summaryrefslogtreecommitdiffstats
path: root/src/3rdparty
diff options
context:
space:
mode:
Diffstat (limited to 'src/3rdparty')
-rw-r--r--src/3rdparty/open62541/open62541.c108
-rw-r--r--src/3rdparty/open62541/open62541.h8
-rw-r--r--src/3rdparty/open62541/patches/0001-feat-plugin-Add-OpenSSL-3.0-support-5349.patch282
3 files changed, 53 insertions, 345 deletions
diff --git a/src/3rdparty/open62541/open62541.c b/src/3rdparty/open62541/open62541.c
index c3692d3..11f9ef9 100644
--- a/src/3rdparty/open62541/open62541.c
+++ b/src/3rdparty/open62541/open62541.c
@@ -1,6 +1,6 @@
/* THIS IS A SINGLE-FILE DISTRIBUTION CONCATENATED FROM THE OPEN62541 SOURCES
* visit http://open62541.org/ for information about this software
- * Git-Revision: v1.3.3
+ * Git-Revision: v1.3.4
*/
/*
@@ -56356,19 +56356,19 @@ UA_NODEID_NUMERIC(ns[0], 0LU),
UA_QUALIFIEDNAME(ns[0], "Optional"),
UA_NODEID_NUMERIC(ns[0], 77LU),
(const UA_NodeAttributes*)&attr, &UA_TYPES[UA_TYPES_OBJECTATTRIBUTES],NULL, NULL);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11570LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11574LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11573LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11551LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11572LU), false);
retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11569LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2366LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2371LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11571LU), false);
retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11567LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11574LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11573LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11570LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 3190LU), false);
retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11565LU), false);
retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2367LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 3190LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11571LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2371LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11572LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11551LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2366LU), false);
retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 80LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2370LU), false);
return retVal;
}
@@ -56426,25 +56426,25 @@ UA_NODEID_NUMERIC(ns[0], 0LU),
UA_QUALIFIEDNAME(ns[0], "Mandatory"),
UA_NODEID_NUMERIC(ns[0], 77LU),
(const UA_NodeAttributes*)&attr, &UA_TYPES[UA_TYPES_OBJECTATTRIBUTES],NULL, NULL);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2374LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2369LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2050LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 12169LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 7611LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2042LU), false);
retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2046LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2375LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2044LU), false);
retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 12078LU), false);
retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2035LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2051LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2050LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2043LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2375LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 7611LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2374LU), false);
retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2045LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11461LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2369LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2042LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2047LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2377LU), false);
retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11241LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 12169LU), false);
+retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2051LU), false);
retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2011LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2377LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2047LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 11461LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2044LU), false);
-retVal |= UA_Server_addReference(server, UA_NODEID_NUMERIC(ns[0], 78LU), UA_NODEID_NUMERIC(ns[0], 37LU), UA_EXPANDEDNODEID_NUMERIC(ns[0], 2043LU), false);
return retVal;
}
@@ -62850,16 +62850,28 @@ UA_OpenSSL_Encrypt (const UA_ByteString * iv,
ret = UA_STATUSCODE_BADINTERNALERROR;
goto errout;
}
+
+ /* Disable padding. Padding is done in the stack before calling encryption.
+ * Ensure that we have a multiple of the block size */
+ if(data->length % (size_t)EVP_CIPHER_CTX_block_size(ctx)) {
+ ret = UA_STATUSCODE_BADINTERNALERROR;
+ goto errout;
+ }
+ opensslRet = EVP_CIPHER_CTX_set_padding(ctx, 0);
+ if (opensslRet != 1) {
+ ret = UA_STATUSCODE_BADINTERNALERROR;
+ goto errout;
+ }
+
+ /* Encrypt the data */
opensslRet = EVP_EncryptUpdate (ctx, data->data, &outLen,
plainTxt.data, (int) plainTxt.length);
if (opensslRet != 1) {
ret = UA_STATUSCODE_BADINTERNALERROR;
goto errout;
}
- /*
- * Buffer passed to EVP_EncryptFinal() must be after data just
- * encrypted to avoid overwriting it.
- */
+
+ /* Encrypt-final does nothing as padding is disabled */
opensslRet = EVP_EncryptFinal_ex(ctx, data->data + outLen, &tmpLen);
if (opensslRet != 1) {
ret = UA_STATUSCODE_BADINTERNALERROR;
@@ -63083,6 +63095,8 @@ EVP_PKEY *
UA_OpenSSL_LoadPrivateKey(const UA_ByteString *privateKey) {
const unsigned char * pkData = privateKey->data;
long len = (long) privateKey->length;
+ if(len == 0)
+ return NULL;
EVP_PKEY *result = NULL;
@@ -66455,9 +66469,11 @@ UA_CertificateVerification_Verify (void * verificationContext,
ret = UA_STATUSCODE_BADINTERNALERROR;
goto cleanup;
}
-
- (void) X509_STORE_CTX_set0_trusted_stack (storeCtx, ctx->skTrusted);
-
+#if defined(OPENSSL_API_COMPAT) && OPENSSL_API_COMPAT < 0x10100000L
+ (void) X509_STORE_CTX_trusted_stack (storeCtx, ctx->skTrusted);
+#else
+ (void) X509_STORE_CTX_set0_trusted_stack (storeCtx, ctx->skTrusted);
+#endif
/* Set crls to ctx */
if (sk_X509_CRL_num (ctx->skCrls) > 0) {
@@ -66564,14 +66580,6 @@ cleanup:
}
static UA_StatusCode
-UA_VerifyCertificateAllowAll (void * verificationContext,
- const UA_ByteString * certificate) {
- (void) verificationContext;
- (void) certificate;
- return UA_STATUSCODE_GOOD;
-}
-
-static UA_StatusCode
UA_CertificateVerification_VerifyApplicationURI (void * verificationContext,
const UA_ByteString * certificate,
const UA_String * applicationURI) {
@@ -66656,10 +66664,7 @@ UA_CertificateVerification_Trustlist(UA_CertificateVerification * cv,
cv->verifyApplicationURI = UA_CertificateVerification_VerifyApplicationURI;
cv->clear = UA_CertificateVerification_clear;
cv->context = context;
- if (certificateTrustListSize > 0)
- cv->verifyCertificate = UA_CertificateVerification_Verify;
- else
- cv->verifyCertificate = UA_VerifyCertificateAllowAll;
+ cv->verifyCertificate = UA_CertificateVerification_Verify;
if (certificateTrustListSize > 0) {
if (UA_skTrusted_Cert2X509 (certificateTrustList, certificateTrustListSize,
@@ -66715,13 +66720,7 @@ UA_CertificateVerification_CertFolders(UA_CertificateVerification * cv,
cv->verifyApplicationURI = UA_CertificateVerification_VerifyApplicationURI;
cv->clear = UA_CertificateVerification_clear;
cv->context = context;
- if(trustListFolder == NULL &&
- issuerListFolder == NULL &&
- revocationListFolder == NULL) {
- cv->verifyCertificate = UA_VerifyCertificateAllowAll;
- } else {
- cv->verifyCertificate = UA_CertificateVerification_Verify;
- }
+ cv->verifyCertificate = UA_CertificateVerification_Verify;
/* Only set the folder paths. They will be reloaded during runtime. */
@@ -70389,12 +70388,6 @@ reloadCertificates(CertInfo *ci) {
#endif
static UA_StatusCode
-certificateVerification_allow(void *verificationContext,
- const UA_ByteString *certificate) {
- return UA_STATUSCODE_GOOD;
-}
-
-static UA_StatusCode
certificateVerification_verify(void *verificationContext,
const UA_ByteString *certificate) {
CertInfo *ci = (CertInfo*)verificationContext;
@@ -70691,10 +70684,7 @@ UA_CertificateVerification_Trustlist(UA_CertificateVerification *cv,
mbedtls_x509_crt_init(&ci->certificateIssuerList);
cv->context = (void*)ci;
- if(certificateTrustListSize > 0)
- cv->verifyCertificate = certificateVerification_verify;
- else
- cv->verifyCertificate = certificateVerification_allow;
+ cv->verifyCertificate = certificateVerification_verify;
cv->clear = certificateVerification_clear;
cv->verifyApplicationURI = certificateVerification_verifyApplicationURI;
diff --git a/src/3rdparty/open62541/open62541.h b/src/3rdparty/open62541/open62541.h
index 185fa6d..bb22e32 100644
--- a/src/3rdparty/open62541/open62541.h
+++ b/src/3rdparty/open62541/open62541.h
@@ -1,6 +1,6 @@
/* THIS IS A SINGLE-FILE DISTRIBUTION CONCATENATED FROM THE OPEN62541 SOURCES
* visit http://open62541.org/ for information about this software
- * Git-Revision: v1.3.3
+ * Git-Revision: v1.3.4
*/
/*
@@ -30,10 +30,10 @@
* ----------------- */
#define UA_OPEN62541_VER_MAJOR 1
#define UA_OPEN62541_VER_MINOR 3
-#define UA_OPEN62541_VER_PATCH 3
+#define UA_OPEN62541_VER_PATCH 4
#define UA_OPEN62541_VER_LABEL "" /* Release candidate label, etc. */
-#define UA_OPEN62541_VER_COMMIT "v1.3.3"
-#define UA_OPEN62541_VERSION "v1.3.3"
+#define UA_OPEN62541_VER_COMMIT "v1.3.4"
+#define UA_OPEN62541_VERSION "v1.3.4"
/**
* Feature Options
diff --git a/src/3rdparty/open62541/patches/0001-feat-plugin-Add-OpenSSL-3.0-support-5349.patch b/src/3rdparty/open62541/patches/0001-feat-plugin-Add-OpenSSL-3.0-support-5349.patch
deleted file mode 100644
index a20d56b..0000000
--- a/src/3rdparty/open62541/patches/0001-feat-plugin-Add-OpenSSL-3.0-support-5349.patch
+++ /dev/null
@@ -1,282 +0,0 @@
-From 7dbde94a813acac866e7964ecc868d2f70076510 Mon Sep 17 00:00:00 2001
-From: Bin Lan <Bin.Lan@windriver.com>
-Date: Tue, 27 Sep 2022 21:45:38 +0800
-Subject: [PATCH] feat(plugin): Add OpenSSL 3.0 support (#5349)
-
-* Add OpenSSL3.0 support
-
-This change set adds a new function UA_OpenSSL_RSA_Key_Size() to get
-the RSA key size, re-writes the function
-UA_Openssl_RSA_Private_Decrypt() by using the high level APIs of
-OpenSSL3.0, add a new function UA_RSA_Generate_Key() to generate
-a RSA key.
-
-No build warning with OpenSSL3.0 and OpenSSL1.1.1f.
-
-* Build & Test with OpenSSL3.0 in Ubuntu22.04
----
- .github/workflows/build_ubuntu2204.yml | 29 ++++++++
- .../openssl/securitypolicy_openssl_common.c | 68 ++++++++++++++-----
- .../openssl/ua_openssl_create_certificate.c | 28 +++++++-
- 3 files changed, 104 insertions(+), 21 deletions(-)
- create mode 100644 .github/workflows/build_ubuntu2204.yml
-
-diff --git a/.github/workflows/build_ubuntu2204.yml b/.github/workflows/build_ubuntu2204.yml
-new file mode 100644
-index 00000000..216c0665
---- /dev/null
-+++ b/.github/workflows/build_ubuntu2204.yml
-@@ -0,0 +1,29 @@
-+name: Linux Build & Test with OpenSSL3.0
-+
-+on: [push, pull_request]
-+
-+jobs:
-+ build:
-+ strategy:
-+ fail-fast: false
-+ matrix:
-+ include:
-+ - build_name: "Encryption (OpenSSL3.0) Build & Unit Tests (gcc)"
-+ cmd_deps: sudo apt-get install -y -qq openssl
-+ cmd_action: unit_tests_encryption OPENSSL
-+ name: ${{matrix.build_name}}
-+ runs-on: ubuntu-22.04
-+ steps:
-+ - uses: actions/checkout@v2
-+ with:
-+ submodules: true
-+ - name: Install Dependencies
-+ run: |
-+ sudo apt-get update
-+ sudo apt-get install -y -qq python3-sphinx graphviz check
-+ ${{ matrix.cmd_deps }}
-+ - name: ${{matrix.build_name}}
-+ run: source tools/ci.sh && ${{matrix.cmd_action}}
-+ env:
-+ ETHERNET_INTERFACE: eth0
-+
-diff --git a/plugins/crypto/openssl/securitypolicy_openssl_common.c b/plugins/crypto/openssl/securitypolicy_openssl_common.c
-index 3b8d5711..78118ed2 100644
---- a/plugins/crypto/openssl/securitypolicy_openssl_common.c
-+++ b/plugins/crypto/openssl/securitypolicy_openssl_common.c
-@@ -4,6 +4,7 @@
- *
- * Copyright 2020 (c) Wind River Systems, Inc.
- * Copyright 2020 (c) basysKom GmbH
-+ * Copyright 2022 (c) Wind River Systems, Inc.
- */
-
- /*
-@@ -30,6 +31,8 @@ modification history
- #include "ua_openssl_version_abstraction.h"
-
- #define SHA1_DIGEST_LENGTH 20 /* 160 bits */
-+#define RSA_DECRYPT_BUFFER_LENGTH 2048 /* bytes */
-+
-
- /** P_SHA256 Context */
- typedef struct UA_Openssl_P_SHA256_Ctx_ {
-@@ -73,6 +76,14 @@ UA_Openssl_Init (void) {
- #endif
- }
-
-+static int UA_OpenSSL_RSA_Key_Size (EVP_PKEY * key){
-+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
-+ return EVP_PKEY_get_size (key);
-+#else
-+ return RSA_size (get_pkey_rsa(key));
-+#endif
-+}
-+
- /* UA_copyCertificate - allocalte the buffer, copy the certificate and
- * add a NULL to the end
- */
-@@ -192,8 +203,8 @@ UA_Openssl_X509_GetCertificateThumbprint (const UA_ByteString * certficate,
- }
-
- static UA_StatusCode
--UA_Openssl_RSA_Private_Decrypt (UA_ByteString * data,
-- EVP_PKEY * privateKey,
-+UA_Openssl_RSA_Private_Decrypt (UA_ByteString * data,
-+ EVP_PKEY * privateKey,
- UA_Int16 padding) {
- if (data == NULL || privateKey == NULL) {
- return UA_STATUSCODE_BADINVALIDARGUMENT;
-@@ -203,27 +214,49 @@ UA_Openssl_RSA_Private_Decrypt (UA_ByteString * data,
- return UA_STATUSCODE_BADINVALIDARGUMENT;
- }
-
-- UA_Int32 keySize = RSA_size(get_pkey_rsa(privateKey));
-+ size_t keySize = (size_t) UA_OpenSSL_RSA_Key_Size (privateKey);
- size_t cipherOffset = 0;
- size_t outOffset = 0;
-- unsigned char buf[2048];
-- UA_Int32 decryptedBytes;
-+ unsigned char buf[RSA_DECRYPT_BUFFER_LENGTH];
-+ size_t decryptedBytes;
-+ EVP_PKEY_CTX * ctx;
-+ int opensslRet;
-+
-+ ctx = EVP_PKEY_CTX_new (privateKey, NULL);
-+ if (ctx == NULL) {
-+ return UA_STATUSCODE_BADOUTOFMEMORY;
-+ }
-+ opensslRet = EVP_PKEY_decrypt_init (ctx);
-+ if (opensslRet != 1)
-+ {
-+ EVP_PKEY_CTX_free (ctx);
-+ return UA_STATUSCODE_BADINTERNALERROR;
-+ }
-+ opensslRet = EVP_PKEY_CTX_set_rsa_padding (ctx, padding);
-+ if (opensslRet != 1) {
-+ EVP_PKEY_CTX_free (ctx);
-+ return UA_STATUSCODE_BADINTERNALERROR;
-+ }
-
- while (cipherOffset < data->length) {
-- decryptedBytes = RSA_private_decrypt (keySize,
-- data->data + cipherOffset, /* what to decrypt */
-+ decryptedBytes = RSA_DECRYPT_BUFFER_LENGTH;
-+ opensslRet = EVP_PKEY_decrypt (ctx,
- buf, /* where to decrypt */
-- get_pkey_rsa(privateKey), /* private key */
-- padding
-+ &decryptedBytes,
-+ data->data + cipherOffset, /* what to decrypt */
-+ keySize
- );
-- if (decryptedBytes < 0) {
-+ if (opensslRet != 1) {
-+ EVP_PKEY_CTX_free (ctx);
- return UA_STATUSCODE_BADSECURITYCHECKSFAILED;
- }
-- memcpy(data->data + outOffset, buf, (size_t) decryptedBytes);
-+ (void) memcpy(data->data + outOffset, buf, decryptedBytes);
- cipherOffset += (size_t) keySize;
-- outOffset += (size_t) decryptedBytes;
-+ outOffset += decryptedBytes;
- }
- data->length = outOffset;
-+ EVP_PKEY_CTX_free (ctx);
-+
- return UA_STATUSCODE_GOOD;
- }
-
-@@ -249,7 +282,6 @@ UA_Openssl_RSA_Public_Encrypt (const UA_ByteString * message,
- size_t encryptedPos = 0;
- size_t bytesToEncrypt = 0;
- size_t encryptedBlockSize = 0;
-- RSA * rsa = NULL;
- size_t keySize = 0;
-
- evpPublicKey = X509_get_pubkey (publicX509);
-@@ -274,8 +306,8 @@ UA_Openssl_RSA_Public_Encrypt (const UA_ByteString * message,
- }
-
- /* get the encrypted block size */
-- rsa = get_pkey_rsa (evpPublicKey);
-- keySize = (size_t) RSA_size (rsa);
-+
-+ keySize = (size_t) UA_OpenSSL_RSA_Key_Size (evpPublicKey);
- if (keySize == 0) {
- ret = UA_STATUSCODE_BADINTERNALERROR;
- goto errout;
-@@ -435,8 +467,8 @@ UA_Openssl_RSA_Public_GetKeyLength (X509 * publicKeyX509,
- if (evpKey == NULL) {
- return UA_STATUSCODE_BADINTERNALERROR;
- }
-- RSA * rsa = get_pkey_rsa (evpKey);
-- *keyLen = RSA_size(rsa);
-+ *keyLen = UA_OpenSSL_RSA_Key_Size (evpKey);
-+
- EVP_PKEY_free (evpKey);
-
- return UA_STATUSCODE_GOOD;
-@@ -448,7 +480,7 @@ UA_Openssl_RSA_Private_GetKeyLength (EVP_PKEY * privateKey,
- if (privateKey == NULL) {
- return UA_STATUSCODE_BADINVALIDARGUMENT;
- }
-- *keyLen = RSA_size(get_pkey_rsa(privateKey));
-+ *keyLen = UA_OpenSSL_RSA_Key_Size (privateKey);
-
- return UA_STATUSCODE_GOOD;
- }
-diff --git a/plugins/crypto/openssl/ua_openssl_create_certificate.c b/plugins/crypto/openssl/ua_openssl_create_certificate.c
-index 4b07e886..0ea63f95 100644
---- a/plugins/crypto/openssl/ua_openssl_create_certificate.c
-+++ b/plugins/crypto/openssl/ua_openssl_create_certificate.c
-@@ -3,6 +3,7 @@
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * Copyright 2021 (c) Christian von Arnim, ISW University of Stuttgart (for VDW and umati)
-+ * Copyright 2022 (c) Wind River Systems, Inc.
- *
- */
-
-@@ -81,6 +82,16 @@ add_x509V3ext(X509 *x509, int nid, const char *value) {
- return UA_STATUSCODE_GOOD;
- }
-
-+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
-+
-+/* generate the RSA key */
-+
-+static EVP_PKEY * UA_RSA_Generate_Key (size_t keySizeBits){
-+ return EVP_RSA_gen(keySizeBits);
-+}
-+
-+#endif
-+
- UA_StatusCode
- UA_CreateCertificate(const UA_Logger *logger,
- const UA_String *subject, size_t subjectSize,
-@@ -109,11 +120,18 @@ UA_CreateCertificate(const UA_Logger *logger,
-
- UA_StatusCode errRet = UA_STATUSCODE_GOOD;
-
-+ X509 *x509 = X509_new();
-+
-+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
-+ EVP_PKEY *pkey = UA_RSA_Generate_Key(keySizeBits);
-+ if((pkey == NULL) || (x509 == NULL)) {
-+ errRet = UA_STATUSCODE_BADOUTOFMEMORY;
-+ goto cleanup;
-+ }
-+#else
- BIGNUM *exponent = BN_new();
- EVP_PKEY *pkey = EVP_PKEY_new();
-- X509 *x509 = X509_new();
- RSA *rsa = RSA_new();
--
- if(!pkey || !x509 || !exponent || !rsa) {
- errRet = UA_STATUSCODE_BADOUTOFMEMORY;
- goto cleanup;
-@@ -145,6 +163,8 @@ UA_CreateCertificate(const UA_Logger *logger,
- /* rsa will be freed by pkey */
- rsa = NULL;
-
-+#endif /* end of OPENSSL_VERSION_NUMBER >= 0x30000000L */
-+
- /* x509v3 has version 2
- * (https://www.openssl.org/docs/man1.1.0/man3/X509_set_version.html) */
- if(X509_set_version(x509, 2) != 1) {
-@@ -351,12 +371,14 @@ UA_CreateCertificate(const UA_Logger *logger,
-
- cleanup:
- UA_String_clear(&fullAltSubj);
-+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
- RSA_free(rsa);
-+ BN_free(exponent);
-+#endif
- X509_free(x509);
- EVP_PKEY_free(pkey);
- BIO_free(memCert);
- BIO_free(memPKey);
-- BN_free(exponent);
- return errRet;
- }
-
---
-2.34.1
-
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 16:49:27 +0000