openssl-compat.c revision 1305e95ba6ff9fa202d0818caf10405df4b0f648
1ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru/* $Id: openssl-compat.c,v 1.14 2011/05/10 01:13:38 dtucker Exp $ */ 2ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 3ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru/* 4ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> 5ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * 6ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * Permission to use, copy, modify, and distribute this software for any 7ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * purpose with or without fee is hereby granted, provided that the above 8ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * copyright notice and this permission notice appear in all copies. 9ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * 10ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER 15ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 16ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru */ 18ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 19ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#include "includes.h" 20ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 21ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#include <stdarg.h> 22ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#include <string.h> 23ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 24ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#ifdef USE_OPENSSL_ENGINE 25ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru# include <openssl/engine.h> 26ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru# include <openssl/conf.h> 27ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#endif 28ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 29ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#ifndef HAVE_RSA_GET_DEFAULT_METHOD 30ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru# include <openssl/rsa.h> 31ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#endif 32ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 33ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#include "log.h" 34ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 35ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS 36ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#include "openssl-compat.h" 37ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 38ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#ifdef SSH_OLD_EVP 39ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queruint 40ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Querussh_EVP_CipherInit(EVP_CIPHER_CTX *evp, const EVP_CIPHER *type, 41ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru unsigned char *key, unsigned char *iv, int enc) 42ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru{ 43ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru EVP_CipherInit(evp, type, key, iv, enc); 44ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru return 1; 45ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru} 46ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 47ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queruint 48ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Querussh_EVP_Cipher(EVP_CIPHER_CTX *evp, char *dst, char *src, int len) 49ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru{ 50ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru EVP_Cipher(evp, dst, src, len); 51ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru return 1; 52ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru} 53ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 54ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queruint 55ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Querussh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp) 56ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru{ 57ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru EVP_CIPHER_CTX_cleanup(evp); 58ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru return 1; 59ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru} 60ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#endif 61ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 62ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#ifdef OPENSSL_EVP_DIGESTUPDATE_VOID 63ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queruint 64ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Querussh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt) 65ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru{ 66ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru EVP_DigestUpdate(ctx, d, cnt); 67ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru return 1; 68ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru} 69ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#endif 70ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 71ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#ifndef HAVE_BN_IS_PRIME_EX 72ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queruint 73ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste QueruBN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, void *cb) 74ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru{ 75ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru if (cb != NULL) 76ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru fatal("%s: callback args not supported", __func__); 77ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru return BN_is_prime(p, nchecks, NULL, ctx, NULL); 78ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru} 79ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#endif 80ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 81ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#ifndef HAVE_RSA_GENERATE_KEY_EX 82ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queruint 83ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste QueruRSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *bn_e, void *cb) 84ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru{ 85ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru RSA *new_rsa, tmp_rsa; 86ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru unsigned long e; 87ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 88ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru if (cb != NULL) 89ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru fatal("%s: callback args not supported", __func__); 90ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru e = BN_get_word(bn_e); 91ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru if (e == 0xffffffffL) 92ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru fatal("%s: value of e too large", __func__); 93ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru new_rsa = RSA_generate_key(bits, e, NULL, NULL); 94ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru if (new_rsa == NULL) 95ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru return 0; 96ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru /* swap rsa/new_rsa then free new_rsa */ 97ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru tmp_rsa = *rsa; 98ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru *rsa = *new_rsa; 99ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru *new_rsa = tmp_rsa; 100ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru RSA_free(new_rsa); 101ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru return 1; 102ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru} 103ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#endif 104ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 105ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#ifndef HAVE_DSA_GENERATE_PARAMETERS_EX 106ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queruint 107ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste QueruDSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed, 108ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru int seed_len, int *counter_ret, unsigned long *h_ret, void *cb) 109ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru{ 110ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru DSA *new_dsa, tmp_dsa; 111ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 112ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru if (cb != NULL) 113ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru fatal("%s: callback args not supported", __func__); 114ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru new_dsa = DSA_generate_parameters(bits, (unsigned char *)seed, seed_len, 115ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru counter_ret, h_ret, NULL, NULL); 116ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru if (new_dsa == NULL) 117ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru return 0; 118ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru /* swap dsa/new_dsa then free new_dsa */ 119ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru tmp_dsa = *dsa; 120ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru *dsa = *new_dsa; 121ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru *new_dsa = tmp_dsa; 122ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru DSA_free(new_dsa); 123ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru return 1; 124ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru} 125ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#endif 126ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru 127ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste Queru#ifndef HAVE_RSA_GET_DEFAULT_METHOD 128ac04d0bbe12b3ef54518635711412f178cb4d16Jean-Baptiste QueruRSA_METHOD * 129RSA_get_default_method(void) 130{ 131 return RSA_PKCS1_SSLeay(); 132} 133#endif 134 135#ifdef USE_OPENSSL_ENGINE 136void 137ssh_OpenSSL_add_all_algorithms(void) 138{ 139 OpenSSL_add_all_algorithms(); 140 141 /* Enable use of crypto hardware */ 142 ENGINE_load_builtin_engines(); 143 ENGINE_register_all_complete(); 144 OPENSSL_config(NULL); 145} 146#endif 147