Revise TROVE-2020-002 fix to work on older OpenSSL versions.

Although OpenSSL before 1.1.1 is no longer supported, it's possible that somebody is still using it with 0.3.5, so we probably shouldn't break it with this fix.
author: Nick Mathewson <nickm@torproject.org> 2020-03-14 13:38:53 -0400
committer: Nick Mathewson <nickm@torproject.org> 2020-03-14 13:38:53 -0400
commit: be064f77b93bda370e4165e6ad6da17324835c9e (patch)
tree: 40e6a9cc79bee03370aa09cfc5b4675dfee9040e
parent: d0bce65ce2426793a975e691204c3fb2ac667f66 (diff)
download: tor-be064f77b93bda370e4165e6ad6da17324835c9e.tar.gz
tor-be064f77b93bda370e4165e6ad6da17324835c9e.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/src/lib/crypt_ops/crypto_rsa_openssl.c b/src/lib/crypt_ops/crypto_rsa_openssl.c
index 022a0dc093..39b7aaf0cf 100644
--- a/src/lib/crypt_ops/crypto_rsa_openssl.c
+++ b/src/lib/crypt_ops/crypto_rsa_openssl.c
@@ -584,7 +584,11 @@ crypto_pk_asn1_decode_private(const char *str, size_t len, int max_bits)
     crypto_openssl_log_errors(LOG_WARN,"decoding private key");
     return NULL;
   }
+#ifdef OPENSSL_1_1_API
   if (max_bits >= 0 && RSA_bits(rsa) > max_bits) {
+#else
+  if (max_bits >= 0 && rsa->n && BN_num_bits(rsa->n) > max_bits) {
+#endif
     log_info(LD_CRYPTO, "Private key longer than expected.");
     return NULL;
   }
author	Nick Mathewson <nickm@torproject.org>	2020-03-14 13:38:53 -0400
committer	Nick Mathewson <nickm@torproject.org>	2020-03-14 13:38:53 -0400
commit	be064f77b93bda370e4165e6ad6da17324835c9e (patch)
tree	40e6a9cc79bee03370aa09cfc5b4675dfee9040e
parent	d0bce65ce2426793a975e691204c3fb2ac667f66 (diff)
download	tor-be064f77b93bda370e4165e6ad6da17324835c9e.tar.gz tor-be064f77b93bda370e4165e6ad6da17324835c9e.zip