1 /* $Id: openssl-compat.c,v 1.17 2014/02/13 05:38:33 dtucker Exp $ */
2
3 /*
4 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER
15 * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
16 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19 #include "includes.h"
20
21 #include <stdarg.h>
22 #include <string.h>
23
24 #ifdef USE_OPENSSL_ENGINE
25 # include <openssl/engine.h>
26 # include <openssl/conf.h>
27 #endif
28
29 #ifndef HAVE_RSA_GET_DEFAULT_METHOD
30 # include <openssl/rsa.h>
31 #endif
32
33 #include "log.h"
34
35 #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
36 #include "openssl-compat.h"
37
38 #ifdef SSH_OLD_EVP
39 int
ssh_EVP_CipherInit(EVP_CIPHER_CTX * evp,const EVP_CIPHER * type,unsigned char * key,unsigned char * iv,int enc)40 ssh_EVP_CipherInit(EVP_CIPHER_CTX *evp, const EVP_CIPHER *type,
41 unsigned char *key, unsigned char *iv, int enc)
42 {
43 EVP_CipherInit(evp, type, key, iv, enc);
44 return 1;
45 }
46
47 int
ssh_EVP_Cipher(EVP_CIPHER_CTX * evp,char * dst,char * src,int len)48 ssh_EVP_Cipher(EVP_CIPHER_CTX *evp, char *dst, char *src, int len)
49 {
50 EVP_Cipher(evp, dst, src, len);
51 return 1;
52 }
53
54 int
ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX * evp)55 ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp)
56 {
57 EVP_CIPHER_CTX_cleanup(evp);
58 return 1;
59 }
60 #endif
61
62 #ifndef HAVE_EVP_DIGESTINIT_EX
63 int
EVP_DigestInit_ex(EVP_MD_CTX * ctx,const EVP_MD * md,void * engine)64 EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, void *engine)
65 {
66 if (engine != NULL)
67 fatal("%s: ENGINE is not supported", __func__);
68 # ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
69 EVP_DigestInit(ctx, md);
70 return 1;
71 # else
72 return EVP_DigestInit(ctx, md);
73 # endif
74 }
75 #endif
76
77 #ifndef HAVE_EVP_DIGESTFINAL_EX
78 int
EVP_DigestFinal_ex(EVP_MD_CTX * ctx,unsigned char * md,unsigned int * s)79 EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s)
80 {
81 # ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
82 EVP_DigestFinal(ctx, md, s);
83 return 1;
84 # else
85 return EVP_DigestFinal(ctx, md, s);
86 # endif
87 }
88 #endif
89
90 #ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
91 int
ssh_EVP_DigestUpdate(EVP_MD_CTX * ctx,const void * d,unsigned int cnt)92 ssh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt)
93 {
94 EVP_DigestUpdate(ctx, d, cnt);
95 return 1;
96 }
97 #endif
98
99 #ifndef HAVE_EVP_MD_CTX_COPY_EX
100 int
EVP_MD_CTX_copy_ex(EVP_MD_CTX * out,const EVP_MD_CTX * in)101 EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
102 {
103 return EVP_MD_CTX_copy(out, in);
104 }
105 #endif
106
107 #ifndef HAVE_BN_IS_PRIME_EX
108 int
BN_is_prime_ex(const BIGNUM * p,int nchecks,BN_CTX * ctx,void * cb)109 BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, void *cb)
110 {
111 if (cb != NULL)
112 fatal("%s: callback args not supported", __func__);
113 return BN_is_prime(p, nchecks, NULL, ctx, NULL);
114 }
115 #endif
116
117 #ifndef HAVE_RSA_GENERATE_KEY_EX
118 int
RSA_generate_key_ex(RSA * rsa,int bits,BIGNUM * bn_e,void * cb)119 RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *bn_e, void *cb)
120 {
121 RSA *new_rsa, tmp_rsa;
122 unsigned long e;
123
124 if (cb != NULL)
125 fatal("%s: callback args not supported", __func__);
126 e = BN_get_word(bn_e);
127 if (e == 0xffffffffL)
128 fatal("%s: value of e too large", __func__);
129 new_rsa = RSA_generate_key(bits, e, NULL, NULL);
130 if (new_rsa == NULL)
131 return 0;
132 /* swap rsa/new_rsa then free new_rsa */
133 tmp_rsa = *rsa;
134 *rsa = *new_rsa;
135 *new_rsa = tmp_rsa;
136 RSA_free(new_rsa);
137 return 1;
138 }
139 #endif
140
141 #ifndef HAVE_DSA_GENERATE_PARAMETERS_EX
142 int
DSA_generate_parameters_ex(DSA * dsa,int bits,const unsigned char * seed,int seed_len,int * counter_ret,unsigned long * h_ret,void * cb)143 DSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed,
144 int seed_len, int *counter_ret, unsigned long *h_ret, void *cb)
145 {
146 DSA *new_dsa, tmp_dsa;
147
148 if (cb != NULL)
149 fatal("%s: callback args not supported", __func__);
150 new_dsa = DSA_generate_parameters(bits, (unsigned char *)seed, seed_len,
151 counter_ret, h_ret, NULL, NULL);
152 if (new_dsa == NULL)
153 return 0;
154 /* swap dsa/new_dsa then free new_dsa */
155 tmp_dsa = *dsa;
156 *dsa = *new_dsa;
157 *new_dsa = tmp_dsa;
158 DSA_free(new_dsa);
159 return 1;
160 }
161 #endif
162
163 #ifndef HAVE_RSA_GET_DEFAULT_METHOD
164 RSA_METHOD *
RSA_get_default_method(void)165 RSA_get_default_method(void)
166 {
167 return RSA_PKCS1_SSLeay();
168 }
169 #endif
170
171 #ifdef USE_OPENSSL_ENGINE
172 void
ssh_OpenSSL_add_all_algorithms(void)173 ssh_OpenSSL_add_all_algorithms(void)
174 {
175 OpenSSL_add_all_algorithms();
176
177 /* Enable use of crypto hardware */
178 ENGINE_load_builtin_engines();
179 ENGINE_register_all_complete();
180 OPENSSL_config(NULL);
181 }
182 #endif
183