community/boinc to 7.8.4-1

This commit is contained in:
Kevin Mihelich 2017-11-27 13:34:44 +00:00
parent 5ad94af161
commit 27f3d47ca7
3 changed files with 31 additions and 790 deletions

View file

@ -9,45 +9,42 @@
pkgbase=boinc
pkgname=(boinc boinc-nox)
pkgver=7.6.33
_tag="client_release/7.6/$pkgver"
pkgrel=5
arch=('i686' 'x86_64')
pkgver=7.8.4
_tag="client_release/7.8/$pkgver"
pkgrel=1
arch=('x86_64')
url="http://boinc.berkeley.edu/"
license=('LGPL')
makedepends=('libxslt' 'perl-xml-sax' 'git' 'libxss' 'libnotify' 'wxgtk3' 'webkit2gtk' 'sqlite3'
'curl' 'inetutils' 'libxmu' 'freeglut' 'glu' 'mesa')
makedepends=('libxslt' 'perl-xml-sax' 'libxss' 'libnotify' 'wxgtk3' 'webkit2gtk' 'sqlite3' 'curl'
'inetutils' 'libxmu' 'freeglut' 'glu' 'mesa')
install=$pkgbase.install
options=('!staticlibs')
source=("git+https://github.com/BOINC/boinc.git#tag=$_tag"
boinc.bash
boinc.desktop
boinc.service
boinc.sysusers
boinc-AM_CONDITIONAL.patch
boinc-openssl-1.1.patch)
md5sums=('SKIP'
'4d00e1aa4090a3f51feb20f5a541b9ee'
'db62de2f08117e6379a3c613b58fa7ff'
'3d5cbab785cc8b004661b17c65883fd5'
'240f952d38c5814cc3d8cd1668fe2154'
'e27047518dec54d4db38816487a28661'
'2148b1eb9ea12fb8927198072e616417')
source=("$pkgbase-$pkgver.tar.gz::https://github.com/BOINC/boinc/archive/$_tag.tar.gz"
https://github.com/BOINC/boinc/commit/e86f29e7fbc78faff6c9b9c8356ffe59049c116f.patch
boinc.bash
boinc.desktop
boinc.service
boinc.sysusers)
sha512sums=('d888f6c1586b57cdad7c4c783b2e58ae3bc3da8d0183eaacfe43f9798519e65129324222e6190a8ee1f00be2dfd31ee54fe2a88ef77950506e29552ce32de8aa'
'565ac560d4ea1c82f238153c47d076d63eb2d839cba10de9fb7c86c8b89b9994f807347a564c3e05d75231019e259c3afc399b203eb0bd83ac2572db54c4e56f'
'dec4bb6e571c2d99e1f57295149399eee03a8ec41b07ec3f7f197b910d246dcd6a5eb880301c9cd3a039d8c5aa6b07babf6ab4cae5f242c419c8cd71f56b90f5'
'b3fcd703a6f683d246242543c2f7b5fcfe403cb95b7786f1418b24c3dfb7c54c6b8c4816c0e9ae56b5ee4e4cae63f153ec522b04bf02f4f835dd90ac0e0ae204'
'395343369cc02da33a0d61bdc45fd8812f4f881a2efbb684b07f8d727d1896ef558c875d42e93e7743004e1efe6226361b53c0ea1cb1e8323ec605caa833774e'
'85804d7e6b7e07f06e93e8c42507f5cd0b9415257d6ac7421603a2b6084699d847ae9720c1cf9e9793b750dfb768375116843b988b287ee7c66c1374e18f7934')
prepare() {
cd $pkgbase
patch -Np1 -i "$srcdir"/boinc-AM_CONDITIONAL.patch
# Fix build with openssl 1.1
patch -p1 -i ../boinc-openssl-1.1.patch
# Build with gtk3
sed -i 's/^PKG_CHECK_MODULES(\[GTK2\], \[gtk+-2.0\])$/PKG_CHECK_MODULES([GTK3], [gtk+-3.0])/' configure.ac
mv boinc-client_release-*-$pkgver $pkgbase-$pkgver
cp -r "$srcdir"/${pkgbase}{,-nox}
cd $pkgbase-$pkgver
# https://github.com/BOINC/boinc/pull/2092
patch -p1 -i ../e86f29e7fbc78faff6c9b9c8356ffe59049c116f.patch
cp -r "$srcdir"/$pkgbase-$pkgver{,-nox}
./_autosetup
# Prepare boinc-nox
cd "$srcdir"/$pkgbase-nox
cd "$srcdir"/$pkgbase-$pkgver-nox
# Don't force xss
sed -i 's/^ enable_xss="yes"$/ enable_xss="no"/' configure.ac
./_autosetup
@ -60,7 +57,7 @@ build() {
CONFIG="--with-boinc-alt-platform=arm-unknown-linux-gnueabihf"
fi
cd "$srcdir"/$pkgbase
cd "$srcdir"/$pkgbase-$pkgver
LDFLAGS='-lX11' ./configure \
--prefix=/usr \
--enable-libraries \
@ -79,7 +76,7 @@ build() {
make
# Build boinc-nox
cd "$srcdir"/$pkgbase-nox
cd "$srcdir"/$pkgbase-$pkgver-nox
PKG_CONFIG=/usr/bin/pkg-config ./configure \
--prefix=/usr \
--enable-libraries \
@ -101,7 +98,7 @@ package_boinc() {
pkgdesc="Berkeley Open Infrastructure for Network Computing for desktop"
depends=("libxss" "libnotify" "wxgtk3" "webkit2gtk" "curl" "sqlite3")
cd $pkgbase
cd $pkgbase-$pkgver
make DESTDIR="$pkgdir" install
@ -115,10 +112,10 @@ package_boinc() {
install -Dm644 "${srcdir}/$pkgbase.bash" "${pkgdir}/usr/share/bash-completion/completions/$pkgbase"
#install .desktop File
install -Dm644 "${srcdir}/${pkgbase}.desktop" "${pkgdir}/usr/share/applications/${pkgbase}.desktop"
install -Dm644 "${srcdir}/$pkgbase.desktop" "${pkgdir}/usr/share/applications/$pkgbase.desktop"
#install icons
install -Dm644 "${srcdir}/${pkgbase}/packages/generic/sea/boincmgr.48x48.png" "${pkgdir}/usr/share/pixmaps/$pkgbase.png"
install -Dm644 "${srcdir}/$pkgbase-$pkgver/packages/generic/sea/boincmgr.48x48.png" "${pkgdir}/usr/share/pixmaps/$pkgbase.png"
#remove initscripts stuff
rm -rf "$pkgdir/etc"
@ -130,7 +127,7 @@ package_boinc-nox() {
provides=("boinc")
conflicts=("boinc")
cd $pkgbase-nox
cd $pkgbase-$pkgver-nox
make DESTDIR="$pkgdir" install

View file

@ -1,19 +0,0 @@
--- A/configure.ac
+++ B/configure.ac
@@ -39,6 +39,7 @@ AC_PROG_CC
AC_PROG_CXX
AC_PROG_F77
AC_PROG_CPP
+AC_PROG_OBJCXX
AC_PROG_MAKE_SET
SAH_LINKS
AC_LANG_PUSH(C)
@@ -744,6 +745,8 @@ AM_CONDITIONAL(ENABLE_LIBRARIES, [test "
AM_CONDITIONAL(INSTALL_HEADERS, [test "${enable_install_headers}" = yes])
AM_CONDITIONAL(HAVE_CUDA_LIB, [test "${enable_client}" = yes -a -f ./coprocs/CUDA/posix/${boinc_platform}/libcudart.so])
+PKG_CHECK_MODULES([GTK2], [gtk+-2.0])
+
dnl ======================================================================
dnl some more vodoo required for building portable client-binary (client, clientgui)
dnl ======================================================================

View file

@ -1,737 +0,0 @@
From e965ea2e32d467e6937f206c96270cabd381df6e Mon Sep 17 00:00:00 2001
From: Christian Beer <christian.beer@aei.mpg.de>
Date: Mon, 27 Jun 2016 18:26:27 +0200
Subject: [PATCH 1/5] Lib: build against openSSL 1.1.0
The upcoming OpenSSL version introduces some API changes (https://wiki.openssl.org/index.php/1.1_API_Changes). In BOINC mainly code related to RSA keys is affected for now.
Contributed by: Gianfranco Costamagna
---
lib/crypt.cpp | 115 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
lib/crypt.h | 5 +++
lib/crypt_prog.cpp | 12 ++++++
3 files changed, 131 insertions(+), 1 deletion(-)
diff --git a/lib/crypt.cpp b/lib/crypt.cpp
index 192bbc2..cd6f04a 100644
--- a/lib/crypt.cpp
+++ b/lib/crypt.cpp
@@ -453,7 +453,7 @@ int read_key_file(const char* keyfile, R_RSA_PRIVATE_KEY& key) {
return 0;
}
-static void bn_to_bin(BIGNUM* bn, unsigned char* bin, int n) {
+static void bn_to_bin(const BIGNUM* bn, unsigned char* bin, int n) {
memset(bin, 0, n);
int m = BN_num_bytes(bn);
BN_bn2bin(bn, bin+n-m);
@@ -463,11 +463,38 @@ void openssl_to_keys(
RSA* rp, int nbits, R_RSA_PRIVATE_KEY& priv, R_RSA_PUBLIC_KEY& pub
) {
pub.bits = nbits;
+#ifdef HAVE_OPAQUE_RSA_DSA_DH
+ BIGNUM *n;
+ BIGNUM *e;
+ BIGNUM *d;
+ BIGNUM *p;
+ BIGNUM *q;
+ BIGNUM *dmp1;
+ BIGNUM *dmq1;
+ BIGNUM *iqmp;
+ RSA_get0_key(rp, &n, &e, &d);
+ RSA_get0_factors(rp, &p, &q);
+ RSA_get0_crt_params(rp, &dmp1, &dmq1, &iqmp);
+
+ bn_to_bin(n, pub.modulus, sizeof(pub.modulus));
+ bn_to_bin(e, pub.exponent, sizeof(pub.exponent));
+#else
bn_to_bin(rp->n, pub.modulus, sizeof(pub.modulus));
bn_to_bin(rp->e, pub.exponent, sizeof(pub.exponent));
+#endif
memset(&priv, 0, sizeof(priv));
priv.bits = nbits;
+#ifdef HAVE_OPAQUE_RSA_DSA_DH
+ bn_to_bin(n, priv.modulus, sizeof(priv.modulus));
+ bn_to_bin(e, priv.publicExponent, sizeof(priv.publicExponent));
+ bn_to_bin(d, priv.exponent, sizeof(priv.exponent));
+ bn_to_bin(p, priv.prime[0], sizeof(priv.prime[0]));
+ bn_to_bin(q, priv.prime[1], sizeof(priv.prime[1]));
+ bn_to_bin(dmp1, priv.primeExponent[0], sizeof(priv.primeExponent[0]));
+ bn_to_bin(dmq1, priv.primeExponent[1], sizeof(priv.primeExponent[1]));
+ bn_to_bin(iqmp, priv.coefficient, sizeof(priv.coefficient));
+#else
bn_to_bin(rp->n, priv.modulus, sizeof(priv.modulus));
bn_to_bin(rp->e, priv.publicExponent, sizeof(priv.publicExponent));
bn_to_bin(rp->d, priv.exponent, sizeof(priv.exponent));
@@ -476,9 +503,32 @@ void openssl_to_keys(
bn_to_bin(rp->dmp1, priv.primeExponent[0], sizeof(priv.primeExponent[0]));
bn_to_bin(rp->dmq1, priv.primeExponent[1], sizeof(priv.primeExponent[1]));
bn_to_bin(rp->iqmp, priv.coefficient, sizeof(priv.coefficient));
+#endif
}
void private_to_openssl(R_RSA_PRIVATE_KEY& priv, RSA* rp) {
+#ifdef HAVE_OPAQUE_RSA_DSA_DH
+ BIGNUM *n;
+ BIGNUM *e;
+ BIGNUM *d;
+ BIGNUM *p;
+ BIGNUM *q;
+ BIGNUM *dmp1;
+ BIGNUM *dmq1;
+ BIGNUM *iqmp;
+
+ n = BN_bin2bn(priv.modulus, sizeof(priv.modulus), 0);
+ e = BN_bin2bn(priv.publicExponent, sizeof(priv.publicExponent), 0);
+ d = BN_bin2bn(priv.exponent, sizeof(priv.exponent), 0);
+ p = BN_bin2bn(priv.prime[0], sizeof(priv.prime[0]), 0);
+ q = BN_bin2bn(priv.prime[1], sizeof(priv.prime[1]), 0);
+ dmp1 = BN_bin2bn(priv.primeExponent[0], sizeof(priv.primeExponent[0]), 0);
+ dmq1 = BN_bin2bn(priv.primeExponent[1], sizeof(priv.primeExponent[1]), 0);
+ iqmp = BN_bin2bn(priv.coefficient, sizeof(priv.coefficient), 0);
+ RSA_set0_key(rp, n, e, d);
+ RSA_set0_factors(rp, p, q);
+ RSA_set0_crt_params(rp, dmp1, dmq1, iqmp);
+#else
rp->n = BN_bin2bn(priv.modulus, sizeof(priv.modulus), 0);
rp->e = BN_bin2bn(priv.publicExponent, sizeof(priv.publicExponent), 0);
rp->d = BN_bin2bn(priv.exponent, sizeof(priv.exponent), 0);
@@ -487,11 +537,22 @@ void private_to_openssl(R_RSA_PRIVATE_KEY& priv, RSA* rp) {
rp->dmp1 = BN_bin2bn(priv.primeExponent[0], sizeof(priv.primeExponent[0]), 0);
rp->dmq1 = BN_bin2bn(priv.primeExponent[1], sizeof(priv.primeExponent[1]), 0);
rp->iqmp = BN_bin2bn(priv.coefficient, sizeof(priv.coefficient), 0);
+#endif
}
void public_to_openssl(R_RSA_PUBLIC_KEY& pub, RSA* rp) {
+#ifdef HAVE_OPAQUE_RSA_DSA_DH
+ BIGNUM *n;
+ BIGNUM *e;
+ BIGNUM *d;
+ n = BN_bin2bn(pub.modulus, sizeof(pub.modulus), 0);
+ e = BN_bin2bn(pub.exponent, sizeof(pub.exponent), 0);
+ // d??? FIXME
+ RSA_set0_key(rp, n, e, d);
+#else
rp->n = BN_bin2bn(pub.modulus, sizeof(pub.modulus), 0);
rp->e = BN_bin2bn(pub.exponent, sizeof(pub.exponent), 0);
+#endif
}
static int _bn2bin(BIGNUM *from, unsigned char *to, int max) {
@@ -507,6 +568,38 @@ static int _bn2bin(BIGNUM *from, unsigned char *to, int max) {
}
int openssl_to_private(RSA *from, R_RSA_PRIVATE_KEY *to) {
+#ifdef HAVE_OPAQUE_RSA_DSA_DH
+ BIGNUM *n;
+ BIGNUM *e;
+ BIGNUM *d;
+ BIGNUM *p;
+ BIGNUM *q;
+ BIGNUM *dmp1;
+ BIGNUM *dmq1;
+ BIGNUM *iqmp;
+
+ RSA_get0_key(from, &n, &e, &d);
+ RSA_get0_factors(from, &p, &q);
+ RSA_get0_crt_params(from, &dmp1, &dmq1, &iqmp);
+
+ to->bits = BN_num_bits(n);
+ if (!_bn2bin(n,to->modulus,MAX_RSA_MODULUS_LEN))
+ return(0);
+ if (!_bn2bin(e,to->publicExponent,MAX_RSA_MODULUS_LEN))
+ return(0);
+ if (!_bn2bin(d,to->exponent,MAX_RSA_MODULUS_LEN))
+ return(0);
+ if (!_bn2bin(p,to->prime[0],MAX_RSA_PRIME_LEN))
+ return(0);
+ if (!_bn2bin(q,to->prime[1],MAX_RSA_PRIME_LEN))
+ return(0);
+ if (!_bn2bin(dmp1,to->primeExponent[0],MAX_RSA_PRIME_LEN))
+ return(0);
+ if (!_bn2bin(dmq1,to->primeExponent[1],MAX_RSA_PRIME_LEN))
+ return(0);
+ if (!_bn2bin(iqmp,to->coefficient,MAX_RSA_PRIME_LEN))
+ return(0);
+#else
to->bits = BN_num_bits(from->n);
if (!_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN))
return(0);
@@ -524,6 +617,7 @@ int openssl_to_private(RSA *from, R_RSA_PRIVATE_KEY *to) {
return(0);
if (!_bn2bin(from->iqmp,to->coefficient,MAX_RSA_PRIME_LEN))
return(0);
+#endif
return 1;
}
@@ -569,7 +663,11 @@ int check_validity_of_cert(
BIO_vfree(bio);
return 0;
}
+#ifdef HAVE_OPAQUE_EVP_PKEY
+ if (EVP_PKEY_id(pubKey) == EVP_PKEY_RSA) {
+#else
if (pubKey->type == EVP_PKEY_RSA) {
+#endif
BN_CTX *c = BN_CTX_new();
if (!c) {
X509_free(cert);
@@ -577,18 +675,33 @@ int check_validity_of_cert(
BIO_vfree(bio);
return 0;
}
+#ifdef HAVE_OPAQUE_RSA_DSA_DH
+ RSA *rsa;
+ rsa = EVP_PKEY_get0_RSA(pubKey);
+ if (!RSA_blinding_on(rsa, c)) {
+#else
if (!RSA_blinding_on(pubKey->pkey.rsa, c)) {
+#endif
X509_free(cert);
EVP_PKEY_free(pubKey);
BIO_vfree(bio);
BN_CTX_free(c);
return 0;
}
+#ifdef HAVE_OPAQUE_RSA_DSA_DH
+ retval = RSA_verify(NID_md5, md5_md, MD5_DIGEST_LENGTH, sfileMsg, sfsize, rsa);
+ RSA_blinding_off(rsa);
+#else
retval = RSA_verify(NID_md5, md5_md, MD5_DIGEST_LENGTH, sfileMsg, sfsize, pubKey->pkey.rsa);
RSA_blinding_off(pubKey->pkey.rsa);
+#endif
BN_CTX_free(c);
}
+#ifdef HAVE_OPAQUE_EVP_PKEY
+ if (EVP_PKEY_id(pubKey) == EVP_PKEY_DSA) {
+#else
if (pubKey->type == EVP_PKEY_DSA) {
+#endif
fprintf(stderr,
"%s: ERROR: DSA keys are not supported.\n",
time_to_string(dtime())
diff --git a/lib/crypt.h b/lib/crypt.h
index 022bd2a..33c62a8 100644
--- a/lib/crypt.h
+++ b/lib/crypt.h
@@ -26,6 +26,11 @@
#include <openssl/rsa.h>
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) /* OpenSSL 1.1.0+ */
+#define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
+#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
+#endif
+
#define MAX_RSA_MODULUS_BITS 1024
#define MAX_RSA_MODULUS_LEN ((MAX_RSA_MODULUS_BITS + 7) / 8)
#define MAX_RSA_PRIME_BITS ((MAX_RSA_MODULUS_BITS + 1) / 2)
diff --git a/lib/crypt_prog.cpp b/lib/crypt_prog.cpp
index 2a1eb5d..3bc2d53 100644
--- a/lib/crypt_prog.cpp
+++ b/lib/crypt_prog.cpp
@@ -125,7 +125,11 @@ int main(int argc, char** argv) {
unsigned char signature_buf[256], buf[256], buf2[256];
FILE *f, *fpriv, *fpub;
char cbuf[256];
+#ifdef HAVE_OPAQUE_RSA_DSA_DH
+ RSA *rsa_key;
+#else
RSA rsa_key;
+#endif
RSA *rsa_key_;
BIO *bio_out=NULL;
BIO *bio_err=NULL;
@@ -330,7 +334,11 @@ int main(int argc, char** argv) {
retval = scan_key_hex(fpriv, (KEY*)&private_key, sizeof(private_key));
fclose(fpriv);
if (retval) die("scan_key_hex\n");
+#ifdef HAVE_OPAQUE_RSA_DSA_DH
+ private_to_openssl(private_key, rsa_key);
+#else
private_to_openssl(private_key, &rsa_key);
+#endif
//i = PEM_write_bio_RSAPrivateKey(bio_out, &rsa_key,
// enc, NULL, 0, pass_cb, NULL);
@@ -340,7 +348,11 @@ int main(int argc, char** argv) {
// NULL, NULL, 0, pass_cb, NULL);
fpriv = fopen(argv[5], "w+");
if (!fpriv) die("fopen");
+#ifdef HAVE_OPAQUE_RSA_DSA_DH
+ PEM_write_RSAPrivateKey(fpriv, rsa_key, NULL, NULL, 0, 0, NULL);
+#else
PEM_write_RSAPrivateKey(fpriv, &rsa_key, NULL, NULL, 0, 0, NULL);
+#endif
fclose(fpriv);
//if (i == 0) {
// ERR_print_errors(bio_err);
diff --git a/lib/crypt.cpp b/lib/crypt.cpp
index cd6f04a..30db6d8 100644
--- a/lib/crypt.cpp
+++ b/lib/crypt.cpp
@@ -464,14 +464,14 @@ void openssl_to_keys(
) {
pub.bits = nbits;
#ifdef HAVE_OPAQUE_RSA_DSA_DH
- BIGNUM *n;
- BIGNUM *e;
- BIGNUM *d;
- BIGNUM *p;
- BIGNUM *q;
- BIGNUM *dmp1;
- BIGNUM *dmq1;
- BIGNUM *iqmp;
+ const BIGNUM *n;
+ const BIGNUM *e;
+ const BIGNUM *d;
+ const BIGNUM *p;
+ const BIGNUM *q;
+ const BIGNUM *dmp1;
+ const BIGNUM *dmq1;
+ const BIGNUM *iqmp;
RSA_get0_key(rp, &n, &e, &d);
RSA_get0_factors(rp, &p, &q);
RSA_get0_crt_params(rp, &dmp1, &dmq1, &iqmp);
@@ -544,18 +544,16 @@ void public_to_openssl(R_RSA_PUBLIC_KEY& pub, RSA* rp) {
#ifdef HAVE_OPAQUE_RSA_DSA_DH
BIGNUM *n;
BIGNUM *e;
- BIGNUM *d;
n = BN_bin2bn(pub.modulus, sizeof(pub.modulus), 0);
e = BN_bin2bn(pub.exponent, sizeof(pub.exponent), 0);
- // d??? FIXME
- RSA_set0_key(rp, n, e, d);
+ RSA_set0_key(rp, n, e, NULL);
#else
rp->n = BN_bin2bn(pub.modulus, sizeof(pub.modulus), 0);
rp->e = BN_bin2bn(pub.exponent, sizeof(pub.exponent), 0);
#endif
}
-static int _bn2bin(BIGNUM *from, unsigned char *to, int max) {
+static int _bn2bin(const BIGNUM *from, unsigned char *to, int max) {
int i;
i=BN_num_bytes(from);
if (i > max) {
@@ -569,14 +567,14 @@ static int _bn2bin(BIGNUM *from, unsigned char *to, int max) {
int openssl_to_private(RSA *from, R_RSA_PRIVATE_KEY *to) {
#ifdef HAVE_OPAQUE_RSA_DSA_DH
- BIGNUM *n;
- BIGNUM *e;
- BIGNUM *d;
- BIGNUM *p;
- BIGNUM *q;
- BIGNUM *dmp1;
- BIGNUM *dmq1;
- BIGNUM *iqmp;
+ const BIGNUM *n;
+ const BIGNUM *e;
+ const BIGNUM *d;
+ const BIGNUM *p;
+ const BIGNUM *q;
+ const BIGNUM *dmp1;
+ const BIGNUM *dmq1;
+ const BIGNUM *iqmp;
RSA_get0_key(from, &n, &e, &d);
RSA_get0_factors(from, &p, &q);
diff --git a/lib/crypt_prog.cpp b/lib/crypt_prog.cpp
index 3bc2d53..88d9f2d 100644
--- a/lib/crypt_prog.cpp
+++ b/lib/crypt_prog.cpp
@@ -126,7 +126,7 @@ int main(int argc, char** argv) {
FILE *f, *fpriv, *fpub;
char cbuf[256];
#ifdef HAVE_OPAQUE_RSA_DSA_DH
- RSA *rsa_key;
+ RSA *rsa_key = RSA_new();
#else
RSA rsa_key;
#endif
@@ -136,6 +136,7 @@ int main(int argc, char** argv) {
char *certpath;
bool b2o=false; // boinc key to openssl key ?
bool kpriv=false; // private key ?
+ BIGNUM *e;
if (argc == 1) {
usage();
@@ -150,7 +151,16 @@ int main(int argc, char** argv) {
n = atoi(argv[2]);
srand(random_int());
- RSA* rp = RSA_generate_key(n, 65537, 0, 0);
+ e = BN_new();
+ retval = BN_set_word(e, (unsigned long)65537);
+ if (retval != 1) {
+ die("BN_set_word");
+ }
+ RSA *rp = RSA_new();
+ retval = RSA_generate_key_ex(rp, n, e, NULL);
+ if (retval != 1) {
+ die("RSA_generate_key_ex");
+ }
openssl_to_keys(rp, n, private_key, public_key);
fpriv = fopen(argv[3], "w");
if (!fpriv) die("fopen");
diff --git a/lib/crypt.cpp b/lib/crypt.cpp
index 30db6d8..cb1f49c 100644
--- a/lib/crypt.cpp
+++ b/lib/crypt.cpp
@@ -554,15 +554,15 @@ void public_to_openssl(R_RSA_PUBLIC_KEY& pub, RSA* rp) {
}
static int _bn2bin(const BIGNUM *from, unsigned char *to, int max) {
- int i;
- i=BN_num_bytes(from);
- if (i > max) {
- return(0);
- }
- memset(to,0,(unsigned int)max);
- if (!BN_bn2bin(from,&(to[max-i])))
- return(0);
- return(1);
+ int i;
+ i=BN_num_bytes(from);
+ if (i > max) {
+ return(0);
+ }
+ memset(to,0,(unsigned int)max);
+ if (!BN_bn2bin(from,&(to[max-i])))
+ return(0);
+ return(1);
}
int openssl_to_private(RSA *from, R_RSA_PRIVATE_KEY *to) {
@@ -598,23 +598,23 @@ int openssl_to_private(RSA *from, R_RSA_PRIVATE_KEY *to) {
if (!_bn2bin(iqmp,to->coefficient,MAX_RSA_PRIME_LEN))
return(0);
#else
- to->bits = BN_num_bits(from->n);
- if (!_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN))
- return(0);
- if (!_bn2bin(from->e,to->publicExponent,MAX_RSA_MODULUS_LEN))
- return(0);
- if (!_bn2bin(from->d,to->exponent,MAX_RSA_MODULUS_LEN))
- return(0);
- if (!_bn2bin(from->p,to->prime[0],MAX_RSA_PRIME_LEN))
- return(0);
- if (!_bn2bin(from->q,to->prime[1],MAX_RSA_PRIME_LEN))
- return(0);
- if (!_bn2bin(from->dmp1,to->primeExponent[0],MAX_RSA_PRIME_LEN))
- return(0);
- if (!_bn2bin(from->dmq1,to->primeExponent[1],MAX_RSA_PRIME_LEN))
- return(0);
- if (!_bn2bin(from->iqmp,to->coefficient,MAX_RSA_PRIME_LEN))
- return(0);
+ to->bits = BN_num_bits(from->n);
+ if (!_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN))
+ return(0);
+ if (!_bn2bin(from->e,to->publicExponent,MAX_RSA_MODULUS_LEN))
+ return(0);
+ if (!_bn2bin(from->d,to->exponent,MAX_RSA_MODULUS_LEN))
+ return(0);
+ if (!_bn2bin(from->p,to->prime[0],MAX_RSA_PRIME_LEN))
+ return(0);
+ if (!_bn2bin(from->q,to->prime[1],MAX_RSA_PRIME_LEN))
+ return(0);
+ if (!_bn2bin(from->dmp1,to->primeExponent[0],MAX_RSA_PRIME_LEN))
+ return(0);
+ if (!_bn2bin(from->dmq1,to->primeExponent[1],MAX_RSA_PRIME_LEN))
+ return(0);
+ if (!_bn2bin(from->iqmp,to->coefficient,MAX_RSA_PRIME_LEN))
+ return(0);
#endif
return 1;
}
@@ -634,8 +634,8 @@ int check_validity_of_cert(
bio = BIO_new(BIO_s_file());
BIO_read_filename(bio, cFile);
if (NULL == (cert = PEM_read_bio_X509(bio, NULL, 0, NULL))) {
- BIO_vfree(bio);
- return 0;
+ BIO_vfree(bio);
+ return 0;
}
// verify certificate
store = X509_STORE_new();
@@ -668,32 +668,32 @@ int check_validity_of_cert(
#endif
BN_CTX *c = BN_CTX_new();
if (!c) {
- X509_free(cert);
- EVP_PKEY_free(pubKey);
- BIO_vfree(bio);
- return 0;
- }
+ X509_free(cert);
+ EVP_PKEY_free(pubKey);
+ BIO_vfree(bio);
+ return 0;
+ }
#ifdef HAVE_OPAQUE_RSA_DSA_DH
RSA *rsa;
rsa = EVP_PKEY_get0_RSA(pubKey);
if (!RSA_blinding_on(rsa, c)) {
#else
- if (!RSA_blinding_on(pubKey->pkey.rsa, c)) {
+ if (!RSA_blinding_on(pubKey->pkey.rsa, c)) {
#endif
- X509_free(cert);
- EVP_PKEY_free(pubKey);
- BIO_vfree(bio);
- BN_CTX_free(c);
- return 0;
- }
+ X509_free(cert);
+ EVP_PKEY_free(pubKey);
+ BIO_vfree(bio);
+ BN_CTX_free(c);
+ return 0;
+ }
#ifdef HAVE_OPAQUE_RSA_DSA_DH
retval = RSA_verify(NID_md5, md5_md, MD5_DIGEST_LENGTH, sfileMsg, sfsize, rsa);
RSA_blinding_off(rsa);
#else
- retval = RSA_verify(NID_md5, md5_md, MD5_DIGEST_LENGTH, sfileMsg, sfsize, pubKey->pkey.rsa);
- RSA_blinding_off(pubKey->pkey.rsa);
+ retval = RSA_verify(NID_md5, md5_md, MD5_DIGEST_LENGTH, sfileMsg, sfsize, pubKey->pkey.rsa);
+ RSA_blinding_off(pubKey->pkey.rsa);
#endif
- BN_CTX_free(c);
+ BN_CTX_free(c);
}
#ifdef HAVE_OPAQUE_EVP_PKEY
if (EVP_PKEY_id(pubKey) == EVP_PKEY_DSA) {
@@ -730,7 +730,7 @@ char *check_validity(
if (!of) return NULL;
MD5_Init(&md5CTX);
while (0 != (rbytes = (int)fread(rbuf, 1, sizeof(rbuf), of))) {
- MD5_Update(&md5CTX, rbuf, rbytes);
+ MD5_Update(&md5CTX, rbuf, rbytes);
}
MD5_Final(md5_md, &md5CTX);
fclose(of);
@@ -740,12 +740,12 @@ char *check_validity(
char file[MAXPATHLEN];
while (!dir_scan(file, dir, sizeof(file))) {
char fpath[MAXPATHLEN];
- snprintf(fpath, sizeof(fpath), "%s/%s", certPath, file);
+ snprintf(fpath, sizeof(fpath), "%s/%s", certPath, file);
// TODO : replace '128'
- if (check_validity_of_cert(fpath, md5_md, signature, 128, caPath)) {
- dir_close(dir);
- return strdup(fpath);
- }
+ if (check_validity_of_cert(fpath, md5_md, signature, 128, caPath)) {
+ dir_close(dir);
+ return strdup(fpath);
+ }
}
dir_close(dir);
@@ -778,7 +778,7 @@ int cert_verify_file(
if (!of) return false;
MD5_Init(&md5CTX);
while (0 != (rbytes = (int)fread(rbuf, 1, sizeof(rbuf), of))) {
- MD5_Update(&md5CTX, rbuf, rbytes);
+ MD5_Update(&md5CTX, rbuf, rbytes);
}
MD5_Final(md5_md, &md5CTX);
fclose(of);
@@ -805,10 +805,10 @@ int cert_verify_file(
bio = BIO_new(BIO_s_file());
BIO_read_filename(bio, fbuf);
if (NULL == (cert = PEM_read_bio_X509(bio, NULL, 0, NULL))) {
- BIO_vfree(bio);
+ BIO_vfree(bio);
printf("Cannot read certificate ('%s')\n", fbuf);
file_counter++;
- continue;
+ continue;
}
fflush(stdout);
subj = X509_get_subject_name(cert);
@@ -816,7 +816,7 @@ int cert_verify_file(
// ???
//X509_NAME_free(subj);
X509_free(cert);
- BIO_vfree(bio);
+ BIO_vfree(bio);
if (strcmp(buf, signatures->signatures.at(i).subject)) {
printf("Subject does not match ('%s' <-> '%s')\n", buf, signatures->signatures.at(i).subject);
file_counter++;
diff --git a/lib/crypt_prog.cpp b/lib/crypt_prog.cpp
index 88d9f2d..7174afc 100644
--- a/lib/crypt_prog.cpp
+++ b/lib/crypt_prog.cpp
@@ -62,23 +62,23 @@ void die(const char* p) {
void usage() {
fprintf(stderr,
- "Usage: crypt_prog options\n\n"
- "Options:\n\n"
- "-genkey n private_keyfile public_keyfile\n"
- " create an n-bit key pair\n"
- "-sign file private_keyfile\n"
- " create a signature for a given file, write to stdout\n"
- "-sign_string string private_keyfile\n"
- " create a signature for a given string\n"
- "-verify file signature_file public_keyfile\n"
- " verify a signature\n"
- "-test_crypt private_keyfile public_keyfile\n"
- " test encrypt/decrypt functions\n"
- "-conkey o2b/b20 priv/pub input_file output_file\n"
- " convert keys between BOINC and OpenSSL format\n"
- "-cert_verify file signature certificate_dir\n"
- " verify a signature using a directory of certificates\n"
- );
+ "Usage: crypt_prog options\n\n"
+ "Options:\n\n"
+ "-genkey n private_keyfile public_keyfile\n"
+ " create an n-bit key pair\n"
+ "-sign file private_keyfile\n"
+ " create a signature for a given file, write to stdout\n"
+ "-sign_string string private_keyfile\n"
+ " create a signature for a given string\n"
+ "-verify file signature_file public_keyfile\n"
+ " verify a signature\n"
+ "-test_crypt private_keyfile public_keyfile\n"
+ " test encrypt/decrypt functions\n"
+ "-conkey o2b/b20 priv/pub input_file output_file\n"
+ " convert keys between BOINC and OpenSSL format\n"
+ "-cert_verify file signature certificate_dir\n"
+ " verify a signature using a directory of certificates\n"
+ );
}
unsigned int random_int() {
@@ -93,7 +93,7 @@ unsigned int random_int() {
die("Can't load ADVAPI32.DLL");
}
BOOLEAN (APIENTRY *pfn)(void*, ULONG) =
- (BOOLEAN (APIENTRY *)(void*,ULONG))GetProcAddress(hLib,"SystemFunction036");
+ (BOOLEAN (APIENTRY *)(void*,ULONG))GetProcAddress(hLib,"SystemFunction036");
if (pfn) {
char buff[32];
ULONG ulCbBuff = sizeof(buff);
@@ -131,7 +131,7 @@ int main(int argc, char** argv) {
RSA rsa_key;
#endif
RSA *rsa_key_;
- BIO *bio_out=NULL;
+ BIO *bio_out=NULL;
BIO *bio_err=NULL;
char *certpath;
bool b2o=false; // boinc key to openssl key ?
@@ -214,8 +214,8 @@ int main(int argc, char** argv) {
retval = md5_file(argv[2], md5_buf, size);
if (retval) die("md5_file");
retval = check_file_signature(
- md5_buf, public_key, signature, is_valid
- );
+ md5_buf, public_key, signature, is_valid
+ );
if (retval) die("check_file_signature");
if (is_valid) {
printf("file is valid\n");
@@ -262,9 +262,9 @@ int main(int argc, char** argv) {
printf("siganture verified using certificate '%s'.\n\n", certpath);
free(certpath);
}
- // this converts, but an executable signed with sign_executable,
- // and signature converted to OpenSSL format cannot be verified with
- // OpenSSL
+ // this converts, but an executable signed with sign_executable,
+ // and signature converted to OpenSSL format cannot be verified with
+ // OpenSSL
} else if (!strcmp(argv[1], "-convsig")) {
if (argc < 5) {
usage();
@@ -320,18 +320,18 @@ int main(int argc, char** argv) {
die("either 'pub' or 'priv' must be defined for -convkey\n");
}
OpenSSL_add_all_algorithms();
- ERR_load_crypto_strings();
- ENGINE_load_builtin_engines();
- if (bio_err == NULL) {
- bio_err = BIO_new_fp(stdout, BIO_NOCLOSE);
+ ERR_load_crypto_strings();
+ ENGINE_load_builtin_engines();
+ if (bio_err == NULL) {
+ bio_err = BIO_new_fp(stdout, BIO_NOCLOSE);
}
//enc=EVP_get_cipherbyname("des");
//if (enc == NULL)
// die("could not get cypher.\n");
// no encription yet.
bio_out=BIO_new(BIO_s_file());
- if (BIO_write_filename(bio_out,argv[5]) <= 0) {
- perror(argv[5]);
+ if (BIO_write_filename(bio_out,argv[5]) <= 0) {
+ perror(argv[5]);
die("could not create output file.\n");
}
if (b2o) {
@@ -351,11 +351,11 @@ int main(int argc, char** argv) {
#endif
//i = PEM_write_bio_RSAPrivateKey(bio_out, &rsa_key,
- // enc, NULL, 0, pass_cb, NULL);
- // no encryption yet.
-
+ // enc, NULL, 0, pass_cb, NULL);
+ // no encryption yet.
+
//i = PEM_write_bio_RSAPrivateKey(bio_out, &rsa_key,
- // NULL, NULL, 0, pass_cb, NULL);
+ // NULL, NULL, 0, pass_cb, NULL);
fpriv = fopen(argv[5], "w+");
if (!fpriv) die("fopen");
#ifdef HAVE_OPAQUE_RSA_DSA_DH
@@ -364,10 +364,10 @@ int main(int argc, char** argv) {
PEM_write_RSAPrivateKey(fpriv, &rsa_key, NULL, NULL, 0, 0, NULL);
#endif
fclose(fpriv);
- //if (i == 0) {
+ //if (i == 0) {
// ERR_print_errors(bio_err);
// die("could not write key file.\n");
- //}
+ //}
} else {
fpub = fopen(argv[4], "r");
if (!fpub) {
@@ -381,11 +381,11 @@ int main(int argc, char** argv) {
die("fopen");
}
public_to_openssl(public_key, rsa_key_);
- i = PEM_write_RSA_PUBKEY(fpub, rsa_key_);
- if (i == 0) {
+ i = PEM_write_RSA_PUBKEY(fpub, rsa_key_);
+ if (i == 0) {
ERR_print_errors(bio_err);
die("could not write key file.\n");
- }
+ }
fclose(fpub);
}
} else {
diff --git a/lib/crypt_prog.cpp b/lib/crypt_prog.cpp
index 7174afc..8cfffc2 100644
--- a/lib/crypt_prog.cpp
+++ b/lib/crypt_prog.cpp
@@ -74,7 +74,7 @@ void usage() {
" verify a signature\n"
"-test_crypt private_keyfile public_keyfile\n"
" test encrypt/decrypt functions\n"
- "-conkey o2b/b20 priv/pub input_file output_file\n"
+ "-convkey o2b/b2o priv/pub input_file output_file\n"
" convert keys between BOINC and OpenSSL format\n"
"-cert_verify file signature certificate_dir\n"
" verify a signature using a directory of certificates\n"