diff --git a/libretroshare/src/crypto/chacha20.cpp b/libretroshare/src/crypto/chacha20.cpp index 472cb9cd7..e56f40af4 100644 --- a/libretroshare/src/crypto/chacha20.cpp +++ b/libretroshare/src/crypto/chacha20.cpp @@ -44,7 +44,7 @@ //#define DEBUG_CHACHA20 -#if OPENSSL_VERSION_NUMBER >= 0x010100000L +#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER) #define AEAD_chacha20_poly1305_openssl AEAD_chacha20_poly1305 #else #define AEAD_chacha20_poly1305_rs AEAD_chacha20_poly1305 @@ -386,7 +386,7 @@ void chacha20_encrypt_rs(uint8_t key[32], uint32_t block_counter, uint8_t nonce[ } } -#if OPENSSL_VERSION_NUMBER >= 0x010100000L +#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER) void chacha20_encrypt_openssl(uint8_t key[32], uint32_t block_counter, uint8_t nonce[12], uint8_t *data, uint32_t size) { EVP_CIPHER_CTX *ctx; @@ -577,7 +577,7 @@ bool AEAD_chacha20_poly1305_rs(uint8_t key[32], uint8_t nonce[12],uint8_t *data, } } -#if OPENSSL_VERSION_NUMBER >= 0x010100000L +#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER) #define errorOut {ret = false; goto out;} bool AEAD_chacha20_poly1305_openssl(uint8_t key[32], uint8_t nonce[12], uint8_t *data, uint32_t data_size, uint8_t *aad, uint32_t aad_size, uint8_t tag[16], bool encrypt_or_decrypt) @@ -667,7 +667,7 @@ bool AEAD_chacha20_sha256(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint3 if(encrypt) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) chacha20_encrypt_rs(key,1,nonce,data,data_size); #else chacha20_encrypt_openssl(key, 1, nonce, data, data_size); @@ -676,7 +676,7 @@ bool AEAD_chacha20_sha256(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint3 uint8_t computed_tag[EVP_MAX_MD_SIZE]; unsigned int md_size ; -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) HMAC_CTX hmac_ctx ; HMAC_CTX_init(&hmac_ctx) ; @@ -709,7 +709,7 @@ bool AEAD_chacha20_sha256(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint3 uint8_t computed_tag[EVP_MAX_MD_SIZE]; unsigned int md_size ; -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) HMAC_CTX hmac_ctx ; HMAC_CTX_init(&hmac_ctx) ; @@ -733,7 +733,7 @@ bool AEAD_chacha20_sha256(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint3 // decrypt -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) chacha20_encrypt_rs(key,1,nonce,data,data_size); #else chacha20_encrypt_openssl(key, 1, nonce, data, data_size); @@ -1396,7 +1396,7 @@ bool perform_tests() std::cerr << " AEAD/poly1305 own encryption speed : " << SIZE / (1024.0*1024.0) / s.duration() << " MB/s" << std::endl; } -#if OPENSSL_VERSION_NUMBER >= 0x010100000L +#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER) { RsScopeTimer s("AEAD3") ; AEAD_chacha20_poly1305_openssl(key,nonce,ten_megabyte_data,SIZE,aad,12,received_tag,true) ; diff --git a/libretroshare/src/gxs/gxssecurity.cc b/libretroshare/src/gxs/gxssecurity.cc index 6868d6934..3ed575446 100644 --- a/libretroshare/src/gxs/gxssecurity.cc +++ b/libretroshare/src/gxs/gxssecurity.cc @@ -41,7 +41,7 @@ static const uint32_t MULTI_ENCRYPTION_FORMAT_v001_ENCRYPTED_KEY_SIZE = 256 ; static RsGxsId getRsaKeyFingerprint_old_insecure_method(RSA *pubkey) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) int lenn = BN_num_bytes(pubkey -> n); RsTemporaryMemory tmp(lenn) ; @@ -65,7 +65,7 @@ static RsGxsId getRsaKeyFingerprint_old_insecure_method(RSA *pubkey) } static RsGxsId getRsaKeyFingerprint(RSA *pubkey) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) int lenn = BN_num_bytes(pubkey -> n); int lene = BN_num_bytes(pubkey -> e); diff --git a/libretroshare/src/gxstunnel/p3gxstunnel.cc b/libretroshare/src/gxstunnel/p3gxstunnel.cc index 69bc091f4..46af96a6b 100644 --- a/libretroshare/src/gxstunnel/p3gxstunnel.cc +++ b/libretroshare/src/gxstunnel/p3gxstunnel.cc @@ -1055,7 +1055,7 @@ bool p3GxsTunnelService::locked_sendDHPublicKey(const DH *dh,const RsGxsId& own_ } RsGxsTunnelDHPublicKeyItem *dhitem = new RsGxsTunnelDHPublicKeyItem ; -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) dhitem->public_key = BN_dup(dh->pub_key) ; #else const BIGNUM *pub_key=NULL ; @@ -1139,7 +1139,7 @@ bool p3GxsTunnelService::locked_initDHSessionKey(DH *& dh) return false ; } -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) BN_hex2bn(&dh->p,dh_prime_2048_hex.c_str()) ; BN_hex2bn(&dh->g,"5") ; #else diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc index 30f724a7e..d0a83643c 100644 --- a/libretroshare/src/pqi/authssl.cc +++ b/libretroshare/src/pqi/authssl.cc @@ -245,7 +245,7 @@ sslcert::sslcert(X509 *x509, const RsPeerId& pid) { certificate = x509; id = pid; -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) name = getX509CNString(x509->cert_info->subject); org = getX509OrgString(x509->cert_info->subject); location = getX509LocString(x509->cert_info->subject); @@ -377,7 +377,7 @@ static int initLib = 0; if (dh) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) BN_hex2bn(&dh->p,dh_prime_4096_hex.c_str()) ; BN_hex2bn(&dh->g,"5") ; #else @@ -795,7 +795,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) // The code has been copied in order to use the PGP signing instead of supplying the // private EVP_KEY to ASN1_sign(), which would be another alternative. -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) int (*i2d)(X509_CINF*, unsigned char**) = i2d_X509_CINF; X509_ALGOR *algor1 = x509->cert_info->signature; X509_ALGOR *algor2 = x509->sig_alg; @@ -824,7 +824,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) /* FIX ALGORITHMS */ a = const_cast(algor1); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ASN1_TYPE_free(a->parameter); a->parameter=ASN1_TYPE_new(); a->parameter->type=V_ASN1_NULL; @@ -836,7 +836,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) #endif a = const_cast(algor2); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ASN1_TYPE_free(a->parameter); a->parameter=ASN1_TYPE_new(); a->parameter->type=V_ASN1_NULL; @@ -851,7 +851,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) std::cerr << "Algorithms Fixed" << std::endl; /* input buffer */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) inl=i2d(data,NULL); buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl); unsigned char *p=NULL; @@ -874,7 +874,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) } std::cerr << "Buffers Allocated" << std::endl; -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) p=buf_in; i2d(data,&p); #endif @@ -960,7 +960,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,uint32_t& diagnostic) } /* extract CN for peer Id */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) RsPgpId issuer(std::string(getX509CNString(x509->cert_info->issuer))); #else RsPgpId issuer(std::string(getX509CNString(X509_get_issuer_name(x509)))); @@ -979,7 +979,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,uint32_t& diagnostic) /*** NOW The Manual signing bit (HACKED FROM asn1/a_sign.c) ***/ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) int (*i2d)(X509_CINF*, unsigned char**) = i2d_X509_CINF; ASN1_BIT_STRING *signature = x509->signature; X509_CINF *data = x509->cert_info; @@ -1000,7 +1000,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,uint32_t& diagnostic) int sigoutl=0; /* input buffer */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) inl=i2d(data,NULL); buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl); unsigned char *p=NULL; @@ -1033,7 +1033,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,uint32_t& diagnostic) std::cerr << "Buffers Allocated" << std::endl; #endif -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) p=buf_in; i2d(data,&p); #endif @@ -1157,7 +1157,7 @@ static int verify_x509_callback(int preverify_ok, X509_STORE_CTX *ctx) if(x509 != NULL) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) RsPgpId gpgid (std::string(getX509CNString(x509->cert_info->issuer))); #else RsPgpId gpgid (std::string(getX509CNString(X509_get_issuer_name(x509)))); @@ -1165,7 +1165,7 @@ static int verify_x509_callback(int preverify_ok, X509_STORE_CTX *ctx) if(gpgid.isNull()) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) std::cerr << "verify_x509_callback(): wrong PGP id \"" << std::string(getX509CNString(x509->cert_info->issuer)) << "\"" << std::endl; #else std::cerr << "verify_x509_callback(): wrong PGP id \"" << std::string(getX509CNString(X509_get_issuer_name(x509))) << "\"" << std::endl; @@ -1173,7 +1173,7 @@ static int verify_x509_callback(int preverify_ok, X509_STORE_CTX *ctx) return false ; } -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) std::string sslcn = getX509CNString(x509->cert_info->subject); #else std::string sslcn = getX509CNString(X509_get_subject_name(x509)); @@ -1262,7 +1262,7 @@ int AuthSSLimpl::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx) std::cerr << "(WW) Certificate was rejected because authentication failed. Diagnostic = " << auth_diagnostic << std::endl; return false; } -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) RsPgpId pgpid(std::string(getX509CNString(X509_STORE_CTX_get_current_cert(ctx)->cert_info->issuer))); #else RsPgpId pgpid(std::string(getX509CNString(X509_get_issuer_name(X509_STORE_CTX_get_current_cert(ctx))))); @@ -1339,7 +1339,7 @@ bool AuthSSLimpl::encrypt(void *&out, int &outlen, const void *in, int inlen, #endif return false; } else { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) public_key = mCerts[peerId]->certificate->cert_info->key->pkey; #else public_key = X509_get0_pubkey(mCerts[peerId]->certificate) ; diff --git a/libretroshare/src/pqi/pqissl.cc b/libretroshare/src/pqi/pqissl.cc index bcc49cbbc..39c8421ae 100644 --- a/libretroshare/src/pqi/pqissl.cc +++ b/libretroshare/src/pqi/pqissl.cc @@ -361,7 +361,7 @@ void pqissl::getCryptoParams(RsPeerCryptoParams& params) bool pqissl::actAsServer() { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) return (bool)ssl_connection->server; #else return (bool)SSL_is_server(ssl_connection); @@ -1230,7 +1230,7 @@ int pqissl::Extract_Failed_SSL_Certificate() RsPeerId sslid ; getX509id(peercert, sslid) ; -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) RsPgpId gpgid(getX509CNString(peercert->cert_info->issuer)); std::string sslcn = getX509CNString(peercert->cert_info->subject); #else diff --git a/libretroshare/src/pqi/pqissllistener.cc b/libretroshare/src/pqi/pqissllistener.cc index 07e025525..2259b01ea 100644 --- a/libretroshare/src/pqi/pqissllistener.cc +++ b/libretroshare/src/pqi/pqissllistener.cc @@ -493,7 +493,7 @@ int pqissllistenbase::continueSSL(IncomingSSLInfo& incoming_connexion_info, bool #endif if(x509 != NULL) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) incoming_connexion_info.gpgid = RsPgpId(std::string(getX509CNString(x509->cert_info->issuer))); incoming_connexion_info.sslcn = getX509CNString(x509->cert_info->subject); #else @@ -892,7 +892,7 @@ int pqissllistener::completeConnection(int fd, IncomingSSLInfo& info) AuthSSL::getAuthSSL()->CheckCertificate(newPeerId, peercert); /* now need to get GPG id too */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) RsPgpId pgpid(std::string(getX509CNString(peercert->cert_info->issuer))); #else RsPgpId pgpid(std::string(getX509CNString(X509_get_issuer_name(peercert)))); diff --git a/libretroshare/src/pqi/sslfns.cc b/libretroshare/src/pqi/sslfns.cc index ba5a9e6a3..ab79d9825 100644 --- a/libretroshare/src/pqi/sslfns.cc +++ b/libretroshare/src/pqi/sslfns.cc @@ -602,7 +602,7 @@ bool getX509id(X509 *x509, RsPeerId& xid) } // get the signature from the cert, and copy to the array. -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ASN1_BIT_STRING *signature = x509->signature; #else const ASN1_BIT_STRING *signature = NULL ; @@ -700,7 +700,7 @@ int LoadCheckX509(const char *cert_file, RsPgpId& issuerName, std::string &locat if (valid) { // extract the name. -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) issuerName = RsPgpId(std::string(getX509CNString(x509->cert_info->issuer))); location = getX509LocString(x509->cert_info->subject); #else diff --git a/libretroshare/src/tcponudp/bss_tou.c b/libretroshare/src/tcponudp/bss_tou.c index 72969562f..ccb91509a 100644 --- a/libretroshare/src/tcponudp/bss_tou.c +++ b/libretroshare/src/tcponudp/bss_tou.c @@ -90,7 +90,7 @@ static int clear_tou_socket_error(int s); #include "tou.h" -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) //static void BIO_set_shutdown(BIO *a,int s) { a->shutdown=s; } static int BIO_get_shutdown(BIO *a) { return a->shutdown; } diff --git a/libretroshare/src/util/rsrecogn.cc b/libretroshare/src/util/rsrecogn.cc index a372b9b2d..2b6e51caa 100644 --- a/libretroshare/src/util/rsrecogn.cc +++ b/libretroshare/src/util/rsrecogn.cc @@ -508,7 +508,7 @@ bool RsRecogn::itemToRadix64(RsItem *item, std::string &radstr) std::string RsRecogn::getRsaKeyId(RSA *pubkey) { -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) int len = BN_num_bytes(pubkey -> n); unsigned char tmp[len]; BN_bn2bin(pubkey -> n, tmp); diff --git a/openpgpsdk/src/openpgpsdk/openssl_crypto.c b/openpgpsdk/src/openpgpsdk/openssl_crypto.c index 3a431d1ac..d1573437d 100644 --- a/openpgpsdk/src/openpgpsdk/openssl_crypto.c +++ b/openpgpsdk/src/openpgpsdk/openssl_crypto.c @@ -45,7 +45,7 @@ void test_secret_key(const ops_secret_key_t *skey) { RSA* test=RSA_new(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) test->n=BN_dup(skey->public_key.key.rsa.n); test->e=BN_dup(skey->public_key.key.rsa.e); test->d=BN_dup(skey->key.rsa.d); @@ -402,7 +402,7 @@ ops_boolean_t ops_dsa_verify(const unsigned char *hash,size_t hash_length, osig=DSA_SIG_new(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) osig->r=sig->r; osig->s=sig->s; #else @@ -417,7 +417,7 @@ ops_boolean_t ops_dsa_verify(const unsigned char *hash,size_t hash_length, already_said=ops_true ; } -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) osig->r=NULL; // in this case, the values are not copied. osig->s=NULL; #endif @@ -427,7 +427,7 @@ ops_boolean_t ops_dsa_verify(const unsigned char *hash,size_t hash_length, } odsa=DSA_new(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) odsa->p=dsa->p; odsa->q=dsa->q; odsa->g=dsa->g; @@ -471,7 +471,7 @@ ops_boolean_t ops_dsa_verify(const unsigned char *hash,size_t hash_length, return ops_false ; } -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) osig->r=NULL; osig->s=NULL; @@ -503,7 +503,7 @@ int ops_rsa_public_decrypt(unsigned char *out,const unsigned char *in, int n; orsa=RSA_new(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) orsa->n=rsa->n; orsa->e=rsa->e; #else @@ -512,7 +512,7 @@ int ops_rsa_public_decrypt(unsigned char *out,const unsigned char *in, n=RSA_public_decrypt(length,in,out,orsa,RSA_NO_PADDING); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) orsa->n=orsa->e=NULL; #endif RSA_free(orsa); @@ -538,7 +538,7 @@ int ops_rsa_private_encrypt(unsigned char *out,const unsigned char *in, int n; orsa=RSA_new(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) orsa->n=rsa->n; // XXX: do we need n? orsa->d=srsa->d; orsa->p=srsa->q; @@ -564,7 +564,7 @@ int ops_rsa_private_encrypt(unsigned char *out,const unsigned char *in, n=RSA_private_encrypt(length,in,out,orsa,RSA_NO_PADDING); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) orsa->n=orsa->d=orsa->p=orsa->q=NULL; orsa->e=NULL; #endif @@ -592,7 +592,7 @@ int ops_rsa_private_decrypt(unsigned char *out,const unsigned char *in, char errbuf[1024]; orsa=RSA_new(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) orsa->n=rsa->n; // XXX: do we need n? orsa->d=srsa->d; orsa->p=srsa->q; @@ -618,7 +618,7 @@ int ops_rsa_private_decrypt(unsigned char *out,const unsigned char *in, ERR_error_string(err,&errbuf[0]); fprintf(stderr,"openssl error : %s\n",errbuf); } -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) orsa->n=orsa->d=orsa->p=orsa->q=NULL; orsa->e=NULL; #endif @@ -644,7 +644,7 @@ int ops_rsa_public_encrypt(unsigned char *out,const unsigned char *in, // printf("ops_rsa_public_encrypt: length=%ld\n", length); orsa=RSA_new(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) orsa->n=rsa->n; orsa->e=rsa->e; #else @@ -664,7 +664,7 @@ int ops_rsa_public_encrypt(unsigned char *out,const unsigned char *in, BIO_free(fd_out) ; } -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) orsa->n=orsa->e=NULL; #endif RSA_free(orsa); @@ -744,7 +744,7 @@ ops_boolean_t ops_rsa_generate_keypair(const int numbits, const unsigned long e, skey->public_key.days_valid=0; skey->public_key.algorithm= OPS_PKA_RSA; -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) skey->public_key.key.rsa.n=BN_dup(rsa->n); skey->public_key.key.rsa.e=BN_dup(rsa->e); skey->key.rsa.d=BN_dup(rsa->d); @@ -766,7 +766,7 @@ ops_boolean_t ops_rsa_generate_keypair(const int numbits, const unsigned long e, skey->octet_count=0; skey->checksum=0; -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) skey->key.rsa.p=BN_dup(rsa->p); skey->key.rsa.q=BN_dup(rsa->q); skey->key.rsa.u=BN_mod_inverse(NULL,rsa->p, rsa->q, ctx); @@ -888,7 +888,7 @@ DSA_SIG* ops_dsa_sign(unsigned char* hashbuf, unsigned hashsize, const ops_dsa_s DSA_SIG *dsasig; odsa=DSA_new(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) odsa->p=dsa->p; odsa->q=dsa->q; odsa->g=dsa->g; @@ -901,7 +901,7 @@ DSA_SIG* ops_dsa_sign(unsigned char* hashbuf, unsigned hashsize, const ops_dsa_s dsasig=DSA_do_sign(hashbuf,hashsize,odsa); -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) odsa->p=odsa->q=odsa->g=odsa->pub_key=odsa->priv_key=NULL; #endif DSA_free(odsa); diff --git a/openpgpsdk/src/openpgpsdk/signature.c b/openpgpsdk/src/openpgpsdk/signature.c index e6820e325..2da7bf087 100644 --- a/openpgpsdk/src/openpgpsdk/signature.c +++ b/openpgpsdk/src/openpgpsdk/signature.c @@ -298,7 +298,7 @@ static ops_boolean_t dsa_sign(ops_hash_t *hash, const ops_dsa_public_key_t *dsa, dsasig=ops_dsa_sign(hashbuf, hashsize, sdsa, dsa); // convert and write the sig out to memory -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ops_write_mpi(dsasig->r, cinfo); ops_write_mpi(dsasig->s, cinfo); #else