WIP: it works

2024-11-24 08:01:27 +00:00 · 2021-01-14 13:36:38 +00:00 · 2021-01-14 13:36:38 +00:00 · 445f94f89b
commit 445f94f89b
parent f0991899b0
3 changed files with 19 additions and 7 deletions
--- a/src/optee_engine/back.c
+++ b/src/optee_engine/back.c
@ -67,7 +67,7 @@ end:
 }

 int OPTEE_ENG_evp_cb_sign(
-    EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *sigsz,
+    EVP_MD_CTX *ctx, unsigned char *sig, size_t *sigsz,
    const unsigned char *tb, size_t tbsz) {
    ENTRY;

@ -99,7 +99,7 @@ int OPTEE_ENG_evp_cb_sign(
        goto end;
    }

-    pkey = EVP_PKEY_CTX_get0_pkey(ctx);
+    //pkey = EVP_PKEY_CTX_get0_pkey(ctx);
    TEST_NULL(pkey);

    if (EVP_PKEY_type(EVP_PKEY_id(pkey)) != EVP_PKEY_EC) {
@ -108,6 +108,7 @@ int OPTEE_ENG_evp_cb_sign(
        goto end;
    }

+#if 0
    if (!EVP_PKEY_CTX_get_signature_md(ctx, &md) ||
        (md != EVP_sha256())) {
        // We only support ECDSA+P-256+SHA256
@ -115,7 +116,7 @@ int OPTEE_ENG_evp_cb_sign(
        ret = -2;
        goto end;
    }
-
+#endif
    ec = EVP_PKEY_get1_EC_KEY(pkey);
    TEST_NULL(ec);

@ -230,10 +231,17 @@ EVP_PKEY* OPTEE_ENG_load_private_key(
    uint8_t key_digest[32] = {0};
    int ret = 0;

+    char key_path[2048] = {0};
+    const char *path = getenv("PRV_KEY");
+    memcpy(key_path, path, strlen(path));
+    key_path[strlen(path)] = '/';
+    memcpy(key_path+strlen(path)+1, key_name, strlen(key_name));
+    key_path[strlen(path)+strlen(key_name)+1] = '\0';
+
    /* read key from file */
    // OZAPTF
    TEST_OSSL(
-        parse_key_from_file(getenv("PRV_KEY")),
+        parse_key_from_file(key_path),
        BAD_PARAMETERS);

    // Calculate key-id used internally. It is a sha256
--- a/src/optee_engine/back.h
+++ b/src/optee_engine/back.h
@ -12,7 +12,7 @@ EVP_PKEY* OPTEE_ENG_load_private_key(
    void *		callback_data);

 int OPTEE_ENG_evp_cb_sign(
-	EVP_PKEY_CTX *       ctx,
+	EVP_MD_CTX *       ctx,
 	unsigned char *      sig,
 	size_t *             sigsz,
 	const unsigned char *tb,
--- a/src/optee_engine/front.c
+++ b/src/optee_engine/front.c
@ -15,7 +15,7 @@
 #ifdef OPTEE_ENG_ENGINE_NAME
 #undef OPTEE_ENG_ENGINE_NAME
 #endif
-#define OPTEE_ENG_ENGINE_NAME "OpTEE OpenSSL ENGINE."
+#define OPTEE_ENG_ENGINE_NAME "OpTEE OpenSSL ENGINE (NO TEE VERSION)."

 BIO *bio_err = NULL;
 static bool is_initialized = false;
@ -113,7 +113,7 @@ static int OPTEE_ENG_pkey_meths(
    EVP_PKEY_meth_copy(new_meth, orig_meth);

    // Bind function pointers of PKEY and ASN1 methods
-    EVP_PKEY_meth_set_sign(new_meth, 0, OPTEE_ENG_evp_cb_sign);
+    EVP_PKEY_meth_set_digestsign(new_meth, OPTEE_ENG_evp_cb_sign);
    *pmeth = new_meth;
    return 1;
 }
@ -129,11 +129,15 @@ static int OPTEE_ENG_bind(ENGINE *e, const char *id) {
        return 0;
    }

+    /*
+    OZAPTF: locks
+
    if (!OPENSSL_init_crypto(
        OPENSSL_INIT_LOAD_CONFIG | OPENSSL_INIT_ENGINE_DYNAMIC, NULL)) {
        fprintf(stderr, "OPENSSL_init_crypto failed\n");
        return 0;
    }
+    */

    NOP(id);
    TEST_P(OPTEE_ENG_err_strings());