Add support for OpenSSL 1.1

Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
Signed-off-by: Slávek Banko <slavek.banko@axis.cz>

qca-tls.cpp

@@ -57,18 +57,28 @@ static bool lib_generateKeyIV(const EVP_CIPHER *_type, const TQByteArray &data,
 	TQByteArray k, i;
 	unsigned char *kp = 0;
 	unsigned char *ip = 0;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	EVP_CIPHER type = *_type;
+	EVP_CIPHER *loctype = &type;
 	if(keysize != -1)
 		type.key_len = keysize;
+#else
+	EVP_CIPHER *loctype = EVP_CIPHER_meth_dup(_type);
+	Q_UNUSED(keysize)
+#endif
 	if(key) {
-		k.resize(type.key_len);
+		k.resize(EVP_CIPHER_key_length(loctype));
 		kp = (unsigned char *)k.data();
 	}
 	if(iv) {
-		i.resize(type.iv_len);
+		i.resize(EVP_CIPHER_iv_length(loctype));
 		ip = (unsigned char *)i.data();
 	}
-	if(!EVP_BytesToKey(&type, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip))
+	int res = EVP_BytesToKey(loctype, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	EVP_CIPHER_meth_free(loctype);
+#endif
+	if (!res)
 		return false;
 	if(key)
 		*key = k;
@@ -177,7 +187,12 @@ public:
 	virtual ~EVPCipherContext()
 	{
 		if(type) {
-			EVP_CIPHER_CTX_cleanup(&c);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+			EVP_CIPHER_CTX_cleanup(c);
+			OPENSSL_free(c);
+#else
+			EVP_CIPHER_CTX_free(c);
+#endif
 			type = 0;
 		}
 	}
@@ -192,8 +207,8 @@ public:
 	virtual EVPCipherContext *cloneSelf() const=0;
 	virtual const EVP_CIPHER *getType(int mode) const=0;
 
-	int keySize() { return getType(TQCA::CBC)->key_len; }
+	int keySize() { return EVP_CIPHER_key_length(getType(TQCA::CBC)); }
-	int blockSize() { return getType(TQCA::CBC)->block_size; }
+	int blockSize() { return EVP_CIPHER_block_size(getType(TQCA::CBC)); }
 
 	bool generateKey(char *out, int keysize)
 	{
@@ -219,22 +234,27 @@ public:
 		pad = _pad;
 		type = getType(mode);
 		r.resize(0);
-		EVP_CIPHER_CTX_init(&c);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+		c = (EVP_CIPHER_CTX*)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX));
+		EVP_CIPHER_CTX_init(c);
+#else
+		c = EVP_CIPHER_CTX_new();
+#endif
 
 		if(dir == TQCA::Encrypt) {
-			if(!EVP_EncryptInit(&c, type, NULL, NULL))
+			if(!EVP_EncryptInit(c, type, NULL, NULL))
 				return false;
-			if(keysize != type->key_len)
+			if(keysize != EVP_CIPHER_key_length(type))
-				EVP_CIPHER_CTX_set_key_length(&c, keysize);
+				EVP_CIPHER_CTX_set_key_length(c, keysize);
-			if(!EVP_EncryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv))
+			if(!EVP_EncryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv))
 				return false;
 		}
 		else {
-			if(!EVP_DecryptInit(&c, type, NULL, NULL))
+			if(!EVP_DecryptInit(c, type, NULL, NULL))
 				return false;
-			if(keysize != type->key_len)
+			if(keysize != EVP_CIPHER_key_length(type))
-				EVP_CIPHER_CTX_set_key_length(&c, keysize);
+				EVP_CIPHER_CTX_set_key_length(c, keysize);
-			if(!EVP_DecryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv))
+			if(!EVP_DecryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv))
 				return false;
 		}
 		return true;
@@ -242,14 +262,14 @@ public:
 
 	bool update(const char *in, unsigned int len)
 	{
-		TQByteArray result(len + type->block_size);
+		TQByteArray result(len + EVP_CIPHER_block_size(type));
 		int olen;
 		if(dir == TQCA::Encrypt || !pad) {
-			if(!EVP_EncryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
+			if(!EVP_EncryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
 				return false;
 		}
 		else {
-			if(!EVP_DecryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
+			if(!EVP_DecryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
 				return false;
 		}
 		result.resize(olen);
@@ -260,14 +280,14 @@ public:
 	bool final(TQByteArray *out)
 	{
 		if(pad) {
-			TQByteArray result(type->block_size);
+			TQByteArray result(EVP_CIPHER_block_size(type));
 			int olen;
 			if(dir == TQCA::Encrypt) {
-				if(!EVP_EncryptFinal(&c, (unsigned char *)result.data(), &olen))
+				if(!EVP_EncryptFinal(c, (unsigned char *)result.data(), &olen))
 					return false;
 			}
 			else {
-				if(!EVP_DecryptFinal(&c, (unsigned char *)result.data(), &olen))
+				if(!EVP_DecryptFinal(c, (unsigned char *)result.data(), &olen))
 					return false;
 			}
 			result.resize(olen);
@@ -279,7 +299,7 @@ public:
 		return true;
 	}
 
-	EVP_CIPHER_CTX c;
+	EVP_CIPHER_CTX *c;
 	const EVP_CIPHER *type;
 	TQByteArray r;
 	int dir;
@@ -509,11 +529,22 @@ public:
 
 	bool generate(unsigned int bits)
 	{
-		RSA *r = RSA_generate_key(bits, RSA_F4, NULL, NULL);
+		BIGNUM *bign = BN_new();
+		if (BN_set_word(bign, RSA_F4) != 1)
+		{
+			BN_free(bign);
+			return false;
+		}
+		RSA *r = RSA_new();
 		if(!r)
+		{
+			BN_free(bign);
 			return false;
+		}
+		RSA_generate_key_ex(r, bits, bign, NULL);
 		separate(r, &pub, &sec);
 		RSA_free(r);
+		BN_free(bign);
 		return true;
 	}
 
@@ -522,12 +553,10 @@ public:
 		// deep copy
 		RSAKeyContext *c = new RSAKeyContext;
 		if(pub) {
-			++(pub->references);
+			c->pub = RSAPublicKey_dup(pub);
-			c->pub = pub; //RSAPublicKey_dup(pub);
 		}
 		if(sec) {
-			++(sec->references);
+			c->sec = RSAPrivateKey_dup(sec);
-			c->sec = sec; //RSAPrivateKey_dup(sec);
 		}
 		return c;
 	}
@@ -769,8 +798,7 @@ public:
 	{
 		CertContext *c = new CertContext(*this);
 		if(x) {
-			++(x->references);
+			c->x = X509_dup(x);
-			c->x = x;
 		}
 		return c;
 	}
@@ -841,8 +869,7 @@ public:
 	void fromX509(X509 *t)
 	{
 		reset();
-		++(t->references);
+		x = X509_dup(t);
-		x = t;
 
 		// serial number
 		ASN1_INTEGER *ai = X509_get_serialNumber(x);