On 13-04-2023 15:57, Michael Olbrich wrote:
On Thu, Apr 13, 2023 at 09:25:54AM +0200, Robin van der Gracht wrote:
...
+From 9294183e07ff4944e3f5e590f343f5727636767e Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jje...@redhat.com>
+Date: Thu, 1 Dec 2022 20:08:53 +0100
+Subject: [PATCH] pkcs11-tool: Fix private key import
+
+---
+ src/tools/pkcs11-tool.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
+index aae205fe..cfee8526 100644
+--- a/src/tools/pkcs11-tool.c
++++ b/src/tools/pkcs11-tool.c
+@@ -3669,13 +3669,13 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct
rsakey_info *rsa)
+ RSA_get0_factors(r, &r_p, &r_q);
+ RSA_get0_crt_params(r, &r_dmp1, &r_dmq1, &r_iqmp);
+ #else
+- if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1,
&r_d) != 1 ||
++ if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &r_d) !=
1 ||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1,
&r_p) != 1 ||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2,
&r_q) != 1 ||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1,
&r_dmp1) != 1 ||
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2,
&r_dmq1) != 1 ||
+- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT3,
&r_iqmp) != 1) {
+ util_fatal("OpenSSL error during RSA private key
parsing");
++ EVP_PKEY_get_bn_param(pkey,
OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
This is broken. Probably a bad conflict resolution. The next upstream
commit fixes this. So far it looks promising. I'll do some more testing and
clean it up.
I only compile tested the patch.
Ok, thanks!
Kind regards,
Robin