1/* $Id: openssl-compat.c,v 1.14 2011/05/10 01:13:38 dtucker Exp $ */
2
3/*
4 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER
15 * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
16 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19#include "includes.h"
20
21#include <stdarg.h>
22#include <string.h>
23
24#ifdef USE_OPENSSL_ENGINE
25# include <openssl/engine.h>
26# include <openssl/conf.h>
27#endif
28
29#ifndef HAVE_RSA_GET_DEFAULT_METHOD
30# include <openssl/rsa.h>
31#endif
32
33#include "log.h"
34
35#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
36#include "openssl-compat.h"
37
38#ifdef SSH_OLD_EVP
39int
40ssh_EVP_CipherInit(EVP_CIPHER_CTX *evp, const EVP_CIPHER *type,
41    unsigned char *key, unsigned char *iv, int enc)
42{
43	EVP_CipherInit(evp, type, key, iv, enc);
44	return 1;
45}
46
47int
48ssh_EVP_Cipher(EVP_CIPHER_CTX *evp, char *dst, char *src, int len)
49{
50	EVP_Cipher(evp, dst, src, len);
51	return 1;
52}
53
54int
55ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp)
56{
57	EVP_CIPHER_CTX_cleanup(evp);
58	return 1;
59}
60#endif
61
62#ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
63int
64ssh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt)
65{
66	EVP_DigestUpdate(ctx, d, cnt);
67	return 1;
68}
69#endif
70
71#ifndef HAVE_BN_IS_PRIME_EX
72int
73BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, void *cb)
74{
75	if (cb != NULL)
76		fatal("%s: callback args not supported", __func__);
77	return BN_is_prime(p, nchecks, NULL, ctx, NULL);
78}
79#endif
80
81#ifndef HAVE_RSA_GENERATE_KEY_EX
82int
83RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *bn_e, void *cb)
84{
85	RSA *new_rsa, tmp_rsa;
86	unsigned long e;
87
88	if (cb != NULL)
89		fatal("%s: callback args not supported", __func__);
90	e = BN_get_word(bn_e);
91	if (e == 0xffffffffL)
92		fatal("%s: value of e too large", __func__);
93	new_rsa = RSA_generate_key(bits, e, NULL, NULL);
94	if (new_rsa == NULL)
95		return 0;
96	/* swap rsa/new_rsa then free new_rsa */
97	tmp_rsa = *rsa;
98	*rsa = *new_rsa;
99	*new_rsa = tmp_rsa;
100	RSA_free(new_rsa);
101	return 1;
102}
103#endif
104
105#ifndef HAVE_DSA_GENERATE_PARAMETERS_EX
106int
107DSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed,
108    int seed_len, int *counter_ret, unsigned long *h_ret, void *cb)
109{
110	DSA *new_dsa, tmp_dsa;
111
112	if (cb != NULL)
113		fatal("%s: callback args not supported", __func__);
114	new_dsa = DSA_generate_parameters(bits, (unsigned char *)seed, seed_len,
115	    counter_ret, h_ret, NULL, NULL);
116	if (new_dsa == NULL)
117		return 0;
118	/* swap dsa/new_dsa then free new_dsa */
119	tmp_dsa = *dsa;
120	*dsa = *new_dsa;
121	*new_dsa = tmp_dsa;
122	DSA_free(new_dsa);
123	return 1;
124}
125#endif
126
127#ifndef HAVE_RSA_GET_DEFAULT_METHOD
128RSA_METHOD *
129RSA_get_default_method(void)
130{
131	return RSA_PKCS1_SSLeay();
132}
133#endif
134
135#ifdef	USE_OPENSSL_ENGINE
136void
137ssh_OpenSSL_add_all_algorithms(void)
138{
139	OpenSSL_add_all_algorithms();
140
141	/* Enable use of crypto hardware */
142	ENGINE_load_builtin_engines();
143	ENGINE_register_all_complete();
144	OPENSSL_config(NULL);
145}
146#endif
147