]>
Commit | Line | Data |
---|---|---|
0307f255 AM |
1 | From 7b29b6bd2547e72e22b9b7981df27092842d2a10 Mon Sep 17 00:00:00 2001 |
2 | From: rakshasa <sundell.software@gmail.com> | |
3 | Date: Tue, 20 Dec 2016 19:51:02 +0900 | |
4 | Subject: [PATCH] Added support for openssl 1.1. | |
5 | ||
6 | --- | |
7 | configure.ac | 4 ++++ | |
8 | src/utils/diffie_hellman.cc | 36 ++++++++++++++++++++++++++++++++++-- | |
9 | 2 files changed, 38 insertions(+), 2 deletions(-) | |
10 | ||
11 | diff --git a/configure.ac b/configure.ac | |
12 | index 5b1ea237..b885714d 100644 | |
13 | --- a/configure.ac | |
14 | +++ b/configure.ac | |
15 | @@ -71,12 +71,15 @@ AC_ARG_ENABLE(openssl, | |
16 | [ --disable-openssl Don't use OpenSSL's SHA1 implementation.], | |
17 | [ | |
18 | if test "$enableval" = "yes"; then | |
19 | +dnl move to scripts. | |
20 | PKG_CHECK_MODULES(OPENSSL, libcrypto, | |
21 | CXXFLAGS="$CXXFLAGS $OPENSSL_CFLAGS"; | |
22 | LIBS="$LIBS $OPENSSL_LIBS") | |
23 | ||
24 | AC_DEFINE(USE_OPENSSL, 1, Using OpenSSL.) | |
25 | AC_DEFINE(USE_OPENSSL_SHA, 1, Using OpenSSL's SHA1 implementation.) | |
26 | + AC_CHECK_LIB([crypto], [DH_set0_pqg], [AC_DEFINE(USE_OPENSSL_1_1, 1, Using OpenSSL 1.1.)]) | |
27 | + | |
28 | else | |
29 | AC_DEFINE(USE_NSS_SHA, 1, Using Mozilla's SHA1 implementation.) | |
30 | fi | |
31 | @@ -87,6 +90,7 @@ AC_ARG_ENABLE(openssl, | |
32 | ||
33 | AC_DEFINE(USE_OPENSSL, 1, Using OpenSSL.) | |
34 | AC_DEFINE(USE_OPENSSL_SHA, 1, Using OpenSSL's SHA1 implementation.) | |
35 | + AC_CHECK_LIB([crypto], [DH_set0_pqg], [AC_DEFINE(USE_OPENSSL_1_1, 1, Using OpenSSL 1.1.)]) | |
36 | ] | |
37 | ) | |
38 | ||
39 | diff --git a/src/utils/diffie_hellman.cc b/src/utils/diffie_hellman.cc | |
40 | index aa653d45..7ec13165 100644 | |
41 | --- a/src/utils/diffie_hellman.cc | |
42 | +++ b/src/utils/diffie_hellman.cc | |
43 | @@ -54,11 +54,23 @@ DiffieHellman::DiffieHellman(const unsigned char *prime, int primeLength, | |
44 | m_secret(NULL), m_size(0) { | |
45 | ||
46 | #ifdef USE_OPENSSL | |
47 | + | |
48 | m_dh = DH_new(); | |
49 | + | |
50 | +#ifdef USE_OPENSSL_1_1 | |
51 | + BIGNUM * const dh_p = BN_bin2bn(prime, primeLength, NULL); | |
52 | + BIGNUM * const dh_g = BN_bin2bn(generator, generatorLength, NULL); | |
53 | + | |
54 | + if (dh_p == NULL || dh_g == NULL || | |
55 | + !DH_set0_pqg(m_dh, dh_p, NULL, dh_g)) | |
56 | + throw internal_error("Could not generate Diffie-Hellman parameters"); | |
57 | +#else | |
58 | m_dh->p = BN_bin2bn(prime, primeLength, NULL); | |
59 | m_dh->g = BN_bin2bn(generator, generatorLength, NULL); | |
60 | +#endif | |
61 | ||
62 | DH_generate_key(m_dh); | |
63 | + | |
64 | #else | |
65 | throw internal_error("Compiled without encryption support."); | |
66 | #endif | |
67 | @@ -74,7 +86,19 @@ DiffieHellman::~DiffieHellman() { | |
68 | bool | |
69 | DiffieHellman::is_valid() const { | |
70 | #ifdef USE_OPENSSL | |
71 | + if (m_dh == NULL) | |
72 | + return false; | |
73 | + | |
74 | +#ifdef USE_OPENSSL_1_1 | |
75 | + const BIGNUM *pub_key; | |
76 | + | |
77 | + DH_get0_key(m_dh, &pub_key, NULL); | |
78 | + | |
79 | + return pub_key != NULL; | |
80 | +#else | |
81 | return m_dh != NULL && m_dh->pub_key != NULL; | |
82 | +#endif | |
83 | + | |
84 | #else | |
85 | return false; | |
86 | #endif | |
87 | @@ -103,8 +127,16 @@ DiffieHellman::store_pub_key(unsigned char* dest, unsigned int length) { | |
88 | #ifdef USE_OPENSSL | |
89 | std::memset(dest, 0, length); | |
90 | ||
91 | - if ((int)length >= BN_num_bytes(m_dh->pub_key)) | |
92 | - BN_bn2bin(m_dh->pub_key, dest + length - BN_num_bytes(m_dh->pub_key)); | |
93 | + const BIGNUM *pub_key; | |
94 | + | |
95 | +#ifdef USE_OPENSSL_1_1 | |
96 | + DH_get0_key(m_dh, &pub_key, NULL); | |
97 | +#else | |
98 | + pub_key = m_dh->pub_key; | |
99 | +#endif | |
100 | + | |
101 | + if ((int)length >= BN_num_bytes(pub_key)) | |
102 | + BN_bn2bin(pub_key, dest + length - BN_num_bytes(pub_key)); | |
103 | #endif | |
104 | } | |
105 |