openssl-compat.c revision 264377 
1/* $Id: openssl-compat.c,v 1.17 2014/02/13 05:38:33 dtucker Exp $ */
2
3/*
4 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER
15 * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
16 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19#include "includes.h"
20
21#include <stdarg.h>
22#include <string.h>
23
24#ifdef USE_OPENSSL_ENGINE
25# include <openssl/engine.h>
26# include <openssl/conf.h>
27#endif
28
29#ifndef HAVE_RSA_GET_DEFAULT_METHOD
30# include <openssl/rsa.h>
31#endif
32
33#include "log.h"
34
35#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
36#include "openssl-compat.h"
37
38#ifdef SSH_OLD_EVP
39int
40ssh_EVP_CipherInit(EVP_CIPHER_CTX *evp, const EVP_CIPHER *type,
41    unsigned char *key, unsigned char *iv, int enc)
42{
43	EVP_CipherInit(evp, type, key, iv, enc);
44	return 1;
45}
46
47int
48ssh_EVP_Cipher(EVP_CIPHER_CTX *evp, char *dst, char *src, int len)
49{
50	EVP_Cipher(evp, dst, src, len);
51	return 1;
52}
53
54int
55ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp)
56{
57	EVP_CIPHER_CTX_cleanup(evp);
58	return 1;
59}
60#endif
61
62#ifndef HAVE_EVP_DIGESTINIT_EX
63int
64EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, void *engine)
65{
66	if (engine != NULL)
67		fatal("%s: ENGINE is not supported", __func__);
68# ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
69	EVP_DigestInit(ctx, md);
70	return 1;
71# else
72	return EVP_DigestInit(ctx, md);
73# endif
74}
75#endif
76
77#ifndef HAVE_EVP_DIGESTFINAL_EX
78int
79EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s)
80{
81# ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
82	EVP_DigestFinal(ctx, md, s);
83	return 1;
84# else
85	return EVP_DigestFinal(ctx, md, s);
86# endif
87}
88#endif
89
90#ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
91int
92ssh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt)
93{
94	EVP_DigestUpdate(ctx, d, cnt);
95	return 1;
96}
97#endif
98
99#ifndef HAVE_EVP_MD_CTX_COPY_EX
100int
101EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
102{
103	return EVP_MD_CTX_copy(out, in);
104}
105#endif
106
107#ifndef HAVE_BN_IS_PRIME_EX
108int
109BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, void *cb)
110{
111	if (cb != NULL)
112		fatal("%s: callback args not supported", __func__);
113	return BN_is_prime(p, nchecks, NULL, ctx, NULL);
114}
115#endif
116
117#ifndef HAVE_RSA_GENERATE_KEY_EX
118int
119RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *bn_e, void *cb)
120{
121	RSA *new_rsa, tmp_rsa;
122	unsigned long e;
123
124	if (cb != NULL)
125		fatal("%s: callback args not supported", __func__);
126	e = BN_get_word(bn_e);
127	if (e == 0xffffffffL)
128		fatal("%s: value of e too large", __func__);
129	new_rsa = RSA_generate_key(bits, e, NULL, NULL);
130	if (new_rsa == NULL)
131		return 0;
132	/* swap rsa/new_rsa then free new_rsa */
133	tmp_rsa = *rsa;
134	*rsa = *new_rsa;
135	*new_rsa = tmp_rsa;
136	RSA_free(new_rsa);
137	return 1;
138}
139#endif
140
141#ifndef HAVE_DSA_GENERATE_PARAMETERS_EX
142int
143DSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed,
144    int seed_len, int *counter_ret, unsigned long *h_ret, void *cb)
145{
146	DSA *new_dsa, tmp_dsa;
147
148	if (cb != NULL)
149		fatal("%s: callback args not supported", __func__);
150	new_dsa = DSA_generate_parameters(bits, (unsigned char *)seed, seed_len,
151	    counter_ret, h_ret, NULL, NULL);
152	if (new_dsa == NULL)
153		return 0;
154	/* swap dsa/new_dsa then free new_dsa */
155	tmp_dsa = *dsa;
156	*dsa = *new_dsa;
157	*new_dsa = tmp_dsa;
158	DSA_free(new_dsa);
159	return 1;
160}
161#endif
162
163#ifndef HAVE_RSA_GET_DEFAULT_METHOD
164RSA_METHOD *
165RSA_get_default_method(void)
166{
167	return RSA_PKCS1_SSLeay();
168}
169#endif
170
171#ifdef	USE_OPENSSL_ENGINE
172void
173ssh_OpenSSL_add_all_algorithms(void)
174{
175	OpenSSL_add_all_algorithms();
176
177	/* Enable use of crypto hardware */
178	ENGINE_load_builtin_engines();
179	ENGINE_register_all_complete();
180	OPENSSL_config(NULL);
181}
182#endif
183