| Darren Tucker | 7dae3d2 | 2007-06-14 23:47:31 +1000 | [diff] [blame] | 1 | /* $Id: openssl-compat.h,v 1.10 2007/06/14 13:47:31 dtucker Exp $ */ |
| Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 2 | |
| 3 | /* |
| 4 | * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> |
| 5 | * |
| 6 | * Permission to use, copy, modify, and distribute this software for any |
| 7 | * purpose with or without fee is hereby granted, provided that the above |
| 8 | * copyright notice and this permission notice appear in all copies. |
| 9 | * |
| 10 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
| 11 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
| 12 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
| 13 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
| 14 | * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER |
| 15 | * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING |
| 16 | * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 17 | */ |
| 18 | |
| 19 | #include "includes.h" |
| 20 | #include <openssl/evp.h> |
| 21 | |
| 22 | #if OPENSSL_VERSION_NUMBER < 0x00906000L |
| 23 | # define SSH_OLD_EVP |
| 24 | # define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) |
| Darren Tucker | cb52017 | 2007-06-14 23:21:32 +1000 | [diff] [blame] | 25 | #endif |
| 26 | |
| Darren Tucker | a2ed755 | 2007-06-14 23:38:39 +1000 | [diff] [blame] | 27 | #if (OPENSSL_VERSION_NUMBER < 0x00907000L) || defined(OPENSSL_LOBOTOMISED_AES) |
| 28 | # define USE_BUILTIN_RIJNDAEL |
| 29 | #endif |
| 30 | |
| Darren Tucker | cb52017 | 2007-06-14 23:21:32 +1000 | [diff] [blame] | 31 | #ifdef USE_BUILTIN_RIJNDAEL |
| 32 | # include "rijndael.h" |
| 33 | # define AES_KEY rijndael_ctx |
| 34 | # define AES_BLOCK_SIZE 16 |
| 35 | # define AES_encrypt(a, b, c) rijndael_encrypt(c, a, b) |
| 36 | # define AES_set_encrypt_key(a, b, c) rijndael_set_key(c, (char *)a, b, 1) |
| Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 37 | # define EVP_aes_128_cbc evp_rijndael |
| 38 | # define EVP_aes_192_cbc evp_rijndael |
| 39 | # define EVP_aes_256_cbc evp_rijndael |
| 40 | extern const EVP_CIPHER *evp_rijndael(void); |
| 41 | extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); |
| 42 | #endif |
| 43 | |
| 44 | #if !defined(EVP_CTRL_SET_ACSS_MODE) |
| 45 | # if (OPENSSL_VERSION_NUMBER >= 0x00907000L) |
| 46 | # define USE_CIPHER_ACSS 1 |
| 47 | extern const EVP_CIPHER *evp_acss(void); |
| 48 | # define EVP_acss evp_acss |
| 49 | # else |
| 50 | # define EVP_acss NULL |
| 51 | # endif |
| 52 | #endif |
| 53 | |
| Darren Tucker | fd30986 | 2007-03-05 18:25:20 +1100 | [diff] [blame] | 54 | /* OpenSSL 0.9.8e returns cipher key len not context key len */ |
| 55 | #if (OPENSSL_VERSION_NUMBER == 0x0090805fL) |
| 56 | # define EVP_CIPHER_CTX_key_length(c) ((c)->key_len) |
| 57 | #endif |
| 58 | |
| Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 59 | /* |
| Darren Tucker | 4123636 | 2005-11-20 14:09:59 +1100 | [diff] [blame] | 60 | * We overload some of the OpenSSL crypto functions with ssh_* equivalents |
| 61 | * which cater for older and/or less featureful OpenSSL version. |
| 62 | * |
| 63 | * In order for the compat library to call the real functions, it must |
| 64 | * define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and |
| 65 | * implement the ssh_* equivalents. |
| Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 66 | */ |
| Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 67 | #ifndef SSH_DONT_OVERLOAD_OPENSSL_FUNCS |
| Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 68 | |
| Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 69 | # ifdef SSH_OLD_EVP |
| Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 70 | # ifdef EVP_Cipher |
| 71 | # undef EVP_Cipher |
| 72 | # endif |
| Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 73 | # define EVP_CipherInit(a,b,c,d,e) ssh_EVP_CipherInit((a),(b),(c),(d),(e)) |
| 74 | # define EVP_Cipher(a,b,c,d) ssh_EVP_Cipher((a),(b),(c),(d)) |
| 75 | # define EVP_CIPHER_CTX_cleanup(a) ssh_EVP_CIPHER_CTX_cleanup((a)) |
| Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 76 | # endif /* SSH_OLD_EVP */ |
| 77 | |
| Darren Tucker | 3322e0d | 2006-02-22 00:00:27 +1100 | [diff] [blame] | 78 | # ifdef USE_OPENSSL_ENGINE |
| 79 | # ifdef SSLeay_add_all_algorithms |
| 80 | # undef SSLeay_add_all_algorithms |
| 81 | # endif |
| 82 | # define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms() |
| Darren Tucker | 3322e0d | 2006-02-22 00:00:27 +1100 | [diff] [blame] | 83 | #endif |
| Darren Tucker | a55ec77 | 2005-06-09 21:45:10 +1000 | [diff] [blame] | 84 | |
| 85 | int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *, |
| 86 | unsigned char *, int); |
| 87 | int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int); |
| 88 | int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); |
| Darren Tucker | 94413cf | 2006-02-22 22:24:47 +1100 | [diff] [blame] | 89 | void ssh_SSLeay_add_all_algorithms(void); |
| Darren Tucker | fabdb6c | 2006-02-20 20:17:35 +1100 | [diff] [blame] | 90 | #endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ |