On 01/31/2017 09:55 PM, Adrian Bunk wrote: > Which tarball are you using, and do you have the build dependency > libopencryptoki-dev installed?
Yay conditional compilation. I didn't forward port the packaging yet. > I am using the one from > https://sourceforge.net/projects/trousers/files/tpm-tools/1.3.9/ > > and the error I get is: > > ... > gcc -DHAVE_CONFIG_H -I. -I../.. -I../../include -D_LINUX -Wdate-time > -D_FORTIFY_SOURCE=2 -g -O2 -fdebug-prefix-map=/tmp/tpm-tools-1.3.9=. > -fstack-protector-strong -Wformat -Werror=format-security -m64 -Wall > -Wreturn-type -Wsign-compare -c -o data_import.o data_import.c > data_import.c: In function 'readX509Cert': > data_import.c:375:26: error: dereferencing pointer to incomplete type > 'EVP_PKEY {aka struct evp_pkey_st}' > if ( EVP_PKEY_type( pKey->type ) != EVP_PKEY_RSA ) { > ^~ > In file included from /usr/include/openssl/asn1.h:24:0, > from /usr/include/openssl/rsa.h:16, > from data_import.c:34: > data_import.c: In function 'createRsaPubKeyObject': > data_import.c:694:34: error: dereferencing pointer to incomplete type 'RSA > {aka struct rsa_st}' > int nLen = BN_num_bytes( a_pRsa->n ); > ^ > Makefile:524: recipe for target 'data_import.o' failed > make[4]: *** [data_import.o] Error 1 > make[4]: Leaving directory '/tmp/tpm-tools-1.3.9/src/data_mgmt' > Makefile:401: recipe for target 'all-recursive' failed > make[3]: *** [all-recursive] Error 1 I suppose all this needs is the following patch. I'm a little unhappy about the naming of the intermediate variables, but I suppose as long as it does the trick: > Index: tpm-tools/src/data_mgmt/data_import.c > =================================================================== > --- tpm-tools.orig/src/data_mgmt/data_import.c > +++ tpm-tools/src/data_mgmt/data_import.c > @@ -372,7 +372,7 @@ readX509Cert( const char *a_pszFile, > goto out; > } > > - if ( EVP_PKEY_type( pKey->type ) != EVP_PKEY_RSA ) { > + if ( EVP_PKEY_base_id( pKey ) != EVP_PKEY_RSA ) { > logError( TOKEN_RSA_KEY_ERROR ); > > X509_free( pX509 ); > @@ -691,8 +691,13 @@ createRsaPubKeyObject( RSA > > int rc = -1; > > - int nLen = BN_num_bytes( a_pRsa->n ); > - int eLen = BN_num_bytes( a_pRsa->e ); > + const BIGNUM *bn; > + const BIGNUM *be; > + > + RSA_get0_key( a_pRsa, &bn, &be, NULL ); > + > + int nLen = BN_num_bytes( bn ); > + int eLen = BN_num_bytes( be ); > > CK_RV rv; > > @@ -732,8 +737,8 @@ createRsaPubKeyObject( RSA > } > > // Get binary representations of the RSA key information > - BN_bn2bin( a_pRsa->n, n ); > - BN_bn2bin( a_pRsa->e, e ); > + BN_bn2bin( bn, n ); > + BN_bn2bin( be, e ); > > // Create the RSA public key object > rv = createObject( a_hSession, tAttr, ulAttrCount, a_hObject ); > @@ -760,14 +765,27 @@ createRsaPrivKeyObject( RSA > > int rc = -1; > > - int nLen = BN_num_bytes( a_pRsa->n ); > - int eLen = BN_num_bytes( a_pRsa->e ); > - int dLen = BN_num_bytes( a_pRsa->d ); > - int pLen = BN_num_bytes( a_pRsa->p ); > - int qLen = BN_num_bytes( a_pRsa->q ); > - int dmp1Len = BN_num_bytes( a_pRsa->dmp1 ); > - int dmq1Len = BN_num_bytes( a_pRsa->dmq1 ); > - int iqmpLen = BN_num_bytes( a_pRsa->iqmp ); > + const BIGNUM *bn; > + const BIGNUM *be; > + const BIGNUM *bd; > + const BIGNUM *bp; > + const BIGNUM *bq; > + const BIGNUM *bdmp1; > + const BIGNUM *bdmq1; > + const BIGNUM *biqmp; > + > + RSA_get0_key( a_pRsa, &bn, &be, &bd); > + RSA_get0_factors( a_pRsa, &bp, &bq); > + RSA_get0_crt_params( a_pRsa, &bdmp1, &bdmq1, &biqmp ); > + > + int nLen = BN_num_bytes( bn ); > + int eLen = BN_num_bytes( be ); > + int dLen = BN_num_bytes( bd ); > + int pLen = BN_num_bytes( bp ); > + int qLen = BN_num_bytes( bq ); > + int dmp1Len = BN_num_bytes( bdmp1 ); > + int dmq1Len = BN_num_bytes( bdmq1 ); > + int iqmpLen = BN_num_bytes( biqmp ); > > CK_RV rv; > > @@ -821,14 +839,14 @@ createRsaPrivKeyObject( RSA > } > > // Get binary representations of the RSA key information > - BN_bn2bin( a_pRsa->n, n ); > - BN_bn2bin( a_pRsa->e, e ); > - BN_bn2bin( a_pRsa->d, d ); > - BN_bn2bin( a_pRsa->p, p ); > - BN_bn2bin( a_pRsa->q, q ); > - BN_bn2bin( a_pRsa->dmp1, dmp1 ); > - BN_bn2bin( a_pRsa->dmq1, dmq1 ); > - BN_bn2bin( a_pRsa->iqmp, iqmp ); > + BN_bn2bin( bn, n ); > + BN_bn2bin( be, e ); > + BN_bn2bin( bd, d ); > + BN_bn2bin( bp, p ); > + BN_bn2bin( bq, q ); > + BN_bn2bin( bdmp1, dmp1 ); > + BN_bn2bin( bdmq1, dmq1 ); > + BN_bn2bin( biqmp, iqmp ); > > // Create the RSA private key object > rv = createObject( a_hSession, tAttr, ulAttrCount, a_hObject ); There's also no test suite, which is unhelpful. Hence only compile tested. Kind regards Philipp Kern
signature.asc
Description: OpenPGP digital signature
