size(md));
#else
rsa = EVP_PKEY_get1_RSA(keyinfo->key);
|
