bin/118902: wrong signatures in d2i_RSAPublicKey man pages
Pietro Cerutti
gahr at gahr.ch
Thu Dec 20 12:40:01 PST 2007
>Number: 118902
>Category: bin
>Synopsis: wrong signatures in d2i_RSAPublicKey man pages
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Dec 20 20:40:00 UTC 2007
>Closed-Date:
>Last-Modified:
>Originator: Pietro Cerutti
>Release: FreeBSD 8.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD 8.0-CURRENT #18: Tue Dec 18 12:48:22 CET 2007
root at gahrtop.localhost:/usr/obj/usr/src/sys/MSI1034
>Description:
the signatures for the following functions:
d2i_RSAPublicKey
d2i_RSA_PUBKEY
d2i_RSAPrivateKey
d2i_Netscape_RSA
are wrong in our man pages.
They all specify the second argument as
unsigned char **
where it should actually be
const unsigned char **
Please have a look at the definition of d2i_RSA_PUBKEY at
crypto/openssl/crypto/asn1/x_pubkey.c:416
and consider the program below:
> cat d2i_test.c
#include <openssl/rsa.h>
#include <openssl/x509.h>
int main(void)
{
RSA *rsa;
const unsigned char *const_p;
unsigned char *p;
/*
* Using unsigned char, as per MAN page
*/
rsa = d2i_RSAPublicKey(NULL, &p, 0L); /* :13 */
rsa = d2i_RSA_PUBKEY(NULL, &p, 0L); /* :14 */
rsa = d2i_RSAPrivateKey(NULL, &p, 0L); /* :15 */
rsa = d2i_Netscape_RSA(NULL, &p, 0L, NULL); /* :16 */
/*
* Using const unsigned char
*/
rsa = d2i_RSAPublicKey(NULL, &const_p, 0L); /* :21 */
rsa = d2i_RSA_PUBKEY(NULL, &const_p, 0L); /* :22 */
rsa = d2i_RSAPrivateKey(NULL, &const_p, 0L); /* :23 */
rsa = d2i_Netscape_RSA(NULL, &const_p, 0L, NULL); /* :24 */
return (0);
}
> gcc -Wall -lssl d2i_test.c
d2i_test.c: In function 'main':
d2i_test.c:13: warning: passing argument 2 of 'd2i_RSAPublicKey' from incompatible pointer type
d2i_test.c:14: warning: passing argument 2 of 'd2i_RSA_PUBKEY' from incompatible pointer type
d2i_test.c:15: warning: passing argument 2 of 'd2i_RSAPrivateKey' from incompatible pointer type
d2i_test.c:16: warning: passing argument 2 of 'd2i_Netscape_RSA' from incompatible pointer type
The patch below fixes the man pages and the files under /usr/src using these functions.
>How-To-Repeat:
>Fix:
--- _d2i_RSAPublicKey.3.diff begins here ---
--- secure/lib/libcrypto/man/d2i_RSAPublicKey.3.orig 2007-12-20 21:07:05.000000000 +0100
+++ secure/lib/libcrypto/man/d2i_RSAPublicKey.3 2007-12-20 21:07:43.000000000 +0100
@@ -142,7 +142,7 @@
.Ve
.PP
.Vb 1
-\& RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
+\& RSA * d2i_RSAPublicKey(RSA **a, const unsigned char **pp, long length);
.Ve
.PP
.Vb 1
@@ -150,7 +150,7 @@
.Ve
.PP
.Vb 1
-\& RSA * d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, long length);
+\& RSA * d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
.Ve
.PP
.Vb 1
@@ -158,7 +158,7 @@
.Ve
.PP
.Vb 1
-\& RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
+\& RSA * d2i_RSAPrivateKey(RSA **a, const unsigned char **pp, long length);
.Ve
.PP
.Vb 1
@@ -166,11 +166,11 @@
.Ve
.PP
.Vb 1
-\& int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
+\& RSA * d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)());
.Ve
.PP
.Vb 1
-\& RSA * d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
+\& int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
--- crypto/openssl/apps/apps.c.orig 2007-12-20 21:16:59.000000000 +0100
+++ crypto/openssl/apps/apps.c 2007-12-20 21:17:33.000000000 +0100
@@ -1021,7 +1021,7 @@
goto error;
}
}
- p=(unsigned char *)buf->data;
+ p=buf->data;
rsa = d2i_RSA_NET(NULL,&p,(long)size,NULL,
(format == FORMAT_IISSGC ? 1 : 0));
if (rsa == NULL)
--- crypto/openssl/crypto/asn1/d2i_pr.c.orig 2007-12-20 21:20:02.000000000 +0100
+++ crypto/openssl/crypto/asn1/d2i_pr.c 2007-12-20 21:21:26.000000000 +0100
@@ -94,7 +94,7 @@
#ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,
- (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
+ pp,length)) == NULL) /* TMP UGLY CAST */
{
ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
goto err;
@@ -104,7 +104,7 @@
#ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:
if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,
- (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
+ pp,length)) == NULL) /* TMP UGLY CAST */
{
ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
goto err;
@@ -114,7 +114,7 @@
#ifndef OPENSSL_NO_EC
case EVP_PKEY_EC:
if ((ret->pkey.ec = d2i_ECPrivateKey(NULL,
- (const unsigned char **)pp, length)) == NULL)
+ pp, length)) == NULL)
{
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
goto err;
--- crypto/openssl/crypto/asn1/d2i_pu.c.orig 2007-12-20 21:22:43.000000000 +0100
+++ crypto/openssl/crypto/asn1/d2i_pu.c 2007-12-20 21:23:07.000000000 +0100
@@ -94,7 +94,7 @@
#ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,
- (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
+ pp,length)) == NULL) /* TMP UGLY CAST */
{
ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
goto err;
@@ -104,7 +104,7 @@
#ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:
if (!d2i_DSAPublicKey(&(ret->pkey.dsa),
- (const unsigned char **)pp,length)) /* TMP UGLY CAST */
+ pp,length)) /* TMP UGLY CAST */
{
ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
goto err;
@@ -114,7 +114,7 @@
#ifndef OPENSSL_NO_EC
case EVP_PKEY_EC:
if (!o2i_ECPublicKey(&(ret->pkey.ec),
- (const unsigned char **)pp, length))
+ pp, length))
{
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
goto err;
--- crypto/openssl/demos/eay/loadrsa.c.orig 2007-12-20 21:28:15.000000000 +0100
+++ crypto/openssl/demos/eay/loadrsa.c 2007-12-20 21:28:26.000000000 +0100
@@ -23,7 +23,7 @@
{
RSA *rsa,*pub_rsa,*priv_rsa;
int len;
- unsigned char buf[1024],*p;
+ const unsigned char buf[1024],*p;
rsa=RSA_generate_key(512,RSA_F4,callback,(char *)stdout);
--- _d2i_RSAPublicKey.3.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list