From 0c329722a53ec70633d88fc0bbc00cb52676e181 Mon Sep 17 00:00:00 2001 From: Michele Calgaro Date: Sun, 4 Dec 2016 12:07:44 +0100 Subject: [PATCH] Add support for OpenSSL 1.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michele Calgaro Signed-off-by: Slávek Banko --- qca-tls.cpp | 89 ++++++++++++++++++++++++++++++++++------------------- 1 file changed, 58 insertions(+), 31 deletions(-) diff --git a/qca-tls.cpp b/qca-tls.cpp index 42e4099..b1fb639 100644 --- a/qca-tls.cpp +++ b/qca-tls.cpp @@ -57,18 +57,28 @@ static bool lib_generateKeyIV(const EVP_CIPHER *_type, const TQByteArray &data, TQByteArray k, i; unsigned char *kp = 0; unsigned char *ip = 0; +#if OPENSSL_VERSION_NUMBER < 0x10100000L EVP_CIPHER type = *_type; + EVP_CIPHER *loctype = &type; if(keysize != -1) type.key_len = keysize; +#else + EVP_CIPHER *loctype = EVP_CIPHER_meth_dup(_type); + Q_UNUSED(keysize) +#endif if(key) { - k.resize(type.key_len); + k.resize(EVP_CIPHER_key_length(loctype)); kp = (unsigned char *)k.data(); } if(iv) { - i.resize(type.iv_len); + i.resize(EVP_CIPHER_iv_length(loctype)); ip = (unsigned char *)i.data(); } - if(!EVP_BytesToKey(&type, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip)) + int res = EVP_BytesToKey(loctype, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + EVP_CIPHER_meth_free(loctype); +#endif + if (!res) return false; if(key) *key = k; @@ -177,7 +187,12 @@ public: virtual ~EVPCipherContext() { if(type) { - EVP_CIPHER_CTX_cleanup(&c); +#if OPENSSL_VERSION_NUMBER < 0x10100000L + EVP_CIPHER_CTX_cleanup(c); + OPENSSL_free(c); +#else + EVP_CIPHER_CTX_free(c); +#endif type = 0; } } @@ -192,8 +207,8 @@ public: virtual EVPCipherContext *cloneSelf() const=0; virtual const EVP_CIPHER *getType(int mode) const=0; - int keySize() { return getType(TQCA::CBC)->key_len; } - int blockSize() { return getType(TQCA::CBC)->block_size; } + int keySize() { return EVP_CIPHER_key_length(getType(TQCA::CBC)); } + int blockSize() { return EVP_CIPHER_block_size(getType(TQCA::CBC)); } bool generateKey(char *out, int keysize) { @@ -219,22 +234,27 @@ public: pad = _pad; type = getType(mode); r.resize(0); - EVP_CIPHER_CTX_init(&c); +#if OPENSSL_VERSION_NUMBER < 0x10100000L + c = (EVP_CIPHER_CTX*)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX)); + EVP_CIPHER_CTX_init(c); +#else + c = EVP_CIPHER_CTX_new(); +#endif if(dir == TQCA::Encrypt) { - if(!EVP_EncryptInit(&c, type, NULL, NULL)) + if(!EVP_EncryptInit(c, type, NULL, NULL)) return false; - if(keysize != type->key_len) - EVP_CIPHER_CTX_set_key_length(&c, keysize); - if(!EVP_EncryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv)) + if(keysize != EVP_CIPHER_key_length(type)) + EVP_CIPHER_CTX_set_key_length(c, keysize); + if(!EVP_EncryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv)) return false; } else { - if(!EVP_DecryptInit(&c, type, NULL, NULL)) + if(!EVP_DecryptInit(c, type, NULL, NULL)) return false; - if(keysize != type->key_len) - EVP_CIPHER_CTX_set_key_length(&c, keysize); - if(!EVP_DecryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv)) + if(keysize != EVP_CIPHER_key_length(type)) + EVP_CIPHER_CTX_set_key_length(c, keysize); + if(!EVP_DecryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv)) return false; } return true; @@ -242,14 +262,14 @@ public: bool update(const char *in, unsigned int len) { - TQByteArray result(len + type->block_size); + TQByteArray result(len + EVP_CIPHER_block_size(type)); int olen; if(dir == TQCA::Encrypt || !pad) { - if(!EVP_EncryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len)) + if(!EVP_EncryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len)) return false; } else { - if(!EVP_DecryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len)) + if(!EVP_DecryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len)) return false; } result.resize(olen); @@ -260,14 +280,14 @@ public: bool final(TQByteArray *out) { if(pad) { - TQByteArray result(type->block_size); + TQByteArray result(EVP_CIPHER_block_size(type)); int olen; if(dir == TQCA::Encrypt) { - if(!EVP_EncryptFinal(&c, (unsigned char *)result.data(), &olen)) + if(!EVP_EncryptFinal(c, (unsigned char *)result.data(), &olen)) return false; } else { - if(!EVP_DecryptFinal(&c, (unsigned char *)result.data(), &olen)) + if(!EVP_DecryptFinal(c, (unsigned char *)result.data(), &olen)) return false; } result.resize(olen); @@ -279,7 +299,7 @@ public: return true; } - EVP_CIPHER_CTX c; + EVP_CIPHER_CTX *c; const EVP_CIPHER *type; TQByteArray r; int dir; @@ -509,11 +529,22 @@ public: bool generate(unsigned int bits) { - RSA *r = RSA_generate_key(bits, RSA_F4, NULL, NULL); + BIGNUM *bign = BN_new(); + if (BN_set_word(bign, RSA_F4) != 1) + { + BN_free(bign); + return false; + } + RSA *r = RSA_new(); if(!r) + { + BN_free(bign); return false; + } + RSA_generate_key_ex(r, bits, bign, NULL); separate(r, &pub, &sec); RSA_free(r); + BN_free(bign); return true; } @@ -522,12 +553,10 @@ public: // deep copy RSAKeyContext *c = new RSAKeyContext; if(pub) { - ++(pub->references); - c->pub = pub; //RSAPublicKey_dup(pub); + c->pub = RSAPublicKey_dup(pub); } if(sec) { - ++(sec->references); - c->sec = sec; //RSAPrivateKey_dup(sec); + c->sec = RSAPrivateKey_dup(sec); } return c; } @@ -769,8 +798,7 @@ public: { CertContext *c = new CertContext(*this); if(x) { - ++(x->references); - c->x = x; + c->x = X509_dup(x); } return c; } @@ -841,8 +869,7 @@ public: void fromX509(X509 *t) { reset(); - ++(t->references); - x = t; + x = X509_dup(t); // serial number ASN1_INTEGER *ai = X509_get_serialNumber(x);