• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* $Id: openssl-compat.c,v 1.14 2011/05/10 01:13:38 dtucker Exp $ */
2 
3 /*
4  * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
5  *
6  * Permission to use, copy, modify, and distribute this software for any
7  * purpose with or without fee is hereby granted, provided that the above
8  * copyright notice and this permission notice appear in all copies.
9  *
10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14  * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER
15  * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
16  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17  */
18 
19 #include "includes.h"
20 
21 #include <stdarg.h>
22 #include <string.h>
23 
24 #ifdef USE_OPENSSL_ENGINE
25 # include <openssl/engine.h>
26 # include <openssl/conf.h>
27 #endif
28 
29 #ifndef HAVE_RSA_GET_DEFAULT_METHOD
30 # include <openssl/rsa.h>
31 #endif
32 
33 #include "log.h"
34 
35 #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
36 #include "openssl-compat.h"
37 
38 #ifdef SSH_OLD_EVP
39 int
ssh_EVP_CipherInit(EVP_CIPHER_CTX * evp,const EVP_CIPHER * type,unsigned char * key,unsigned char * iv,int enc)40 ssh_EVP_CipherInit(EVP_CIPHER_CTX *evp, const EVP_CIPHER *type,
41     unsigned char *key, unsigned char *iv, int enc)
42 {
43 	EVP_CipherInit(evp, type, key, iv, enc);
44 	return 1;
45 }
46 
47 int
ssh_EVP_Cipher(EVP_CIPHER_CTX * evp,char * dst,char * src,int len)48 ssh_EVP_Cipher(EVP_CIPHER_CTX *evp, char *dst, char *src, int len)
49 {
50 	EVP_Cipher(evp, dst, src, len);
51 	return 1;
52 }
53 
54 int
ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX * evp)55 ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp)
56 {
57 	EVP_CIPHER_CTX_cleanup(evp);
58 	return 1;
59 }
60 #endif
61 
62 #ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
63 int
ssh_EVP_DigestUpdate(EVP_MD_CTX * ctx,const void * d,unsigned int cnt)64 ssh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt)
65 {
66 	EVP_DigestUpdate(ctx, d, cnt);
67 	return 1;
68 }
69 #endif
70 
71 #ifndef HAVE_BN_IS_PRIME_EX
72 int
BN_is_prime_ex(const BIGNUM * p,int nchecks,BN_CTX * ctx,void * cb)73 BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, void *cb)
74 {
75 	if (cb != NULL)
76 		fatal("%s: callback args not supported", __func__);
77 	return BN_is_prime(p, nchecks, NULL, ctx, NULL);
78 }
79 #endif
80 
81 #ifndef HAVE_RSA_GENERATE_KEY_EX
82 int
RSA_generate_key_ex(RSA * rsa,int bits,BIGNUM * bn_e,void * cb)83 RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *bn_e, void *cb)
84 {
85 	RSA *new_rsa, tmp_rsa;
86 	unsigned long e;
87 
88 	if (cb != NULL)
89 		fatal("%s: callback args not supported", __func__);
90 	e = BN_get_word(bn_e);
91 	if (e == 0xffffffffL)
92 		fatal("%s: value of e too large", __func__);
93 	new_rsa = RSA_generate_key(bits, e, NULL, NULL);
94 	if (new_rsa == NULL)
95 		return 0;
96 	/* swap rsa/new_rsa then free new_rsa */
97 	tmp_rsa = *rsa;
98 	*rsa = *new_rsa;
99 	*new_rsa = tmp_rsa;
100 	RSA_free(new_rsa);
101 	return 1;
102 }
103 #endif
104 
105 #ifndef HAVE_DSA_GENERATE_PARAMETERS_EX
106 int
DSA_generate_parameters_ex(DSA * dsa,int bits,const unsigned char * seed,int seed_len,int * counter_ret,unsigned long * h_ret,void * cb)107 DSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed,
108     int seed_len, int *counter_ret, unsigned long *h_ret, void *cb)
109 {
110 	DSA *new_dsa, tmp_dsa;
111 
112 	if (cb != NULL)
113 		fatal("%s: callback args not supported", __func__);
114 	new_dsa = DSA_generate_parameters(bits, (unsigned char *)seed, seed_len,
115 	    counter_ret, h_ret, NULL, NULL);
116 	if (new_dsa == NULL)
117 		return 0;
118 	/* swap dsa/new_dsa then free new_dsa */
119 	tmp_dsa = *dsa;
120 	*dsa = *new_dsa;
121 	*new_dsa = tmp_dsa;
122 	DSA_free(new_dsa);
123 	return 1;
124 }
125 #endif
126 
127 #ifndef HAVE_RSA_GET_DEFAULT_METHOD
128 RSA_METHOD *
RSA_get_default_method(void)129 RSA_get_default_method(void)
130 {
131 	return RSA_PKCS1_SSLeay();
132 }
133 #endif
134 
135 #ifdef	USE_OPENSSL_ENGINE
136 void
ssh_OpenSSL_add_all_algorithms(void)137 ssh_OpenSSL_add_all_algorithms(void)
138 {
139 	OpenSSL_add_all_algorithms();
140 
141 	/* Enable use of crypto hardware */
142 	ENGINE_load_builtin_engines();
143 	ENGINE_register_all_complete();
144 	OPENSSL_config(NULL);
145 }
146 #endif
147