mirror of
https://github.com/RetroShare/RetroShare.git
synced 2025-01-13 16:39:43 -05:00
fix building with libressl
This commit is contained in:
parent
ef59a604d2
commit
2046d9eaae
@ -44,7 +44,7 @@
|
|||||||
|
|
||||||
//#define DEBUG_CHACHA20
|
//#define DEBUG_CHACHA20
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x010100000L
|
#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||||
#define AEAD_chacha20_poly1305_openssl AEAD_chacha20_poly1305
|
#define AEAD_chacha20_poly1305_openssl AEAD_chacha20_poly1305
|
||||||
#else
|
#else
|
||||||
#define AEAD_chacha20_poly1305_rs AEAD_chacha20_poly1305
|
#define AEAD_chacha20_poly1305_rs AEAD_chacha20_poly1305
|
||||||
@ -386,7 +386,7 @@ void chacha20_encrypt_rs(uint8_t key[32], uint32_t block_counter, uint8_t nonce[
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x010100000L
|
#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||||
void chacha20_encrypt_openssl(uint8_t key[32], uint32_t block_counter, uint8_t nonce[12], uint8_t *data, uint32_t size)
|
void chacha20_encrypt_openssl(uint8_t key[32], uint32_t block_counter, uint8_t nonce[12], uint8_t *data, uint32_t size)
|
||||||
{
|
{
|
||||||
EVP_CIPHER_CTX *ctx;
|
EVP_CIPHER_CTX *ctx;
|
||||||
@ -577,7 +577,7 @@ bool AEAD_chacha20_poly1305_rs(uint8_t key[32], uint8_t nonce[12],uint8_t *data,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x010100000L
|
#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||||
#define errorOut {ret = false; goto out;}
|
#define errorOut {ret = false; goto out;}
|
||||||
|
|
||||||
bool AEAD_chacha20_poly1305_openssl(uint8_t key[32], uint8_t nonce[12], uint8_t *data, uint32_t data_size, uint8_t *aad, uint32_t aad_size, uint8_t tag[16], bool encrypt_or_decrypt)
|
bool AEAD_chacha20_poly1305_openssl(uint8_t key[32], uint8_t nonce[12], uint8_t *data, uint32_t data_size, uint8_t *aad, uint32_t aad_size, uint8_t tag[16], bool encrypt_or_decrypt)
|
||||||
@ -667,7 +667,7 @@ bool AEAD_chacha20_sha256(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint3
|
|||||||
|
|
||||||
if(encrypt)
|
if(encrypt)
|
||||||
{
|
{
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
chacha20_encrypt_rs(key,1,nonce,data,data_size);
|
chacha20_encrypt_rs(key,1,nonce,data,data_size);
|
||||||
#else
|
#else
|
||||||
chacha20_encrypt_openssl(key, 1, nonce, data, data_size);
|
chacha20_encrypt_openssl(key, 1, nonce, data, data_size);
|
||||||
@ -676,7 +676,7 @@ bool AEAD_chacha20_sha256(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint3
|
|||||||
uint8_t computed_tag[EVP_MAX_MD_SIZE];
|
uint8_t computed_tag[EVP_MAX_MD_SIZE];
|
||||||
unsigned int md_size ;
|
unsigned int md_size ;
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
HMAC_CTX hmac_ctx ;
|
HMAC_CTX hmac_ctx ;
|
||||||
HMAC_CTX_init(&hmac_ctx) ;
|
HMAC_CTX_init(&hmac_ctx) ;
|
||||||
|
|
||||||
@ -709,7 +709,7 @@ bool AEAD_chacha20_sha256(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint3
|
|||||||
uint8_t computed_tag[EVP_MAX_MD_SIZE];
|
uint8_t computed_tag[EVP_MAX_MD_SIZE];
|
||||||
unsigned int md_size ;
|
unsigned int md_size ;
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
HMAC_CTX hmac_ctx ;
|
HMAC_CTX hmac_ctx ;
|
||||||
HMAC_CTX_init(&hmac_ctx) ;
|
HMAC_CTX_init(&hmac_ctx) ;
|
||||||
|
|
||||||
@ -733,7 +733,7 @@ bool AEAD_chacha20_sha256(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint3
|
|||||||
|
|
||||||
// decrypt
|
// decrypt
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
chacha20_encrypt_rs(key,1,nonce,data,data_size);
|
chacha20_encrypt_rs(key,1,nonce,data,data_size);
|
||||||
#else
|
#else
|
||||||
chacha20_encrypt_openssl(key, 1, nonce, data, data_size);
|
chacha20_encrypt_openssl(key, 1, nonce, data, data_size);
|
||||||
@ -1396,7 +1396,7 @@ bool perform_tests()
|
|||||||
|
|
||||||
std::cerr << " AEAD/poly1305 own encryption speed : " << SIZE / (1024.0*1024.0) / s.duration() << " MB/s" << std::endl;
|
std::cerr << " AEAD/poly1305 own encryption speed : " << SIZE / (1024.0*1024.0) / s.duration() << " MB/s" << std::endl;
|
||||||
}
|
}
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x010100000L
|
#if OPENSSL_VERSION_NUMBER >= 0x010100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||||
{
|
{
|
||||||
RsScopeTimer s("AEAD3") ;
|
RsScopeTimer s("AEAD3") ;
|
||||||
AEAD_chacha20_poly1305_openssl(key,nonce,ten_megabyte_data,SIZE,aad,12,received_tag,true) ;
|
AEAD_chacha20_poly1305_openssl(key,nonce,ten_megabyte_data,SIZE,aad,12,received_tag,true) ;
|
||||||
|
@ -41,7 +41,7 @@ static const uint32_t MULTI_ENCRYPTION_FORMAT_v001_ENCRYPTED_KEY_SIZE = 256 ;
|
|||||||
|
|
||||||
static RsGxsId getRsaKeyFingerprint_old_insecure_method(RSA *pubkey)
|
static RsGxsId getRsaKeyFingerprint_old_insecure_method(RSA *pubkey)
|
||||||
{
|
{
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
int lenn = BN_num_bytes(pubkey -> n);
|
int lenn = BN_num_bytes(pubkey -> n);
|
||||||
|
|
||||||
RsTemporaryMemory tmp(lenn) ;
|
RsTemporaryMemory tmp(lenn) ;
|
||||||
@ -65,7 +65,7 @@ static RsGxsId getRsaKeyFingerprint_old_insecure_method(RSA *pubkey)
|
|||||||
}
|
}
|
||||||
static RsGxsId getRsaKeyFingerprint(RSA *pubkey)
|
static RsGxsId getRsaKeyFingerprint(RSA *pubkey)
|
||||||
{
|
{
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
int lenn = BN_num_bytes(pubkey -> n);
|
int lenn = BN_num_bytes(pubkey -> n);
|
||||||
int lene = BN_num_bytes(pubkey -> e);
|
int lene = BN_num_bytes(pubkey -> e);
|
||||||
|
|
||||||
|
@ -1055,7 +1055,7 @@ bool p3GxsTunnelService::locked_sendDHPublicKey(const DH *dh,const RsGxsId& own_
|
|||||||
}
|
}
|
||||||
|
|
||||||
RsGxsTunnelDHPublicKeyItem *dhitem = new RsGxsTunnelDHPublicKeyItem ;
|
RsGxsTunnelDHPublicKeyItem *dhitem = new RsGxsTunnelDHPublicKeyItem ;
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
dhitem->public_key = BN_dup(dh->pub_key) ;
|
dhitem->public_key = BN_dup(dh->pub_key) ;
|
||||||
#else
|
#else
|
||||||
const BIGNUM *pub_key=NULL ;
|
const BIGNUM *pub_key=NULL ;
|
||||||
@ -1139,7 +1139,7 @@ bool p3GxsTunnelService::locked_initDHSessionKey(DH *& dh)
|
|||||||
return false ;
|
return false ;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
BN_hex2bn(&dh->p,dh_prime_2048_hex.c_str()) ;
|
BN_hex2bn(&dh->p,dh_prime_2048_hex.c_str()) ;
|
||||||
BN_hex2bn(&dh->g,"5") ;
|
BN_hex2bn(&dh->g,"5") ;
|
||||||
#else
|
#else
|
||||||
|
@ -245,7 +245,7 @@ sslcert::sslcert(X509 *x509, const RsPeerId& pid)
|
|||||||
{
|
{
|
||||||
certificate = x509;
|
certificate = x509;
|
||||||
id = pid;
|
id = pid;
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
name = getX509CNString(x509->cert_info->subject);
|
name = getX509CNString(x509->cert_info->subject);
|
||||||
org = getX509OrgString(x509->cert_info->subject);
|
org = getX509OrgString(x509->cert_info->subject);
|
||||||
location = getX509LocString(x509->cert_info->subject);
|
location = getX509LocString(x509->cert_info->subject);
|
||||||
@ -377,7 +377,7 @@ static int initLib = 0;
|
|||||||
|
|
||||||
if (dh)
|
if (dh)
|
||||||
{
|
{
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
BN_hex2bn(&dh->p,dh_prime_4096_hex.c_str()) ;
|
BN_hex2bn(&dh->p,dh_prime_4096_hex.c_str()) ;
|
||||||
BN_hex2bn(&dh->g,"5") ;
|
BN_hex2bn(&dh->g,"5") ;
|
||||||
#else
|
#else
|
||||||
@ -795,7 +795,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/)
|
|||||||
// The code has been copied in order to use the PGP signing instead of supplying the
|
// The code has been copied in order to use the PGP signing instead of supplying the
|
||||||
// private EVP_KEY to ASN1_sign(), which would be another alternative.
|
// private EVP_KEY to ASN1_sign(), which would be another alternative.
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
int (*i2d)(X509_CINF*, unsigned char**) = i2d_X509_CINF;
|
int (*i2d)(X509_CINF*, unsigned char**) = i2d_X509_CINF;
|
||||||
X509_ALGOR *algor1 = x509->cert_info->signature;
|
X509_ALGOR *algor1 = x509->cert_info->signature;
|
||||||
X509_ALGOR *algor2 = x509->sig_alg;
|
X509_ALGOR *algor2 = x509->sig_alg;
|
||||||
@ -824,7 +824,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/)
|
|||||||
/* FIX ALGORITHMS */
|
/* FIX ALGORITHMS */
|
||||||
|
|
||||||
a = const_cast<X509_ALGOR*>(algor1);
|
a = const_cast<X509_ALGOR*>(algor1);
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
ASN1_TYPE_free(a->parameter);
|
ASN1_TYPE_free(a->parameter);
|
||||||
a->parameter=ASN1_TYPE_new();
|
a->parameter=ASN1_TYPE_new();
|
||||||
a->parameter->type=V_ASN1_NULL;
|
a->parameter->type=V_ASN1_NULL;
|
||||||
@ -836,7 +836,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
a = const_cast<X509_ALGOR*>(algor2);
|
a = const_cast<X509_ALGOR*>(algor2);
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
ASN1_TYPE_free(a->parameter);
|
ASN1_TYPE_free(a->parameter);
|
||||||
a->parameter=ASN1_TYPE_new();
|
a->parameter=ASN1_TYPE_new();
|
||||||
a->parameter->type=V_ASN1_NULL;
|
a->parameter->type=V_ASN1_NULL;
|
||||||
@ -851,7 +851,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/)
|
|||||||
std::cerr << "Algorithms Fixed" << std::endl;
|
std::cerr << "Algorithms Fixed" << std::endl;
|
||||||
|
|
||||||
/* input buffer */
|
/* input buffer */
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
inl=i2d(data,NULL);
|
inl=i2d(data,NULL);
|
||||||
buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl);
|
buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl);
|
||||||
unsigned char *p=NULL;
|
unsigned char *p=NULL;
|
||||||
@ -874,7 +874,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/)
|
|||||||
}
|
}
|
||||||
std::cerr << "Buffers Allocated" << std::endl;
|
std::cerr << "Buffers Allocated" << std::endl;
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
p=buf_in;
|
p=buf_in;
|
||||||
i2d(data,&p);
|
i2d(data,&p);
|
||||||
#endif
|
#endif
|
||||||
@ -960,7 +960,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,uint32_t& diagnostic)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* extract CN for peer Id */
|
/* extract CN for peer Id */
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
RsPgpId issuer(std::string(getX509CNString(x509->cert_info->issuer)));
|
RsPgpId issuer(std::string(getX509CNString(x509->cert_info->issuer)));
|
||||||
#else
|
#else
|
||||||
RsPgpId issuer(std::string(getX509CNString(X509_get_issuer_name(x509))));
|
RsPgpId issuer(std::string(getX509CNString(X509_get_issuer_name(x509))));
|
||||||
@ -979,7 +979,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,uint32_t& diagnostic)
|
|||||||
|
|
||||||
/*** NOW The Manual signing bit (HACKED FROM asn1/a_sign.c) ***/
|
/*** NOW The Manual signing bit (HACKED FROM asn1/a_sign.c) ***/
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
int (*i2d)(X509_CINF*, unsigned char**) = i2d_X509_CINF;
|
int (*i2d)(X509_CINF*, unsigned char**) = i2d_X509_CINF;
|
||||||
ASN1_BIT_STRING *signature = x509->signature;
|
ASN1_BIT_STRING *signature = x509->signature;
|
||||||
X509_CINF *data = x509->cert_info;
|
X509_CINF *data = x509->cert_info;
|
||||||
@ -1000,7 +1000,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,uint32_t& diagnostic)
|
|||||||
int sigoutl=0;
|
int sigoutl=0;
|
||||||
|
|
||||||
/* input buffer */
|
/* input buffer */
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
inl=i2d(data,NULL);
|
inl=i2d(data,NULL);
|
||||||
buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl);
|
buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl);
|
||||||
unsigned char *p=NULL;
|
unsigned char *p=NULL;
|
||||||
@ -1033,7 +1033,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,uint32_t& diagnostic)
|
|||||||
std::cerr << "Buffers Allocated" << std::endl;
|
std::cerr << "Buffers Allocated" << std::endl;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
p=buf_in;
|
p=buf_in;
|
||||||
i2d(data,&p);
|
i2d(data,&p);
|
||||||
#endif
|
#endif
|
||||||
@ -1157,7 +1157,7 @@ static int verify_x509_callback(int preverify_ok, X509_STORE_CTX *ctx)
|
|||||||
|
|
||||||
if(x509 != NULL)
|
if(x509 != NULL)
|
||||||
{
|
{
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
RsPgpId gpgid (std::string(getX509CNString(x509->cert_info->issuer)));
|
RsPgpId gpgid (std::string(getX509CNString(x509->cert_info->issuer)));
|
||||||
#else
|
#else
|
||||||
RsPgpId gpgid (std::string(getX509CNString(X509_get_issuer_name(x509))));
|
RsPgpId gpgid (std::string(getX509CNString(X509_get_issuer_name(x509))));
|
||||||
@ -1165,7 +1165,7 @@ static int verify_x509_callback(int preverify_ok, X509_STORE_CTX *ctx)
|
|||||||
|
|
||||||
if(gpgid.isNull())
|
if(gpgid.isNull())
|
||||||
{
|
{
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
std::cerr << "verify_x509_callback(): wrong PGP id \"" << std::string(getX509CNString(x509->cert_info->issuer)) << "\"" << std::endl;
|
std::cerr << "verify_x509_callback(): wrong PGP id \"" << std::string(getX509CNString(x509->cert_info->issuer)) << "\"" << std::endl;
|
||||||
#else
|
#else
|
||||||
std::cerr << "verify_x509_callback(): wrong PGP id \"" << std::string(getX509CNString(X509_get_issuer_name(x509))) << "\"" << std::endl;
|
std::cerr << "verify_x509_callback(): wrong PGP id \"" << std::string(getX509CNString(X509_get_issuer_name(x509))) << "\"" << std::endl;
|
||||||
@ -1173,7 +1173,7 @@ static int verify_x509_callback(int preverify_ok, X509_STORE_CTX *ctx)
|
|||||||
return false ;
|
return false ;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
std::string sslcn = getX509CNString(x509->cert_info->subject);
|
std::string sslcn = getX509CNString(x509->cert_info->subject);
|
||||||
#else
|
#else
|
||||||
std::string sslcn = getX509CNString(X509_get_subject_name(x509));
|
std::string sslcn = getX509CNString(X509_get_subject_name(x509));
|
||||||
@ -1262,7 +1262,7 @@ int AuthSSLimpl::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx)
|
|||||||
std::cerr << "(WW) Certificate was rejected because authentication failed. Diagnostic = " << auth_diagnostic << std::endl;
|
std::cerr << "(WW) Certificate was rejected because authentication failed. Diagnostic = " << auth_diagnostic << std::endl;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
RsPgpId pgpid(std::string(getX509CNString(X509_STORE_CTX_get_current_cert(ctx)->cert_info->issuer)));
|
RsPgpId pgpid(std::string(getX509CNString(X509_STORE_CTX_get_current_cert(ctx)->cert_info->issuer)));
|
||||||
#else
|
#else
|
||||||
RsPgpId pgpid(std::string(getX509CNString(X509_get_issuer_name(X509_STORE_CTX_get_current_cert(ctx)))));
|
RsPgpId pgpid(std::string(getX509CNString(X509_get_issuer_name(X509_STORE_CTX_get_current_cert(ctx)))));
|
||||||
@ -1339,7 +1339,7 @@ bool AuthSSLimpl::encrypt(void *&out, int &outlen, const void *in, int inlen,
|
|||||||
#endif
|
#endif
|
||||||
return false;
|
return false;
|
||||||
} else {
|
} else {
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
public_key = mCerts[peerId]->certificate->cert_info->key->pkey;
|
public_key = mCerts[peerId]->certificate->cert_info->key->pkey;
|
||||||
#else
|
#else
|
||||||
public_key = X509_get0_pubkey(mCerts[peerId]->certificate) ;
|
public_key = X509_get0_pubkey(mCerts[peerId]->certificate) ;
|
||||||
|
@ -361,7 +361,7 @@ void pqissl::getCryptoParams(RsPeerCryptoParams& params)
|
|||||||
|
|
||||||
bool pqissl::actAsServer()
|
bool pqissl::actAsServer()
|
||||||
{
|
{
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
return (bool)ssl_connection->server;
|
return (bool)ssl_connection->server;
|
||||||
#else
|
#else
|
||||||
return (bool)SSL_is_server(ssl_connection);
|
return (bool)SSL_is_server(ssl_connection);
|
||||||
@ -1230,7 +1230,7 @@ int pqissl::Extract_Failed_SSL_Certificate()
|
|||||||
RsPeerId sslid ;
|
RsPeerId sslid ;
|
||||||
getX509id(peercert, sslid) ;
|
getX509id(peercert, sslid) ;
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
RsPgpId gpgid(getX509CNString(peercert->cert_info->issuer));
|
RsPgpId gpgid(getX509CNString(peercert->cert_info->issuer));
|
||||||
std::string sslcn = getX509CNString(peercert->cert_info->subject);
|
std::string sslcn = getX509CNString(peercert->cert_info->subject);
|
||||||
#else
|
#else
|
||||||
|
@ -493,7 +493,7 @@ int pqissllistenbase::continueSSL(IncomingSSLInfo& incoming_connexion_info, bool
|
|||||||
#endif
|
#endif
|
||||||
if(x509 != NULL)
|
if(x509 != NULL)
|
||||||
{
|
{
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
incoming_connexion_info.gpgid = RsPgpId(std::string(getX509CNString(x509->cert_info->issuer)));
|
incoming_connexion_info.gpgid = RsPgpId(std::string(getX509CNString(x509->cert_info->issuer)));
|
||||||
incoming_connexion_info.sslcn = getX509CNString(x509->cert_info->subject);
|
incoming_connexion_info.sslcn = getX509CNString(x509->cert_info->subject);
|
||||||
#else
|
#else
|
||||||
@ -892,7 +892,7 @@ int pqissllistener::completeConnection(int fd, IncomingSSLInfo& info)
|
|||||||
AuthSSL::getAuthSSL()->CheckCertificate(newPeerId, peercert);
|
AuthSSL::getAuthSSL()->CheckCertificate(newPeerId, peercert);
|
||||||
|
|
||||||
/* now need to get GPG id too */
|
/* now need to get GPG id too */
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
RsPgpId pgpid(std::string(getX509CNString(peercert->cert_info->issuer)));
|
RsPgpId pgpid(std::string(getX509CNString(peercert->cert_info->issuer)));
|
||||||
#else
|
#else
|
||||||
RsPgpId pgpid(std::string(getX509CNString(X509_get_issuer_name(peercert))));
|
RsPgpId pgpid(std::string(getX509CNString(X509_get_issuer_name(peercert))));
|
||||||
|
@ -602,7 +602,7 @@ bool getX509id(X509 *x509, RsPeerId& xid)
|
|||||||
}
|
}
|
||||||
|
|
||||||
// get the signature from the cert, and copy to the array.
|
// get the signature from the cert, and copy to the array.
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
ASN1_BIT_STRING *signature = x509->signature;
|
ASN1_BIT_STRING *signature = x509->signature;
|
||||||
#else
|
#else
|
||||||
const ASN1_BIT_STRING *signature = NULL ;
|
const ASN1_BIT_STRING *signature = NULL ;
|
||||||
@ -700,7 +700,7 @@ int LoadCheckX509(const char *cert_file, RsPgpId& issuerName, std::string &locat
|
|||||||
if (valid)
|
if (valid)
|
||||||
{
|
{
|
||||||
// extract the name.
|
// extract the name.
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
issuerName = RsPgpId(std::string(getX509CNString(x509->cert_info->issuer)));
|
issuerName = RsPgpId(std::string(getX509CNString(x509->cert_info->issuer)));
|
||||||
location = getX509LocString(x509->cert_info->subject);
|
location = getX509LocString(x509->cert_info->subject);
|
||||||
#else
|
#else
|
||||||
|
@ -90,7 +90,7 @@ static int clear_tou_socket_error(int s);
|
|||||||
|
|
||||||
#include "tou.h"
|
#include "tou.h"
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
//static void BIO_set_shutdown(BIO *a,int s) { a->shutdown=s; }
|
//static void BIO_set_shutdown(BIO *a,int s) { a->shutdown=s; }
|
||||||
|
|
||||||
static int BIO_get_shutdown(BIO *a) { return a->shutdown; }
|
static int BIO_get_shutdown(BIO *a) { return a->shutdown; }
|
||||||
|
@ -508,7 +508,7 @@ bool RsRecogn::itemToRadix64(RsItem *item, std::string &radstr)
|
|||||||
|
|
||||||
std::string RsRecogn::getRsaKeyId(RSA *pubkey)
|
std::string RsRecogn::getRsaKeyId(RSA *pubkey)
|
||||||
{
|
{
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
int len = BN_num_bytes(pubkey -> n);
|
int len = BN_num_bytes(pubkey -> n);
|
||||||
unsigned char tmp[len];
|
unsigned char tmp[len];
|
||||||
BN_bn2bin(pubkey -> n, tmp);
|
BN_bn2bin(pubkey -> n, tmp);
|
||||||
|
@ -45,7 +45,7 @@ void test_secret_key(const ops_secret_key_t *skey)
|
|||||||
{
|
{
|
||||||
RSA* test=RSA_new();
|
RSA* test=RSA_new();
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
test->n=BN_dup(skey->public_key.key.rsa.n);
|
test->n=BN_dup(skey->public_key.key.rsa.n);
|
||||||
test->e=BN_dup(skey->public_key.key.rsa.e);
|
test->e=BN_dup(skey->public_key.key.rsa.e);
|
||||||
test->d=BN_dup(skey->key.rsa.d);
|
test->d=BN_dup(skey->key.rsa.d);
|
||||||
@ -402,7 +402,7 @@ ops_boolean_t ops_dsa_verify(const unsigned char *hash,size_t hash_length,
|
|||||||
|
|
||||||
osig=DSA_SIG_new();
|
osig=DSA_SIG_new();
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
osig->r=sig->r;
|
osig->r=sig->r;
|
||||||
osig->s=sig->s;
|
osig->s=sig->s;
|
||||||
#else
|
#else
|
||||||
@ -417,7 +417,7 @@ ops_boolean_t ops_dsa_verify(const unsigned char *hash,size_t hash_length,
|
|||||||
already_said=ops_true ;
|
already_said=ops_true ;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
osig->r=NULL; // in this case, the values are not copied.
|
osig->r=NULL; // in this case, the values are not copied.
|
||||||
osig->s=NULL;
|
osig->s=NULL;
|
||||||
#endif
|
#endif
|
||||||
@ -427,7 +427,7 @@ ops_boolean_t ops_dsa_verify(const unsigned char *hash,size_t hash_length,
|
|||||||
}
|
}
|
||||||
|
|
||||||
odsa=DSA_new();
|
odsa=DSA_new();
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
odsa->p=dsa->p;
|
odsa->p=dsa->p;
|
||||||
odsa->q=dsa->q;
|
odsa->q=dsa->q;
|
||||||
odsa->g=dsa->g;
|
odsa->g=dsa->g;
|
||||||
@ -471,7 +471,7 @@ ops_boolean_t ops_dsa_verify(const unsigned char *hash,size_t hash_length,
|
|||||||
return ops_false ;
|
return ops_false ;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
osig->r=NULL;
|
osig->r=NULL;
|
||||||
osig->s=NULL;
|
osig->s=NULL;
|
||||||
|
|
||||||
@ -503,7 +503,7 @@ int ops_rsa_public_decrypt(unsigned char *out,const unsigned char *in,
|
|||||||
int n;
|
int n;
|
||||||
|
|
||||||
orsa=RSA_new();
|
orsa=RSA_new();
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
orsa->n=rsa->n;
|
orsa->n=rsa->n;
|
||||||
orsa->e=rsa->e;
|
orsa->e=rsa->e;
|
||||||
#else
|
#else
|
||||||
@ -512,7 +512,7 @@ int ops_rsa_public_decrypt(unsigned char *out,const unsigned char *in,
|
|||||||
|
|
||||||
n=RSA_public_decrypt(length,in,out,orsa,RSA_NO_PADDING);
|
n=RSA_public_decrypt(length,in,out,orsa,RSA_NO_PADDING);
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
orsa->n=orsa->e=NULL;
|
orsa->n=orsa->e=NULL;
|
||||||
#endif
|
#endif
|
||||||
RSA_free(orsa);
|
RSA_free(orsa);
|
||||||
@ -538,7 +538,7 @@ int ops_rsa_private_encrypt(unsigned char *out,const unsigned char *in,
|
|||||||
int n;
|
int n;
|
||||||
|
|
||||||
orsa=RSA_new();
|
orsa=RSA_new();
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
orsa->n=rsa->n; // XXX: do we need n?
|
orsa->n=rsa->n; // XXX: do we need n?
|
||||||
orsa->d=srsa->d;
|
orsa->d=srsa->d;
|
||||||
orsa->p=srsa->q;
|
orsa->p=srsa->q;
|
||||||
@ -564,7 +564,7 @@ int ops_rsa_private_encrypt(unsigned char *out,const unsigned char *in,
|
|||||||
|
|
||||||
n=RSA_private_encrypt(length,in,out,orsa,RSA_NO_PADDING);
|
n=RSA_private_encrypt(length,in,out,orsa,RSA_NO_PADDING);
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
orsa->n=orsa->d=orsa->p=orsa->q=NULL;
|
orsa->n=orsa->d=orsa->p=orsa->q=NULL;
|
||||||
orsa->e=NULL;
|
orsa->e=NULL;
|
||||||
#endif
|
#endif
|
||||||
@ -592,7 +592,7 @@ int ops_rsa_private_decrypt(unsigned char *out,const unsigned char *in,
|
|||||||
char errbuf[1024];
|
char errbuf[1024];
|
||||||
|
|
||||||
orsa=RSA_new();
|
orsa=RSA_new();
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
orsa->n=rsa->n; // XXX: do we need n?
|
orsa->n=rsa->n; // XXX: do we need n?
|
||||||
orsa->d=srsa->d;
|
orsa->d=srsa->d;
|
||||||
orsa->p=srsa->q;
|
orsa->p=srsa->q;
|
||||||
@ -618,7 +618,7 @@ int ops_rsa_private_decrypt(unsigned char *out,const unsigned char *in,
|
|||||||
ERR_error_string(err,&errbuf[0]);
|
ERR_error_string(err,&errbuf[0]);
|
||||||
fprintf(stderr,"openssl error : %s\n",errbuf);
|
fprintf(stderr,"openssl error : %s\n",errbuf);
|
||||||
}
|
}
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
orsa->n=orsa->d=orsa->p=orsa->q=NULL;
|
orsa->n=orsa->d=orsa->p=orsa->q=NULL;
|
||||||
orsa->e=NULL;
|
orsa->e=NULL;
|
||||||
#endif
|
#endif
|
||||||
@ -644,7 +644,7 @@ int ops_rsa_public_encrypt(unsigned char *out,const unsigned char *in,
|
|||||||
// printf("ops_rsa_public_encrypt: length=%ld\n", length);
|
// printf("ops_rsa_public_encrypt: length=%ld\n", length);
|
||||||
|
|
||||||
orsa=RSA_new();
|
orsa=RSA_new();
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
orsa->n=rsa->n;
|
orsa->n=rsa->n;
|
||||||
orsa->e=rsa->e;
|
orsa->e=rsa->e;
|
||||||
#else
|
#else
|
||||||
@ -664,7 +664,7 @@ int ops_rsa_public_encrypt(unsigned char *out,const unsigned char *in,
|
|||||||
BIO_free(fd_out) ;
|
BIO_free(fd_out) ;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
orsa->n=orsa->e=NULL;
|
orsa->n=orsa->e=NULL;
|
||||||
#endif
|
#endif
|
||||||
RSA_free(orsa);
|
RSA_free(orsa);
|
||||||
@ -744,7 +744,7 @@ ops_boolean_t ops_rsa_generate_keypair(const int numbits, const unsigned long e,
|
|||||||
skey->public_key.days_valid=0;
|
skey->public_key.days_valid=0;
|
||||||
skey->public_key.algorithm= OPS_PKA_RSA;
|
skey->public_key.algorithm= OPS_PKA_RSA;
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
skey->public_key.key.rsa.n=BN_dup(rsa->n);
|
skey->public_key.key.rsa.n=BN_dup(rsa->n);
|
||||||
skey->public_key.key.rsa.e=BN_dup(rsa->e);
|
skey->public_key.key.rsa.e=BN_dup(rsa->e);
|
||||||
skey->key.rsa.d=BN_dup(rsa->d);
|
skey->key.rsa.d=BN_dup(rsa->d);
|
||||||
@ -766,7 +766,7 @@ ops_boolean_t ops_rsa_generate_keypair(const int numbits, const unsigned long e,
|
|||||||
skey->octet_count=0;
|
skey->octet_count=0;
|
||||||
skey->checksum=0;
|
skey->checksum=0;
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
skey->key.rsa.p=BN_dup(rsa->p);
|
skey->key.rsa.p=BN_dup(rsa->p);
|
||||||
skey->key.rsa.q=BN_dup(rsa->q);
|
skey->key.rsa.q=BN_dup(rsa->q);
|
||||||
skey->key.rsa.u=BN_mod_inverse(NULL,rsa->p, rsa->q, ctx);
|
skey->key.rsa.u=BN_mod_inverse(NULL,rsa->p, rsa->q, ctx);
|
||||||
@ -888,7 +888,7 @@ DSA_SIG* ops_dsa_sign(unsigned char* hashbuf, unsigned hashsize, const ops_dsa_s
|
|||||||
DSA_SIG *dsasig;
|
DSA_SIG *dsasig;
|
||||||
|
|
||||||
odsa=DSA_new();
|
odsa=DSA_new();
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
odsa->p=dsa->p;
|
odsa->p=dsa->p;
|
||||||
odsa->q=dsa->q;
|
odsa->q=dsa->q;
|
||||||
odsa->g=dsa->g;
|
odsa->g=dsa->g;
|
||||||
@ -901,7 +901,7 @@ DSA_SIG* ops_dsa_sign(unsigned char* hashbuf, unsigned hashsize, const ops_dsa_s
|
|||||||
|
|
||||||
dsasig=DSA_do_sign(hashbuf,hashsize,odsa);
|
dsasig=DSA_do_sign(hashbuf,hashsize,odsa);
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
odsa->p=odsa->q=odsa->g=odsa->pub_key=odsa->priv_key=NULL;
|
odsa->p=odsa->q=odsa->g=odsa->pub_key=odsa->priv_key=NULL;
|
||||||
#endif
|
#endif
|
||||||
DSA_free(odsa);
|
DSA_free(odsa);
|
||||||
|
@ -298,7 +298,7 @@ static ops_boolean_t dsa_sign(ops_hash_t *hash, const ops_dsa_public_key_t *dsa,
|
|||||||
dsasig=ops_dsa_sign(hashbuf, hashsize, sdsa, dsa);
|
dsasig=ops_dsa_sign(hashbuf, hashsize, sdsa, dsa);
|
||||||
|
|
||||||
// convert and write the sig out to memory
|
// convert and write the sig out to memory
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||||
ops_write_mpi(dsasig->r, cinfo);
|
ops_write_mpi(dsasig->r, cinfo);
|
||||||
ops_write_mpi(dsasig->s, cinfo);
|
ops_write_mpi(dsasig->s, cinfo);
|
||||||
#else
|
#else
|
||||||
|
Loading…
Reference in New Issue
Block a user