11305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* $Id: openssl-compat.h,v 1.19 2011/05/10 01:13:38 dtucker Exp $ */ 21305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 31305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 41305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> 51305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * 61305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * Permission to use, copy, modify, and distribute this software for any 71305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * purpose with or without fee is hereby granted, provided that the above 81305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * copyright notice and this permission notice appear in all copies. 91305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * 101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER 151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include "includes.h" 201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <openssl/opensslv.h> 211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <openssl/evp.h> 221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <openssl/rsa.h> 231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#include <openssl/dsa.h> 241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* Only in 0.9.8 */ 261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifndef OPENSSL_DSA_MAX_MODULUS_BITS 271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define OPENSSL_DSA_MAX_MODULUS_BITS 10000 281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifndef OPENSSL_RSA_MAX_MODULUS_BITS 301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define OPENSSL_RSA_MAX_MODULUS_BITS 16384 311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* OPENSSL_free() is Free() in versions before OpenSSL 0.9.6 */ 341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090600f) 351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define OPENSSL_free(x) Free(x) 361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#if OPENSSL_VERSION_NUMBER < 0x00906000L 391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define SSH_OLD_EVP 401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) 411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#if OPENSSL_VERSION_NUMBER < 0x1000000fL 441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define LIBCRYPTO_EVP_INL_TYPE unsigned int 451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#else 461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define LIBCRYPTO_EVP_INL_TYPE size_t 471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#if (OPENSSL_VERSION_NUMBER < 0x00907000L) || defined(OPENSSL_LOBOTOMISED_AES) 501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define USE_BUILTIN_RIJNDAEL 511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifdef USE_BUILTIN_RIJNDAEL 541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# include "rijndael.h" 551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define AES_KEY rijndael_ctx 561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define AES_BLOCK_SIZE 16 571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define AES_encrypt(a, b, c) rijndael_encrypt(c, a, b) 581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define AES_set_encrypt_key(a, b, c) rijndael_set_key(c, (char *)a, b, 1) 591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define EVP_aes_128_cbc evp_rijndael 601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define EVP_aes_192_cbc evp_rijndael 611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define EVP_aes_256_cbc evp_rijndael 621305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern const EVP_CIPHER *evp_rijndael(void); 631305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); 641305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 651305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 661305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#if !defined(EVP_CTRL_SET_ACSS_MODE) 671305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# if (OPENSSL_VERSION_NUMBER >= 0x00907000L) 681305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define USE_CIPHER_ACSS 1 691305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodextern const EVP_CIPHER *evp_acss(void); 701305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define EVP_acss evp_acss 711305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# else 721305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define EVP_acss NULL 731305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# endif 741305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 751305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 761305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* OpenSSL 0.9.8e returns cipher key len not context key len */ 771305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#if (OPENSSL_VERSION_NUMBER == 0x0090805fL) 781305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define EVP_CIPHER_CTX_key_length(c) ((c)->key_len) 791305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 801305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 811305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifndef HAVE_RSA_GET_DEFAULT_METHOD 821305e95ba6ff9fa202d0818caf10405df4b0f648Mike LockwoodRSA_METHOD *RSA_get_default_method(void); 831305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif 841305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 851305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood/* 861305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * We overload some of the OpenSSL crypto functions with ssh_* equivalents 871305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * which cater for older and/or less featureful OpenSSL version. 881305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * 891305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * In order for the compat library to call the real functions, it must 901305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and 911305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood * implement the ssh_* equivalents. 921305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood */ 931305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#ifndef SSH_DONT_OVERLOAD_OPENSSL_FUNCS 941305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 951305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# ifdef SSH_OLD_EVP 961305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# ifdef EVP_Cipher 971305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# undef EVP_Cipher 981305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# endif 991305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define EVP_CipherInit(a,b,c,d,e) ssh_EVP_CipherInit((a),(b),(c),(d),(e)) 1001305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define EVP_Cipher(a,b,c,d) ssh_EVP_Cipher((a),(b),(c),(d)) 1011305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define EVP_CIPHER_CTX_cleanup(a) ssh_EVP_CIPHER_CTX_cleanup((a)) 1021305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# endif /* SSH_OLD_EVP */ 1031305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1041305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# ifdef OPENSSL_EVP_DIGESTUPDATE_VOID 1051305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define EVP_DigestUpdate(a,b,c) ssh_EVP_DigestUpdate((a),(b),(c)) 1061305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# endif 1071305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1081305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# ifdef USE_OPENSSL_ENGINE 1091305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# ifdef OpenSSL_add_all_algorithms 1101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# undef OpenSSL_add_all_algorithms 1111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# endif 1121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# define OpenSSL_add_all_algorithms() ssh_OpenSSL_add_all_algorithms() 1131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# endif 1141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# ifndef HAVE_BN_IS_PRIME_EX 1161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint BN_is_prime_ex(const BIGNUM *, int, BN_CTX *, void *); 1171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# endif 1181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# ifndef HAVE_DSA_GENERATE_PARAMETERS_EX 1201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint DSA_generate_parameters_ex(DSA *, int, const unsigned char *, int, int *, 1211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood unsigned long *, void *); 1221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# endif 1231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# ifndef HAVE_RSA_GENERATE_KEY_EX 1251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint RSA_generate_key_ex(RSA *, int, BIGNUM *, void *); 1261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood# endif 1271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 1281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *, 1291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood unsigned char *, int); 1301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int); 1311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodint ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); 1321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodvoid ssh_OpenSSL_add_all_algorithms(void); 1331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ 1341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood 135