summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichele Calgaro <michele.calgaro@yahoo.it>2016-12-04 12:07:44 +0100
committerSlávek Banko <slavek.banko@axis.cz>2016-12-04 12:07:44 +0100
commit0c329722a53ec70633d88fc0bbc00cb52676e181 (patch)
tree3d6f3ee9c1eb078ee8a303f3c8000c18d45ffede
parent68d8b7a537763e086ca10e8d0e9a85815adae187 (diff)
downloadtqca-tls-0c329722.tar.gz
tqca-tls-0c329722.zip
Add support for OpenSSL 1.1
Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it> Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
-rw-r--r--qca-tls.cpp89
1 files changed, 58 insertions, 31 deletions
diff --git a/qca-tls.cpp b/qca-tls.cpp
index 42e4099..b1fb639 100644
--- a/qca-tls.cpp
+++ b/qca-tls.cpp
@@ -57,18 +57,28 @@ static bool lib_generateKeyIV(const EVP_CIPHER *_type, const TQByteArray &data,
TQByteArray k, i;
unsigned char *kp = 0;
unsigned char *ip = 0;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_CIPHER type = *_type;
+ EVP_CIPHER *loctype = &type;
if(keysize != -1)
type.key_len = keysize;
+#else
+ EVP_CIPHER *loctype = EVP_CIPHER_meth_dup(_type);
+ Q_UNUSED(keysize)
+#endif
if(key) {
- k.resize(type.key_len);
+ k.resize(EVP_CIPHER_key_length(loctype));
kp = (unsigned char *)k.data();
}
if(iv) {
- i.resize(type.iv_len);
+ i.resize(EVP_CIPHER_iv_length(loctype));
ip = (unsigned char *)i.data();
}
- if(!EVP_BytesToKey(&type, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip))
+ int res = EVP_BytesToKey(loctype, EVP_sha1(), (unsigned char *)salt.data(), (unsigned char *)data.data(), data.size(), 1, kp, ip);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ EVP_CIPHER_meth_free(loctype);
+#endif
+ if (!res)
return false;
if(key)
*key = k;
@@ -177,7 +187,12 @@ public:
virtual ~EVPCipherContext()
{
if(type) {
- EVP_CIPHER_CTX_cleanup(&c);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_CIPHER_CTX_cleanup(c);
+ OPENSSL_free(c);
+#else
+ EVP_CIPHER_CTX_free(c);
+#endif
type = 0;
}
}
@@ -192,8 +207,8 @@ public:
virtual EVPCipherContext *cloneSelf() const=0;
virtual const EVP_CIPHER *getType(int mode) const=0;
- int keySize() { return getType(TQCA::CBC)->key_len; }
- int blockSize() { return getType(TQCA::CBC)->block_size; }
+ int keySize() { return EVP_CIPHER_key_length(getType(TQCA::CBC)); }
+ int blockSize() { return EVP_CIPHER_block_size(getType(TQCA::CBC)); }
bool generateKey(char *out, int keysize)
{
@@ -219,22 +234,27 @@ public:
pad = _pad;
type = getType(mode);
r.resize(0);
- EVP_CIPHER_CTX_init(&c);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ c = (EVP_CIPHER_CTX*)OPENSSL_malloc(sizeof(EVP_CIPHER_CTX));
+ EVP_CIPHER_CTX_init(c);
+#else
+ c = EVP_CIPHER_CTX_new();
+#endif
if(dir == TQCA::Encrypt) {
- if(!EVP_EncryptInit(&c, type, NULL, NULL))
+ if(!EVP_EncryptInit(c, type, NULL, NULL))
return false;
- if(keysize != type->key_len)
- EVP_CIPHER_CTX_set_key_length(&c, keysize);
- if(!EVP_EncryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv))
+ if(keysize != EVP_CIPHER_key_length(type))
+ EVP_CIPHER_CTX_set_key_length(c, keysize);
+ if(!EVP_EncryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv))
return false;
}
else {
- if(!EVP_DecryptInit(&c, type, NULL, NULL))
+ if(!EVP_DecryptInit(c, type, NULL, NULL))
return false;
- if(keysize != type->key_len)
- EVP_CIPHER_CTX_set_key_length(&c, keysize);
- if(!EVP_DecryptInit(&c, NULL, (unsigned char *)key, (unsigned char *)iv))
+ if(keysize != EVP_CIPHER_key_length(type))
+ EVP_CIPHER_CTX_set_key_length(c, keysize);
+ if(!EVP_DecryptInit(c, NULL, (unsigned char *)key, (unsigned char *)iv))
return false;
}
return true;
@@ -242,14 +262,14 @@ public:
bool update(const char *in, unsigned int len)
{
- TQByteArray result(len + type->block_size);
+ TQByteArray result(len + EVP_CIPHER_block_size(type));
int olen;
if(dir == TQCA::Encrypt || !pad) {
- if(!EVP_EncryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
+ if(!EVP_EncryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
return false;
}
else {
- if(!EVP_DecryptUpdate(&c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
+ if(!EVP_DecryptUpdate(c, (unsigned char *)result.data(), &olen, (unsigned char *)in, len))
return false;
}
result.resize(olen);
@@ -260,14 +280,14 @@ public:
bool final(TQByteArray *out)
{
if(pad) {
- TQByteArray result(type->block_size);
+ TQByteArray result(EVP_CIPHER_block_size(type));
int olen;
if(dir == TQCA::Encrypt) {
- if(!EVP_EncryptFinal(&c, (unsigned char *)result.data(), &olen))
+ if(!EVP_EncryptFinal(c, (unsigned char *)result.data(), &olen))
return false;
}
else {
- if(!EVP_DecryptFinal(&c, (unsigned char *)result.data(), &olen))
+ if(!EVP_DecryptFinal(c, (unsigned char *)result.data(), &olen))
return false;
}
result.resize(olen);
@@ -279,7 +299,7 @@ public:
return true;
}
- EVP_CIPHER_CTX c;
+ EVP_CIPHER_CTX *c;
const EVP_CIPHER *type;
TQByteArray r;
int dir;
@@ -509,11 +529,22 @@ public:
bool generate(unsigned int bits)
{
- RSA *r = RSA_generate_key(bits, RSA_F4, NULL, NULL);
+ BIGNUM *bign = BN_new();
+ if (BN_set_word(bign, RSA_F4) != 1)
+ {
+ BN_free(bign);
+ return false;
+ }
+ RSA *r = RSA_new();
if(!r)
+ {
+ BN_free(bign);
return false;
+ }
+ RSA_generate_key_ex(r, bits, bign, NULL);
separate(r, &pub, &sec);
RSA_free(r);
+ BN_free(bign);
return true;
}
@@ -522,12 +553,10 @@ public:
// deep copy
RSAKeyContext *c = new RSAKeyContext;
if(pub) {
- ++(pub->references);
- c->pub = pub; //RSAPublicKey_dup(pub);
+ c->pub = RSAPublicKey_dup(pub);
}
if(sec) {
- ++(sec->references);
- c->sec = sec; //RSAPrivateKey_dup(sec);
+ c->sec = RSAPrivateKey_dup(sec);
}
return c;
}
@@ -769,8 +798,7 @@ public:
{
CertContext *c = new CertContext(*this);
if(x) {
- ++(x->references);
- c->x = x;
+ c->x = X509_dup(x);
}
return c;
}
@@ -841,8 +869,7 @@ public:
void fromX509(X509 *t)
{
reset();
- ++(t->references);
- x = t;
+ x = X509_dup(t);
// serial number
ASN1_INTEGER *ai = X509_get_serialNumber(x);