Compare commits

...

21 Commits

Author SHA1 Message Date
  TDE Gitea 0dd5eaad95 Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 1 week ago
  TDE Gitea 00e73227a6 Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 1 week ago
  TDE Gitea 1a1eb95681 Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 2 months ago
  TDE Gitea 2fb765bc32 Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 3 months ago
  TDE Gitea e73123c3cb Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 3 months ago
  TDE Gitea 19f8f0b734 Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 3 months ago
  TDE Gitea 59ded955be Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 3 months ago
  TDE Gitea d6295d721b Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 3 months ago
  TDE Gitea bbd3d66e01 Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 3 months ago
  TDE Gitea de08e8a2d9 Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 4 months ago
  TDE Gitea d627b4e800 Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 4 months ago
  TDE Gitea f4e78ffea6 Reset submodule main/dependencies/tqca-tls/cmake to latest HEAD 4 months ago
  Slávek Banko 4784056101
Add common cmake submodule. 4 months ago
  Slávek Banko 95b018a8a6
Rename the tqca-tls files in the original QMake project 4 months ago
  Slávek Banko da0049a4b9
Allow openssl detection without pkg-config file. 4 months ago
  Slávek Banko 6601055e9e
Move the OpenSSL 0.97 test inside the source code 4 months ago
  Gregory Guy c0c3393c7b
Conversion to the cmake building system. 9 months ago
  Matías Fonzo 41462673ad
Added LibreSSL detection 8 months ago
  Chris 1bc63c30d2
Replace Qt branding with TQt ones. 1 year ago
  OBATA Akio 29511f81db
Fix portability for expr(1) usage 1 year ago
  Michele Calgaro da4ed25676 Add support for OpenSSL 1.1 3 years ago
10 changed files with 292 additions and 61 deletions
Split View
  1. +3
    -0
      .gitmodules
  2. +96
    -0
      CMakeLists.txt
  3. +73
    -0
      ConfigureChecks.cmake
  4. +1
    -0
      cmake
  5. +11
    -0
      config.h.cmake
  6. +10
    -10
      configure
  7. +2
    -2
      qca-tls.pro
  8. +10
    -1
      qcaprovider.h
  9. +77
    -46
      tqca-tls.cpp
  10. +9
    -2
      tqca-tls.h

+ 3
- 0
.gitmodules View File

@@ -0,0 +1,3 @@
[submodule "cmake"]
path = cmake
url = https://system@scm.trinitydesktop.org/scm/git/tde-common-cmake

+ 96
- 0
CMakeLists.txt View File

@@ -0,0 +1,96 @@
############################################
# #
# Improvements and feedbacks are welcome #
# #
# This file is released under GPL >= 3 #
# #
############################################


cmake_minimum_required( VERSION 2.8 )


#### general package setup

project( tqca-tls )
set( VERSION R14.0.9 )


#### include essential cmake modules

include( FindPkgConfig )
include( CheckFunctionExists )
include( CheckSymbolExists )
include( CheckIncludeFile )
include( CheckLibraryExists )
include( CheckCSourceCompiles )
include( CheckCXXSourceCompiles )


#### include our cmake modules

set( CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake/modules" )
include( TDEMacros )


##### setup install paths

include( TDESetupPaths )
tde_setup_paths( )


##### optional stuff

option( WITH_ALL_OPTIONS "Enable all optional support" OFF )
option( WITH_GCC_VISIBILITY "Enable fvisibility and fvisibility-inlines-hidden" ${WITH_ALL_OPTIONS} )


##### configure checks

include( ConfigureChecks.cmake )


###### global compiler settings

add_definitions( -DHAVE_CONFIG_H -DTQCA_PLUGIN )

set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${TQT_CXX_FLAGS}" )
set( CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,--no-undefined" )
set( CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -Wl,--no-undefined" )


##### write configure files

configure_file( config.h.cmake config.h @ONLY )


include_directories(
${CMAKE_BINARY_DIR}
${CMAKE_CURRENT_BINARY_DIR}
${CMAKE_CURRENT_SOURCE_DIR}
${TQT_INCLUDE_DIRS}
${OPENSSL_INCLUDE_DIR}
)

link_directories(
${TQT_LIBRARY_DIRS}
)


##### tqca-tls (shared)

tde_add_library( ${PROJECT_NAME} SHARED NO_LIBTOOL_FILE AUTOMOC

SOURCES
tqca-tls.cpp
LINK
${TQT_LIBRARIES}
${OPENSSL_LIBRARIES}

DESTINATION ${TQT_PLUGINS_CRYPTO_DIR}
)


##### write configure files

configure_file( config.h.cmake config.h @ONLY )

+ 73
- 0
ConfigureChecks.cmake View File

@@ -0,0 +1,73 @@
###########################################
# #
# Improvements and feedback are welcome #
# #
# This file is released under GPL >= 3 #
# #
###########################################

# required stuff
find_package( TQt )

tde_setup_architecture_flags( )

include(TestBigEndian)
test_big_endian(WORDS_BIGENDIAN)

tde_setup_largefiles( )


##### check for gcc visibility support

if( WITH_GCC_VISIBILITY )
tde_setup_gcc_visibility( )
endif( WITH_GCC_VISIBILITY )


##### check for openssl

find_package( OpenSSL )
if( NOT SSL_FOUND )
check_include_file( openssl/ssl.h HAVE_OPENSSL_H )
check_library_exists( ssl OPENSSL_init_ssl "" HAVE_LIBSSL_11 )
if( NOT HAVE_LIBSSL_11 )
check_library_exists( ssl SSL_library_init "" HAVE_LIBSSL )
endif( )
check_library_exists( crypto EVP_EncryptInit_ex "" HAVE_LIBCRYPTO )
if( HAVE_OPENSSL_H AND (HAVE_LIBSSL_11 OR HAVEL_LIBSSL) AND HAVE_LIBCRYPTO )
set( SSL_FOUND 1 CACHE INTERNAL "" FORCE )
find_file( OPENSSLV_H openssl/opensslv.h )
file( STRINGS "${OPENSSLV_H}" SSL_VERSION REGEX "#[ \t]*define[ \t]*OPENSSL_VERSION_TEXT" )
string( REGEX REPLACE "# *define[ \t]*OPENSSL_VERSION_TEXT[ \t]*\"[^0-9 ]* *([^ ]*).*" "\\1"
SSL_VERSION "${SSL_VERSION}" )
set( SSL_VERSION "${SSL_VERSION}" CACHE INTERNAL "" FORCE )
message( STATUS "Found OpenSSL: version ${SSL_VERSION}" )
endif( HAVE_OPENSSL_H AND (HAVE_LIBSSL_11 OR HAVEL_LIBSSL) AND HAVE_LIBCRYPTO )
endif( NOT SSL_FOUND )
if( NOT OPENSSL_FOUND )
tde_message_fatal( "OpenSSL is required but was not found on your system" )
endif()

##### look for tqt3 plugins path

execute_process(
COMMAND ${PKG_CONFIG_EXECUTABLE}
--variable=pluginsdir tqt-mt
OUTPUT_VARIABLE TQT_PLUGINS_DIR
OUTPUT_STRIP_TRAILING_WHITESPACE
)
if( TQT_PLUGINS_DIR )
set( TQT_PLUGINS_CRYPTO_DIR "${TQT_PLUGINS_DIR}/crypto" )
endif()


###### check for tqca

pkg_search_module( TQCA tqca )
if( TQCA_FOUND )
set( HAVE_TQCA 1 )
else()
message( STATUS " tqca was not found, built-in copy will be used" )
endif( )


+ 1
- 0
cmake

@@ -0,0 +1 @@
Subproject commit 15a7e4670a8f580545c95e14101f852c9d947998

+ 11
- 0
config.h.cmake View File

@@ -0,0 +1,11 @@
#define VERSION "@VERSION@"

// Defined if you have fvisibility and fvisibility-inlines-hidden support.
#cmakedefine __KDE_HAVE_GCC_VISIBILITY 1

/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
significant byte first (like Motorola and SPARC, unlike Intel). */
#cmakedefine WORDS_BIGENDIAN @WORDS_BIGENDIAN@

/* Defined if you have the tqca library */
#cmakedefine HAVE_TQCA 1

+ 10
- 10
configure View File

@@ -7,7 +7,7 @@ Usage: ./configure [OPTION]...
This script creates necessary configuration files to build/install.

Main options:
--qtdir=[path] Directory where Qt is installed.
--tqtdir=[path] Directory where TQt is installed.
--help This help text.

Dependency options:
@@ -19,8 +19,8 @@ EOT

while [ $# -gt 0 ]; do
case "$1" in
--qtdir=*)
QTDIR=`expr "${1}" : "--qtdir=\(.*\)"`
--tqtdir=*)
TQTDIR=`expr "${1}" : "--tqtdir=\(.*\)"`
shift
;;

@@ -58,7 +58,7 @@ printf "Verifying TQt 3.x Multithreaded (MT) build environment ... "

if [ -z "$QTDIR" ]; then
if [ "$QC_DEBUG" = "Y" ]; then
echo \$QTDIR not set... trying to find Qt manually
echo \$TQTDIR not set... trying to find TQt manually
fi
for p in /usr/lib/tqt /usr/share/tqt /usr/share/tqt3 /usr/local/lib/tqt /usr/local/share/tqt /usr/lib/tqt3 /usr/local/lib/tqt3 /usr/lib/qt /usr/share/qt /usr/share/qt3 /usr/local/lib/qt /usr/local/share/qt /usr/lib/qt3 /usr/local/lib/qt3 /usr/lib64/tqt /usr/local/lib64/tqt /usr/lib64/tqt3 /usr/local/lib64/tqt3 /usr/lib64/qt /usr/local/lib64/qt /usr/lib64/qt3 /usr/local/lib64/qt3 /usr/X11R6/share/qt /usr/qt/3 ; do
if [ -d "$p/mkspecs" ]; then
@@ -69,11 +69,11 @@ if [ -z "$QTDIR" ]; then
if [ -z "$QTDIR" ]; then
echo fail
echo
echo Unable to find Qt 'mkspecs'. Please set QTDIR
echo manually. Perhaps you need to install Qt 3
echo development utilities. You may download them either
echo from the vendor of your operating system or from
echo www.trolltech.com
echo Unable to find TQt 'mkspecs'. Please set TQTDIR
echo manually. Perhaps you need to install TQt 3
echo development utilities. You may download them
echo the repos of your distribution or from
echo https://mirror.git.trinitydesktop.org/gitea/TDE/tqt3/.
echo
exit 1;
fi
@@ -576,7 +576,7 @@ if [ -x "./qcextra" ]; then
./qcextra
fi
# run tqmake
if expr match "$DEB_BUILD_OPTIONS" ".*nostrip"; then
if expr "$DEB_BUILD_OPTIONS" : ".*nostrip"; then
$qm QMAKE_STRIP=true qca-tls.pro
else
$qm qca-tls.pro


+ 2
- 2
qca-tls.pro View File

@@ -10,8 +10,8 @@ TARGET = tqca-tls
}
HEADERS += ($$Q_PREFIX)qcaprovider.h

HEADERS = qca-tls.h
SOURCES = qca-tls.cpp
HEADERS = tqca-tls.h
SOURCES = tqca-tls.cpp

DEFINES += TQCA_PLUGIN
win32:{


+ 10
- 1
qcaprovider.h View File

@@ -26,7 +26,16 @@
#include<tqdatetime.h>
#include<tqobject.h>
#include<tqhostaddress.h>
#include"qca.h"

#ifdef HAVE_CONFIG_H
#include "config.h"
#endif

#ifdef HAVE_TQCA
#include <tqca.h>
#else
#include "qca.h"
#endif

#define TQCA_PLUGIN_VERSION 1



qca-tls.cpp → tqca-tls.cpp View File

@@ -18,21 +18,25 @@
*
*/

#include"qca-tls.h"

#include<tqregexp.h>

#include<openssl/sha.h>
#include<openssl/md5.h>
#include<openssl/evp.h>
#include<openssl/bio.h>
#include<openssl/pem.h>
#include<openssl/rsa.h>
#include<openssl/x509.h>
#include<openssl/x509v3.h>
#include<openssl/ssl.h>
#include<openssl/err.h>
#include<openssl/rand.h>
#include "tqca-tls.h"

#include <tqregexp.h>

#include <openssl/sha.h>
#include <openssl/md5.h>
#include <openssl/evp.h>
#include <openssl/bio.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>

#if OPENSSL_VERSION_NUMBER >= 0x00907000
#define OSSL_097
#endif

#ifndef OSSL_097
#define NO_AES
@@ -57,18 +61,28 @@ static bool lib_generateKeyIV(const EVP_CIPHER *_type, const TQByteArray &data,
TQByteArray k, i;
unsigned char *kp = 0;
unsigned char *ip = 0;
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER type = *_type;
EVP_CIPHER *loctype = &type;
if(keysize != -1)
type.key_len = keysize;
#else
EVP_CIPHER *loctype = EVP_CIPHER_meth_dup(_type);
Q_UNUSED(keysize)
#endif
if(key) {
k.resize(type.key_len);
k.resize(EVP_CIPHER_key_length(loctype));
kp = (unsigned char *)k.data();
}
if(iv) {
i.resize(type.iv_len);
i.resize(EVP_CIPHER_iv_length(loctype));
ip = (unsigned char *)i.data();
}
if(!EVP_BytesToKey(&type, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip))
int res = EVP_BytesToKey(loctype, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_meth_free(loctype);
#endif
if (!res)
return false;
if(key)
*key = k;
@@ -177,7 +191,12 @@ public:
virtual ~EVPCipherContext()
{
if(type) {
EVP_CIPHER_CTX_cleanup(&c);
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
EVP_CIPHER_CTX_cleanup(c);
OPENSSL_free(c);
#else
EVP_CIPHER_CTX_free(c);
#endif
type = 0;
}
}
@@ -192,8 +211,8 @@ public:
virtual EVPCipherContext *cloneSelf() const=0;
virtual const EVP_CIPHER *getType(int mode) const=0;

int keySize() { return getType(TQCA::CBC)->key_len; }
int blockSize() { return getType(TQCA::CBC)->block_size; }
int keySize() { return EVP_CIPHER_key_length(getType(TQCA::CBC)); }
int blockSize() { return EVP_CIPHER_block_size(getType(TQCA::CBC)); }

bool generateKey(char *out, int keysize)
{
@@ -219,22 +238,27 @@ public:
pad = _pad;
type = getType(mode);
r.resize(0);
EVP_CIPHER_CTX_init(&c);
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
c = (EVP_CIPHER_CTX*)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX));
EVP_CIPHER_CTX_init(c);
#else
c = EVP_CIPHER_CTX_new();
#endif

if(dir == TQCA::Encrypt) {
if(!EVP_EncryptInit(&c, type, NULL, NULL))
if(!EVP_EncryptInit(c, type, NULL, NULL))
return false;
if(keysize != type->key_len)
EVP_CIPHER_CTX_set_key_length(&c, keysize);
if(!EVP_EncryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv))
if(keysize != EVP_CIPHER_key_length(type))
EVP_CIPHER_CTX_set_key_length(c, keysize);
if(!EVP_EncryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv))
return false;
}
else {
if(!EVP_DecryptInit(&c, type, NULL, NULL))
if(!EVP_DecryptInit(c, type, NULL, NULL))
return false;
if(keysize != type->key_len)
EVP_CIPHER_CTX_set_key_length(&c, keysize);
if(!EVP_DecryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv))
if(keysize != EVP_CIPHER_key_length(type))
EVP_CIPHER_CTX_set_key_length(c, keysize);
if(!EVP_DecryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv))
return false;
}
return true;
@@ -242,14 +266,14 @@ public:

bool update(const char *in, unsigned int len)
{
TQByteArray result(len + type->block_size);
TQByteArray result(len + EVP_CIPHER_block_size(type));
int olen;
if(dir == TQCA::Encrypt || !pad) {
if(!EVP_EncryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
if(!EVP_EncryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
return false;
}
else {
if(!EVP_DecryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
if(!EVP_DecryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
return false;
}
result.resize(olen);
@@ -260,14 +284,14 @@ public:
bool final(TQByteArray *out)
{
if(pad) {
TQByteArray result(type->block_size);
TQByteArray result(EVP_CIPHER_block_size(type));
int olen;
if(dir == TQCA::Encrypt) {
if(!EVP_EncryptFinal(&c, (unsigned char *)result.data(), &olen))
if(!EVP_EncryptFinal_ex(c, (unsigned char *)result.data(), &olen))
return false;
}
else {
if(!EVP_DecryptFinal(&c, (unsigned char *)result.data(), &olen))
if(!EVP_DecryptFinal_ex(c, (unsigned char *)result.data(), &olen))
return false;
}
result.resize(olen);
@@ -279,7 +303,7 @@ public:
return true;
}

EVP_CIPHER_CTX c;
EVP_CIPHER_CTX *c;
const EVP_CIPHER *type;
TQByteArray r;
int dir;
@@ -509,11 +533,22 @@ public:

bool generate(unsigned int bits)
{
RSA *r = RSA_generate_key(bits, RSA_F4, NULL, NULL);
BIGNUM *bign = BN_new();
if (BN_set_word(bign, RSA_F4) != 1)
{
BN_free(bign);
return false;
}
RSA *r = RSA_new();
if(!r)
{
BN_free(bign);
return false;
}
RSA_generate_key_ex(r, bits, bign, NULL);
separate(r, &pub, &sec);
RSA_free(r);
BN_free(bign);
return true;
}

@@ -522,12 +557,10 @@ public:
// deep copy
RSAKeyContext *c = new RSAKeyContext;
if(pub) {
++(pub->references);
c->pub = pub; //RSAPublicKey_dup(pub);
c->pub = RSAPublicKey_dup(pub);
}
if(sec) {
++(sec->references);
c->sec = sec; //RSAPrivateKey_dup(sec);
c->sec = RSAPrivateKey_dup(sec);
}
return c;
}
@@ -769,8 +802,7 @@ public:
{
CertContext *c = new CertContext(*this);
if(x) {
++(x->references);
c->x = x;
c->x = X509_dup(x);
}
return c;
}
@@ -841,8 +873,7 @@ public:
void fromX509(X509 *t)
{
reset();
++(t->references);
x = t;
x = X509_dup(t);

// serial number
ASN1_INTEGER *ai = X509_get_serialNumber(x);

qca-tls.h → tqca-tls.h View File

@@ -21,12 +21,19 @@
#ifndef TQCA_TLS_H
#define TQCA_TLS_H

#include"qcaprovider.h"
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif

#ifdef HAVE_TQCA
#include <tqcaprovider.h>
#else
#include "qcaprovider.h"
#endif

#ifdef TQCA_PLUGIN
TQCA_PLUGIN_EXPORT TQCAProvider *createProvider();
#else
TQCAProvider *createProviderTLS();
#endif

#endif

Loading…
Cancel
Save