Browse Source

Add support for OpenSSL 1.1

Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
pull/1/head
Michele Calgaro Slávek Banko <slavek.banko@axis.cz> 3 years ago
parent
commit
0c329722a5
1 changed files with 58 additions and 31 deletions
  1. +58
    -31
      qca-tls.cpp

+ 58
- 31
qca-tls.cpp View File

@@ -57,18 +57,28 @@ static bool lib_generateKeyIV(const EVP_CIPHER *_type, const TQByteArray &data,
TQByteArray k, i;
unsigned char *kp = 0;
unsigned char *ip = 0;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_CIPHER type = *_type;
EVP_CIPHER *loctype = &type;
if(keysize != -1)
type.key_len = keysize;
#else
EVP_CIPHER *loctype = EVP_CIPHER_meth_dup(_type);
Q_UNUSED(keysize)
#endif
if(key) {
k.resize(type.key_len);
k.resize(EVP_CIPHER_key_length(loctype));
kp = (unsigned char *)k.data();
}
if(iv) {
i.resize(type.iv_len);
i.resize(EVP_CIPHER_iv_length(loctype));
ip = (unsigned char *)i.data();
}
if(!EVP_BytesToKey(&type, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip))
int res = EVP_BytesToKey(loctype, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
EVP_CIPHER_meth_free(loctype);
#endif
if (!res)
return false;
if(key)
*key = k;
@@ -177,7 +187,12 @@ public:
virtual ~EVPCipherContext()
{
if(type) {
EVP_CIPHER_CTX_cleanup(&c);
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_CIPHER_CTX_cleanup(c);
OPENSSL_free(c);
#else
EVP_CIPHER_CTX_free(c);
#endif
type = 0;
}
}
@@ -192,8 +207,8 @@ public:
virtual EVPCipherContext *cloneSelf() const=0;
virtual const EVP_CIPHER *getType(int mode) const=0;

int keySize() { return getType(TQCA::CBC)->key_len; }
int blockSize() { return getType(TQCA::CBC)->block_size; }
int keySize() { return EVP_CIPHER_key_length(getType(TQCA::CBC)); }
int blockSize() { return EVP_CIPHER_block_size(getType(TQCA::CBC)); }

bool generateKey(char *out, int keysize)
{
@@ -219,22 +234,27 @@ public:
pad = _pad;
type = getType(mode);
r.resize(0);
EVP_CIPHER_CTX_init(&c);
#if OPENSSL_VERSION_NUMBER < 0x10100000L
c = (EVP_CIPHER_CTX*)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX));
EVP_CIPHER_CTX_init(c);
#else
c = EVP_CIPHER_CTX_new();
#endif

if(dir == TQCA::Encrypt) {
if(!EVP_EncryptInit(&c, type, NULL, NULL))
if(!EVP_EncryptInit(c, type, NULL, NULL))
return false;
if(keysize != type->key_len)
EVP_CIPHER_CTX_set_key_length(&c, keysize);
if(!EVP_EncryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv))
if(keysize != EVP_CIPHER_key_length(type))
EVP_CIPHER_CTX_set_key_length(c, keysize);
if(!EVP_EncryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv))
return false;
}
else {
if(!EVP_DecryptInit(&c, type, NULL, NULL))
if(!EVP_DecryptInit(c, type, NULL, NULL))
return false;
if(keysize != type->key_len)
EVP_CIPHER_CTX_set_key_length(&c, keysize);
if(!EVP_DecryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv))
if(keysize != EVP_CIPHER_key_length(type))
EVP_CIPHER_CTX_set_key_length(c, keysize);
if(!EVP_DecryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv))
return false;
}
return true;
@@ -242,14 +262,14 @@ public:

bool update(const char *in, unsigned int len)
{
TQByteArray result(len + type->block_size);
TQByteArray result(len + EVP_CIPHER_block_size(type));
int olen;
if(dir == TQCA::Encrypt || !pad) {
if(!EVP_EncryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
if(!EVP_EncryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
return false;
}
else {
if(!EVP_DecryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
if(!EVP_DecryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
return false;
}
result.resize(olen);
@@ -260,14 +280,14 @@ public:
bool final(TQByteArray *out)
{
if(pad) {
TQByteArray result(type->block_size);
TQByteArray result(EVP_CIPHER_block_size(type));
int olen;
if(dir == TQCA::Encrypt) {
if(!EVP_EncryptFinal(&c, (unsigned char *)result.data(), &olen))
if(!EVP_EncryptFinal(c, (unsigned char *)result.data(), &olen))
return false;
}
else {
if(!EVP_DecryptFinal(&c, (unsigned char *)result.data(), &olen))
if(!EVP_DecryptFinal(c, (unsigned char *)result.data(), &olen))
return false;
}
result.resize(olen);
@@ -279,7 +299,7 @@ public:
return true;
}

EVP_CIPHER_CTX c;
EVP_CIPHER_CTX *c;
const EVP_CIPHER *type;
TQByteArray r;
int dir;
@@ -509,11 +529,22 @@ public:

bool generate(unsigned int bits)
{
RSA *r = RSA_generate_key(bits, RSA_F4, NULL, NULL);
BIGNUM *bign = BN_new();
if (BN_set_word(bign, RSA_F4) != 1)
{
BN_free(bign);
return false;
}
RSA *r = RSA_new();
if(!r)
{
BN_free(bign);
return false;
}
RSA_generate_key_ex(r, bits, bign, NULL);
separate(r, &pub, &sec);
RSA_free(r);
BN_free(bign);
return true;
}

@@ -522,12 +553,10 @@ public:
// deep copy
RSAKeyContext *c = new RSAKeyContext;
if(pub) {
++(pub->references);
c->pub = pub; //RSAPublicKey_dup(pub);
c->pub = RSAPublicKey_dup(pub);
}
if(sec) {
++(sec->references);
c->sec = sec; //RSAPrivateKey_dup(sec);
c->sec = RSAPrivateKey_dup(sec);
}
return c;
}
@@ -769,8 +798,7 @@ public:
{
CertContext *c = new CertContext(*this);
if(x) {
++(x->references);
c->x = x;
c->x = X509_dup(x);
}
return c;
}
@@ -841,8 +869,7 @@ public:
void fromX509(X509 *t)
{
reset();
++(t->references);
x = t;
x = X509_dup(t);

// serial number
ASN1_INTEGER *ai = X509_get_serialNumber(x);


Loading…
Cancel
Save