diff options
| author |  allen clement <agc@google.com> | 2017-06-14 09:46:41 +0200 |
|---|---|---|
| committer | allen clement <agc@google.com> | 2017-06-14 10:04:43 +0200 |
| commit | 2f604727f7665f349ff5e867fa036cb33f37cb46 (patch) | |
| tree | 64dc83fb2340a8edf690211670a31a1d72838c89 /src/core/lib/security/credentials | |
| parent | 351506688d0afaa3d03764b6d2445c33eb1592a4 (diff) | |
Adding a wrapper function to src/core/lib/security/credentials/jwt/jwt_verifier.c in order to partially resolve https://github.com/grpc/grpc/issues/10589.
There are a total of four files require modification and this is the only one in which a wrapper-type function is necessary.
Diffstat (limited to 'src/core/lib/security/credentials')
| -rw-r--r-- | src/core/lib/security/credentials/jwt/jwt_verifier.c | 46 |
1 files changed, 41 insertions, 5 deletions
diff --git a/src/core/lib/security/credentials/jwt/jwt_verifier.c b/src/core/lib/security/credentials/jwt/jwt_verifier.c index 8c747085bb..23607b30ff 100644 --- a/src/core/lib/security/credentials/jwt/jwt_verifier.c +++ b/src/core/lib/security/credentials/jwt/jwt_verifier.c @@ -462,6 +462,36 @@ static BIGNUM *bignum_from_base64(grpc_exec_ctx *exec_ctx, const char *b64) { return result; } +#if OPENSSL_VERSION_NUMBER < 0x10100000L + +// Provide compatibility across OpenSSL 1.02 and 1.1. +int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) +{ + /* If the fields n and e in r are NULL, the corresponding input + * parameters MUST be non-NULL for n and e. d may be + * left NULL (in case only the public key is used). + */ + if ((r->n == NULL && n == NULL) + || (r->e == NULL && e == NULL)) + return 0; + + if (n != NULL) { + BN_free(r->n); + r->n = n; + } + if (e != NULL) { + BN_free(r->e); + r->e = e; + } + if (d != NULL) { + BN_free(r->d); + r->d = d; + } + + return 1; +} +#endif + static EVP_PKEY *pkey_from_jwk(grpc_exec_ctx *exec_ctx, const grpc_json *json, const char *kty) { const grpc_json *key_prop; @@ -478,18 +508,24 @@ static EVP_PKEY *pkey_from_jwk(grpc_exec_ctx *exec_ctx, const grpc_json *json, gpr_log(GPR_ERROR, "Could not create rsa key."); goto end; } + BIGNUM *tmp_n = NULL; + BIGNUM *tmp_e = NULL; for (key_prop = json->child; key_prop != NULL; key_prop = key_prop->next) { if (strcmp(key_prop->key, "n") == 0) { - rsa->n = + tmp_n = bignum_from_base64(exec_ctx, validate_string_field(key_prop, "n")); - if (rsa->n == NULL) goto end; + if (tmp_n == NULL) goto end; } else if (strcmp(key_prop->key, "e") == 0) { - rsa->e = + tmp_e = bignum_from_base64(exec_ctx, validate_string_field(key_prop, "e")); - if (rsa->e == NULL) goto end; + if (tmp_e == NULL) goto end; } } - if (rsa->e == NULL || rsa->n == NULL) { + if (tmp_e == NULL || tmp_n == NULL) { + gpr_log(GPR_ERROR, "Missing RSA public key field."); + goto end; + } + if (!RSA_set0_key(rsa, tmp_n, tmp_e, NULL)) { gpr_log(GPR_ERROR, "Missing RSA public key field."); goto end; } |