generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-10-25 10:09:36 +02:00
Code Issues Projects Releases Wiki Activity

Crypto and NetSSL fixes for OpenSSL 1.1

Browse Source
This commit is contained in:
Günter Obiltschnig
2016-11-27 23:58:39 +01:00
parent daa2db3c53
commit 75a7ee4b0f
6 changed files with 103 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Crypto/include/Poco/Crypto/DigestEngine.h
View File

@@ -61,7 +61,7 @@ protected:
private: private:
std::string _name; std::string _name;
EVP_MD_CTX* _ctx; EVP_MD_CTX* _pContext;
Poco::DigestEngine::Digest _digest; Poco::DigestEngine::Digest _digest;
OpenSSLInitializer _openSSLInitializer; OpenSSLInitializer _openSSLInitializer;
}; };

54
Crypto/src/CipherImpl.cpp
View File

@@ -77,7 +77,11 @@ namespace
private: private:
const EVP_CIPHER* _pCipher; const EVP_CIPHER* _pCipher;
EVP_CIPHER_CTX _ctx; #if OPENSSL_VERSION_NUMBER >= 0x10100000L
EVP_CIPHER_CTX* _pContext;
#else
EVP_CIPHER_CTX _context;
#endif
ByteVec _key; ByteVec _key;
ByteVec _iv; ByteVec _iv;
}; };
@@ -92,30 +96,52 @@ namespace
_key(key), _key(key),
_iv(iv) _iv(iv)
{ {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
_pContext = EVP_CIPHER_CTX_new();
EVP_CipherInit( EVP_CipherInit(
&_ctx, _pContext,
_pCipher, _pCipher,
&_key[0], &_key[0],
_iv.empty() ? 0 : &_iv[0], _iv.empty() ? 0 : &_iv[0],
(dir == DIR_ENCRYPT) ? 1 : 0); (dir == DIR_ENCRYPT) ? 1 : 0);
#else
EVP_CipherInit(
&_context,
_pCipher,
&_key[0],
_iv.empty() ? 0 : &_iv[0],
(dir == DIR_ENCRYPT) ? 1 : 0);
#endif
} }
CryptoTransformImpl::~CryptoTransformImpl() CryptoTransformImpl::~CryptoTransformImpl()
{ {
EVP_CIPHER_CTX_cleanup(&_ctx); #if OPENSSL_VERSION_NUMBER >= 0x10100000L
EVP_CIPHER_CTX_cleanup(_pContext);
#else
EVP_CIPHER_CTX_cleanup(&_context);
#endif
} }
std::size_t CryptoTransformImpl::blockSize() const std::size_t CryptoTransformImpl::blockSize() const
{ {
return EVP_CIPHER_CTX_block_size(&_ctx); #if OPENSSL_VERSION_NUMBER >= 0x10100000L
return EVP_CIPHER_CTX_block_size(_pContext);
#else
return EVP_CIPHER_CTX_block_size(&_context);
#endif
} }
int CryptoTransformImpl::setPadding(int padding) int CryptoTransformImpl::setPadding(int padding)
{ {
return EVP_CIPHER_CTX_set_padding(&_ctx, padding); #if OPENSSL_VERSION_NUMBER >= 0x10100000L
return EVP_CIPHER_CTX_block_size(_pContext);
#else
return EVP_CIPHER_CTX_set_padding(&_context, padding);
#endif
} }
@@ -128,13 +154,21 @@ namespace
poco_assert (outputLength >= (inputLength + blockSize() - 1)); poco_assert (outputLength >= (inputLength + blockSize() - 1));
int outLen = static_cast<int>(outputLength); int outLen = static_cast<int>(outputLength);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
int rc = EVP_CipherUpdate( int rc = EVP_CipherUpdate(
&_ctx, _pContext,
output, output,
&outLen, &outLen,
input, input,
static_cast<int>(inputLength)); static_cast<int>(inputLength));
#else
int rc = EVP_CipherUpdate(
&_context,
output,
&outLen,
input,
static_cast<int>(inputLength));
#endif
if (rc == 0) if (rc == 0)
throwError(); throwError();
@@ -153,7 +187,11 @@ namespace
// Use the '_ex' version that does not perform implicit cleanup since we // Use the '_ex' version that does not perform implicit cleanup since we
// will call EVP_CIPHER_CTX_cleanup() from the dtor as there is no // will call EVP_CIPHER_CTX_cleanup() from the dtor as there is no
// guarantee that finalize() will be called if an error occurred. // guarantee that finalize() will be called if an error occurred.
int rc = EVP_CipherFinal_ex(&_ctx, output, &len); #if OPENSSL_VERSION_NUMBER >= 0x10100000L
int rc = EVP_CipherFinal_ex(_pContext, output, &len);
#else
int rc = EVP_CipherFinal_ex(&_context, output, &len);
#endif
if (rc == 0) if (rc == 0)
throwError(); throwError();

27
Crypto/src/DigestEngine.cpp
View File

@@ -23,46 +23,51 @@ namespace Crypto {
DigestEngine::DigestEngine(const std::string& name): DigestEngine::DigestEngine(const std::string& name):
_name(name) _name(name),
_pContext(EVP_MD_CTX_create())
{ {
const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); const EVP_MD* md = EVP_get_digestbyname(_name.c_str());
if (!md) throw Poco::NotFoundException(_name); if (!md) throw Poco::NotFoundException(_name);
_ctx = EVP_MD_CTX_create(); EVP_DigestInit_ex(_pContext, md, NULL);
EVP_DigestInit_ex(_ctx, md, NULL);
} }
DigestEngine::~DigestEngine() DigestEngine::~DigestEngine()
{ {
EVP_MD_CTX_destroy(_ctx); EVP_MD_CTX_destroy(_pContext);
} }
int DigestEngine::nid() const int DigestEngine::nid() const
{ {
return EVP_MD_nid(_ctx->digest); return EVP_MD_nid(EVP_MD_CTX_md(_pContext));
} }
std::size_t DigestEngine::digestLength() const std::size_t DigestEngine::digestLength() const
{ {
return EVP_MD_CTX_size(_ctx); return EVP_MD_CTX_size(_pContext);
} }
void DigestEngine::reset() void DigestEngine::reset()
{ {
EVP_MD_CTX_cleanup(_ctx); #if OPENSSL_VERSION_NUMBER >= 0x10100000L
EVP_MD_CTX_free(_pContext);
_pContext = EVP_MD_CTX_create();
#else
EVP_MD_CTX_cleanup(_pContext);
#endif
const EVP_MD* md = EVP_get_digestbyname(_name.c_str()); const EVP_MD* md = EVP_get_digestbyname(_name.c_str());
if (!md) throw Poco::NotFoundException(_name); if (!md) throw Poco::NotFoundException(_name);
EVP_DigestInit_ex(_ctx, md, NULL); EVP_DigestInit_ex(_pContext, md, NULL);
} }
const Poco::DigestEngine::Digest& DigestEngine::digest() const Poco::DigestEngine::Digest& DigestEngine::digest()
{ {
_digest.clear(); _digest.clear();
unsigned len = EVP_MD_CTX_size(_ctx); unsigned len = EVP_MD_CTX_size(_pContext);
_digest.resize(len); _digest.resize(len);
EVP_DigestFinal_ex(_ctx, &_digest[0], &len); EVP_DigestFinal_ex(_pContext, &_digest[0], &len);
reset(); reset();
return _digest; return _digest;
} }
@@ -70,7 +75,7 @@ const Poco::DigestEngine::Digest& DigestEngine::digest()
void DigestEngine::updateImpl(const void* data, std::size_t length) void DigestEngine::updateImpl(const void* data, std::size_t length)
{ {
EVP_DigestUpdate(_ctx, data, length); EVP_DigestUpdate(_pContext, data, length);
} }

24
Crypto/src/RSAKeyImpl.cpp
View File

@@ -207,19 +207,43 @@ int RSAKeyImpl::size() const
RSAKeyImpl::ByteVec RSAKeyImpl::modulus() const RSAKeyImpl::ByteVec RSAKeyImpl::modulus() const
{ {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const BIGNUM* n = 0;
const BIGNUM* e = 0;
const BIGNUM* d = 0;
RSA_get0_key(_pRSA, &n, &e, &d);
return convertToByteVec(n);
#else
return convertToByteVec(_pRSA->n); return convertToByteVec(_pRSA->n);
#endif
} }
RSAKeyImpl::ByteVec RSAKeyImpl::encryptionExponent() const RSAKeyImpl::ByteVec RSAKeyImpl::encryptionExponent() const
{ {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const BIGNUM* n = 0;
const BIGNUM* e = 0;
const BIGNUM* d = 0;
RSA_get0_key(_pRSA, &n, &e, &d);
return convertToByteVec(e);
#else
return convertToByteVec(_pRSA->e); return convertToByteVec(_pRSA->e);
#endif
} }
RSAKeyImpl::ByteVec RSAKeyImpl::decryptionExponent() const RSAKeyImpl::ByteVec RSAKeyImpl::decryptionExponent() const
{ {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const BIGNUM* n = 0;
const BIGNUM* e = 0;
const BIGNUM* d = 0;
RSA_get0_key(_pRSA, &n, &e, &d);
return convertToByteVec(d);
#else
return convertToByteVec(_pRSA->d); return convertToByteVec(_pRSA->d);
#endif
} }

4
Crypto/src/X509Certificate.cpp
View File

@@ -59,7 +59,11 @@ X509Certificate::X509Certificate(X509* pCert, bool shared):
if (shared) if (shared)
{ {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
X509_up_ref(_pCert);
#else
_pCert->references++; _pCert->references++;
#endif
} }
init(); init();

12
NetSSL_OpenSSL/src/Context.cpp
View File

@@ -494,6 +494,17 @@ void Context::initDH(const std::string& dhParamsFile)
std::string msg = Utility::getLastError(); std::string msg = Utility::getLastError();
throw SSLContextException("Error creating Diffie-Hellman parameters", msg); throw SSLContextException("Error creating Diffie-Hellman parameters", msg);
} }
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
BIGNUM* p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
BIGNUM* g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
DH_set0_pqg(dh, p, 0, g);
DH_set_length(dh, 160);
if (!p || !g)
{
DH_free(dh);
throw SSLContextException("Error creating Diffie-Hellman parameters");
}
#else
dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0); dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0); dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
dh->length = 160; dh->length = 160;
@@ -502,6 +513,7 @@ void Context::initDH(const std::string& dhParamsFile)
DH_free(dh); DH_free(dh);
throw SSLContextException("Error creating Diffie-Hellman parameters"); throw SSLContextException("Error creating Diffie-Hellman parameters");
} }
#endif
} }
SSL_CTX_set_tmp_dh(_pSSLContext, dh); SSL_CTX_set_tmp_dh(_pSSLContext, dh);
SSL_CTX_set_options(_pSSLContext, SSL_OP_SINGLE_DH_USE); SSL_CTX_set_options(_pSSLContext, SSL_OP_SINGLE_DH_USE);