Darren Tucker | d6548fe | 2011-05-10 11:13:36 +1000 | [diff] [blame] | 1 | /* $Id: openssl-compat.c,v 1.14 2011/05/10 01:13:38 dtucker Exp $ */ |
Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 2 | |
| 3 | /* |
| 4 | * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> |
| 5 | * |
| 6 | * Permission to use, copy, modify, and distribute this software for any |
| 7 | * purpose with or without fee is hereby granted, provided that the above |
| 8 | * copyright notice and this permission notice appear in all copies. |
| 9 | * |
| 10 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
| 11 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
| 12 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
| 13 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
| 14 | * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER |
| 15 | * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING |
| 16 | * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 17 | */ |
| 18 | |
Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 19 | #include "includes.h" |
| 20 | |
Darren Tucker | ebdef76 | 2010-12-04 23:20:50 +1100 | [diff] [blame] | 21 | #include <stdarg.h> |
| 22 | #include <string.h> |
| 23 | |
Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 24 | #ifdef USE_OPENSSL_ENGINE |
| 25 | # include <openssl/engine.h> |
Darren Tucker | 9e0ff7a | 2010-11-22 17:59:00 +1100 | [diff] [blame] | 26 | # include <openssl/conf.h> |
Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 27 | #endif |
| 28 | |
Darren Tucker | 7924137 | 2011-01-22 09:37:01 +1100 | [diff] [blame] | 29 | #ifndef HAVE_RSA_GET_DEFAULT_METHOD |
| 30 | # include <openssl/rsa.h> |
| 31 | #endif |
| 32 | |
Darren Tucker | ebdef76 | 2010-12-04 23:20:50 +1100 | [diff] [blame] | 33 | #include "log.h" |
| 34 | |
Darren Tucker | bfaaf96 | 2008-02-28 19:13:52 +1100 | [diff] [blame] | 35 | #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS |
| 36 | #include "openssl-compat.h" |
| 37 | |
Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 38 | #ifdef SSH_OLD_EVP |
| 39 | int |
| 40 | ssh_EVP_CipherInit(EVP_CIPHER_CTX *evp, const EVP_CIPHER *type, |
| 41 | unsigned char *key, unsigned char *iv, int enc) |
| 42 | { |
| 43 | EVP_CipherInit(evp, type, key, iv, enc); |
| 44 | return 1; |
| 45 | } |
| 46 | |
| 47 | int |
| 48 | ssh_EVP_Cipher(EVP_CIPHER_CTX *evp, char *dst, char *src, int len) |
| 49 | { |
| 50 | EVP_Cipher(evp, dst, src, len); |
| 51 | return 1; |
| 52 | } |
| 53 | |
| 54 | int |
| 55 | ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp) |
| 56 | { |
| 57 | EVP_CIPHER_CTX_cleanup(evp); |
| 58 | return 1; |
| 59 | } |
Darren Tucker | 3e7e15f | 2009-03-07 22:22:35 +1100 | [diff] [blame] | 60 | #endif |
Darren Tucker | 8aae6ff | 2009-03-07 12:01:47 +1100 | [diff] [blame] | 61 | |
Darren Tucker | 3e7e15f | 2009-03-07 22:22:35 +1100 | [diff] [blame] | 62 | #ifdef OPENSSL_EVP_DIGESTUPDATE_VOID |
Darren Tucker | 8aae6ff | 2009-03-07 12:01:47 +1100 | [diff] [blame] | 63 | int |
| 64 | ssh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt) |
| 65 | { |
| 66 | EVP_DigestUpdate(ctx, d, cnt); |
| 67 | return 1; |
| 68 | } |
Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 69 | #endif |
Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 70 | |
Darren Tucker | ebdef76 | 2010-12-04 23:20:50 +1100 | [diff] [blame] | 71 | #ifndef HAVE_BN_IS_PRIME_EX |
| 72 | int |
| 73 | BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, void *cb) |
| 74 | { |
| 75 | if (cb != NULL) |
| 76 | fatal("%s: callback args not supported", __func__); |
| 77 | return BN_is_prime(p, nchecks, NULL, ctx, NULL); |
| 78 | } |
| 79 | #endif |
| 80 | |
| 81 | #ifndef HAVE_RSA_GENERATE_KEY_EX |
| 82 | int |
| 83 | RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *bn_e, void *cb) |
| 84 | { |
| 85 | RSA *new_rsa, tmp_rsa; |
| 86 | unsigned long e; |
| 87 | |
Darren Tucker | ebdef76 | 2010-12-04 23:20:50 +1100 | [diff] [blame] | 88 | if (cb != NULL) |
| 89 | fatal("%s: callback args not supported", __func__); |
| 90 | e = BN_get_word(bn_e); |
| 91 | if (e == 0xffffffffL) |
| 92 | fatal("%s: value of e too large", __func__); |
| 93 | new_rsa = RSA_generate_key(bits, e, NULL, NULL); |
| 94 | if (new_rsa == NULL) |
| 95 | return 0; |
| 96 | /* swap rsa/new_rsa then free new_rsa */ |
| 97 | tmp_rsa = *rsa; |
| 98 | *rsa = *new_rsa; |
| 99 | *new_rsa = tmp_rsa; |
| 100 | RSA_free(new_rsa); |
| 101 | return 1; |
| 102 | } |
| 103 | #endif |
| 104 | |
| 105 | #ifndef HAVE_DSA_GENERATE_PARAMETERS_EX |
| 106 | int |
| 107 | DSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed, |
| 108 | int seed_len, int *counter_ret, unsigned long *h_ret, void *cb) |
| 109 | { |
| 110 | DSA *new_dsa, tmp_dsa; |
| 111 | |
| 112 | if (cb != NULL) |
| 113 | fatal("%s: callback args not supported", __func__); |
| 114 | new_dsa = DSA_generate_parameters(bits, (unsigned char *)seed, seed_len, |
| 115 | counter_ret, h_ret, NULL, NULL); |
| 116 | if (new_dsa == NULL) |
| 117 | return 0; |
| 118 | /* swap dsa/new_dsa then free new_dsa */ |
| 119 | tmp_dsa = *dsa; |
| 120 | *dsa = *new_dsa; |
| 121 | *new_dsa = tmp_dsa; |
| 122 | DSA_free(new_dsa); |
| 123 | return 1; |
| 124 | } |
| 125 | #endif |
| 126 | |
Darren Tucker | 7924137 | 2011-01-22 09:37:01 +1100 | [diff] [blame] | 127 | #ifndef HAVE_RSA_GET_DEFAULT_METHOD |
| 128 | RSA_METHOD * |
| 129 | RSA_get_default_method(void) |
| 130 | { |
| 131 | return RSA_PKCS1_SSLeay(); |
| 132 | } |
| 133 | #endif |
| 134 | |
Darren Tucker | 94413cf | 2006-02-22 22:24:47 +1100 | [diff] [blame] | 135 | #ifdef USE_OPENSSL_ENGINE |
Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 136 | void |
Darren Tucker | d6548fe | 2011-05-10 11:13:36 +1000 | [diff] [blame] | 137 | ssh_OpenSSL_add_all_algorithms(void) |
Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 138 | { |
Darren Tucker | d6548fe | 2011-05-10 11:13:36 +1000 | [diff] [blame] | 139 | OpenSSL_add_all_algorithms(); |
Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 140 | |
Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 141 | /* Enable use of crypto hardware */ |
| 142 | ENGINE_load_builtin_engines(); |
| 143 | ENGINE_register_all_complete(); |
Darren Tucker | 19d32cb | 2010-01-29 10:54:11 +1100 | [diff] [blame] | 144 | OPENSSL_config(NULL); |
Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 145 | } |
Darren Tucker | 94413cf | 2006-02-22 22:24:47 +1100 | [diff] [blame] | 146 | #endif |