From 17d87d522c674362a4769d20c05cb0f1daf10e7f Mon Sep 17 00:00:00 2001 From: Daniel Bevenius Date: Mon, 2 Sep 2019 10:36:39 +0200 Subject: [PATCH] src: fix ValidateDSAParameters when fips is enabled MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Currently, the following compilation errors are generated when configuring --openssl-is-fips: ../src/node_crypto.cc: In function ‘bool node::crypto::ValidateDSAParameters(EVP_PKEY*)’: ../src/node_crypto.cc:4886:55: error: ‘pkey’ was not declared in this scope if (FIPS_mode() && EVP_PKEY_DSA == EVP_PKEY_base_id(pkey.get())) { ^~~~ ../src/node_crypto.cc:4886:55: note: suggested alternative: ‘key’ if (FIPS_mode() && EVP_PKEY_DSA == EVP_PKEY_base_id(pkey.get())) { ^~~~ key ../src/node_crypto.cc:4898:35: error: expected ‘;’ before ‘}’ token (L == 3072 && N == 256) ^ ; } This commit fixes the errors, and after this compilation is successful. PR-URL: https://github.com/nodejs/node/pull/29407 Reviewed-By: David Carlier Reviewed-By: Colin Ihrig Reviewed-By: James M Snell --- src/node_crypto.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 65683b70d844cb..b1d8145e6de3ee 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -4883,8 +4883,8 @@ static AllocatedBuffer Node_SignFinal(Environment* env, static inline bool ValidateDSAParameters(EVP_PKEY* key) { #ifdef NODE_FIPS_MODE /* Validate DSA2 parameters from FIPS 186-4 */ - if (FIPS_mode() && EVP_PKEY_DSA == EVP_PKEY_base_id(pkey.get())) { - DSA* dsa = EVP_PKEY_get0_DSA(pkey.get()); + if (FIPS_mode() && EVP_PKEY_DSA == EVP_PKEY_base_id(key)) { + DSA* dsa = EVP_PKEY_get0_DSA(key); const BIGNUM* p; DSA_get0_pqg(dsa, &p, nullptr, nullptr); size_t L = BN_num_bits(p); @@ -4895,7 +4895,7 @@ static inline bool ValidateDSAParameters(EVP_PKEY* key) { return (L == 1024 && N == 160) || (L == 2048 && N == 224) || (L == 2048 && N == 256) || - (L == 3072 && N == 256) + (L == 3072 && N == 256); } #endif // NODE_FIPS_MODE