Browse Source

Add support for OpenSSL 1.1

Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
master
Michele Calgaro 2 years ago
parent
commit
0c329722a5
1 changed files with 58 additions and 31 deletions
  1. 58
    31
      qca-tls.cpp

+ 58
- 31
qca-tls.cpp View File

@@ -57,18 +57,28 @@ static bool lib_generateKeyIV(const EVP_CIPHER *_type, const TQByteArray &data,
57 57
 	TQByteArray k, i;
58 58
 	unsigned char *kp = 0;
59 59
 	unsigned char *ip = 0;
60
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
60 61
 	EVP_CIPHER type = *_type;
62
+	EVP_CIPHER *loctype = &type;
61 63
 	if(keysize != -1)
62 64
 		type.key_len = keysize;
65
+#else
66
+	EVP_CIPHER *loctype = EVP_CIPHER_meth_dup(_type);
67
+	Q_UNUSED(keysize)
68
+#endif
63 69
 	if(key) {
64
-		k.resize(type.key_len);
70
+		k.resize(EVP_CIPHER_key_length(loctype));
65 71
 		kp = (unsigned char *)k.data();
66 72
 	}
67 73
 	if(iv) {
68
-		i.resize(type.iv_len);
74
+		i.resize(EVP_CIPHER_iv_length(loctype));
69 75
 		ip = (unsigned char *)i.data();
70 76
 	}
71
-	if(!EVP_BytesToKey(&type, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip))
77
+	int res = EVP_BytesToKey(loctype, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip);
78
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
79
+	EVP_CIPHER_meth_free(loctype);
80
+#endif
81
+	if (!res)
72 82
 		return false;
73 83
 	if(key)
74 84
 		*key = k;
@@ -177,7 +187,12 @@ public:
177 187
 	virtual ~EVPCipherContext()
178 188
 	{
179 189
 		if(type) {
180
-			EVP_CIPHER_CTX_cleanup(&c);
190
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
191
+			EVP_CIPHER_CTX_cleanup(c);
192
+			OPENSSL_free(c);
193
+#else
194
+			EVP_CIPHER_CTX_free(c);
195
+#endif
181 196
 			type = 0;
182 197
 		}
183 198
 	}
@@ -192,8 +207,8 @@ public:
192 207
 	virtual EVPCipherContext *cloneSelf() const=0;
193 208
 	virtual const EVP_CIPHER *getType(int mode) const=0;
194 209
 
195
-	int keySize() { return getType(TQCA::CBC)->key_len; }
196
-	int blockSize() { return getType(TQCA::CBC)->block_size; }
210
+	int keySize() { return EVP_CIPHER_key_length(getType(TQCA::CBC)); }
211
+	int blockSize() { return EVP_CIPHER_block_size(getType(TQCA::CBC)); }
197 212
 
198 213
 	bool generateKey(char *out, int keysize)
199 214
 	{
@@ -219,22 +234,27 @@ public:
219 234
 		pad = _pad;
220 235
 		type = getType(mode);
221 236
 		r.resize(0);
222
-		EVP_CIPHER_CTX_init(&c);
237
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
238
+		c = (EVP_CIPHER_CTX*)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX));
239
+		EVP_CIPHER_CTX_init(c);
240
+#else
241
+		c = EVP_CIPHER_CTX_new();
242
+#endif
223 243
 
224 244
 		if(dir == TQCA::Encrypt) {
225
-			if(!EVP_EncryptInit(&c, type, NULL, NULL))
245
+			if(!EVP_EncryptInit(c, type, NULL, NULL))
226 246
 				return false;
227
-			if(keysize != type->key_len)
228
-				EVP_CIPHER_CTX_set_key_length(&c, keysize);
229
-			if(!EVP_EncryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv))
247
+			if(keysize != EVP_CIPHER_key_length(type))
248
+				EVP_CIPHER_CTX_set_key_length(c, keysize);
249
+			if(!EVP_EncryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv))
230 250
 				return false;
231 251
 		}
232 252
 		else {
233
-			if(!EVP_DecryptInit(&c, type, NULL, NULL))
253
+			if(!EVP_DecryptInit(c, type, NULL, NULL))
234 254
 				return false;
235
-			if(keysize != type->key_len)
236
-				EVP_CIPHER_CTX_set_key_length(&c, keysize);
237
-			if(!EVP_DecryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv))
255
+			if(keysize != EVP_CIPHER_key_length(type))
256
+				EVP_CIPHER_CTX_set_key_length(c, keysize);
257
+			if(!EVP_DecryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv))
238 258
 				return false;
239 259
 		}
240 260
 		return true;
@@ -242,14 +262,14 @@ public:
242 262
 
243 263
 	bool update(const char *in, unsigned int len)
244 264
 	{
245
-		TQByteArray result(len + type->block_size);
265
+		TQByteArray result(len + EVP_CIPHER_block_size(type));
246 266
 		int olen;
247 267
 		if(dir == TQCA::Encrypt || !pad) {
248
-			if(!EVP_EncryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
268
+			if(!EVP_EncryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
249 269
 				return false;
250 270
 		}
251 271
 		else {
252
-			if(!EVP_DecryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
272
+			if(!EVP_DecryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
253 273
 				return false;
254 274
 		}
255 275
 		result.resize(olen);
@@ -260,14 +280,14 @@ public:
260 280
 	bool final(TQByteArray *out)
261 281
 	{
262 282
 		if(pad) {
263
-			TQByteArray result(type->block_size);
283
+			TQByteArray result(EVP_CIPHER_block_size(type));
264 284
 			int olen;
265 285
 			if(dir == TQCA::Encrypt) {
266
-				if(!EVP_EncryptFinal(&c, (unsigned char *)result.data(), &olen))
286
+				if(!EVP_EncryptFinal(c, (unsigned char *)result.data(), &olen))
267 287
 					return false;
268 288
 			}
269 289
 			else {
270
-				if(!EVP_DecryptFinal(&c, (unsigned char *)result.data(), &olen))
290
+				if(!EVP_DecryptFinal(c, (unsigned char *)result.data(), &olen))
271 291
 					return false;
272 292
 			}
273 293
 			result.resize(olen);
@@ -279,7 +299,7 @@ public:
279 299
 		return true;
280 300
 	}
281 301
 
282
-	EVP_CIPHER_CTX c;
302
+	EVP_CIPHER_CTX *c;
283 303
 	const EVP_CIPHER *type;
284 304
 	TQByteArray r;
285 305
 	int dir;
@@ -509,11 +529,22 @@ public:
509 529
 
510 530
 	bool generate(unsigned int bits)
511 531
 	{
512
-		RSA *r = RSA_generate_key(bits, RSA_F4, NULL, NULL);
532
+		BIGNUM *bign = BN_new();
533
+		if (BN_set_word(bign, RSA_F4) != 1)
534
+		{
535
+			BN_free(bign);
536
+			return false;
537
+		}
538
+		RSA *r = RSA_new();
513 539
 		if(!r)
540
+		{
541
+			BN_free(bign);
514 542
 			return false;
543
+		}
544
+		RSA_generate_key_ex(r, bits, bign, NULL);
515 545
 		separate(r, &pub, &sec);
516 546
 		RSA_free(r);
547
+		BN_free(bign);
517 548
 		return true;
518 549
 	}
519 550
 
@@ -522,12 +553,10 @@ public:
522 553
 		// deep copy
523 554
 		RSAKeyContext *c = new RSAKeyContext;
524 555
 		if(pub) {
525
-			++(pub->references);
526
-			c->pub = pub; //RSAPublicKey_dup(pub);
556
+			c->pub = RSAPublicKey_dup(pub);
527 557
 		}
528 558
 		if(sec) {
529
-			++(sec->references);
530
-			c->sec = sec; //RSAPrivateKey_dup(sec);
559
+			c->sec = RSAPrivateKey_dup(sec);
531 560
 		}
532 561
 		return c;
533 562
 	}
@@ -769,8 +798,7 @@ public:
769 798
 	{
770 799
 		CertContext *c = new CertContext(*this);
771 800
 		if(x) {
772
-			++(x->references);
773
-			c->x = x;
801
+			c->x = X509_dup(x);
774 802
 		}
775 803
 		return c;
776 804
 	}
@@ -841,8 +869,7 @@ public:
841 869
 	void fromX509(X509 *t)
842 870
 	{
843 871
 		reset();
844
-		++(t->references);
845
-		x = t;
872
+		x = X509_dup(t);
846 873
 
847 874
 		// serial number
848 875
 		ASN1_INTEGER *ai = X509_get_serialNumber(x);

Loading…
Cancel
Save