]>
Commit | Line | Data |
---|---|---|
1 | Description: Changes for OpenSSL 1.1.0. | |
2 | Forwarded: no | |
3 | From: Di-Shi Sun <di-shi@transnexus.com> | |
4 | Last-Update: 2017-02-21 | |
5 | ||
6 | --- a/src/ospcryptowrap.c | |
7 | +++ b/src/ospcryptowrap.c | |
8 | @@ -45,7 +45,12 @@ | |
9 | unsigned char digestedData[OSPC_CRYPTO_DIGEST_BUFFER_MAXLENGTH]; | |
10 | unsigned int digestedDataLength = 0; | |
11 | ||
12 | - EVP_MD_CTX ctx; | |
13 | +#if (OPENSSL_VERSION_NUMBER >= 0x010100000) | |
14 | + EVP_MD_CTX *ctx; | |
15 | +#else | |
16 | + EVP_MD_CTX ctxbuf; | |
17 | + EVP_MD_CTX *ctx = &ctxbuf; | |
18 | +#endif | |
19 | EVP_MD *type = OSPC_OSNULL; | |
20 | ||
21 | OSPM_ARGUSED(ospvFlags); | |
22 | @@ -60,9 +65,15 @@ | |
23 | ||
24 | if (type) { | |
25 | /* Calcualte digest */ | |
26 | - EVP_DigestInit(&ctx, type); | |
27 | - EVP_DigestUpdate(&ctx, ospvData, ospvDataLength); | |
28 | - EVP_DigestFinal(&ctx, digestedData, &digestedDataLength); | |
29 | +#if (OPENSSL_VERSION_NUMBER >= 0x010100000) | |
30 | + ctx = EVP_MD_CTX_new(); | |
31 | +#endif | |
32 | + EVP_DigestInit(ctx, type); | |
33 | + EVP_DigestUpdate(ctx, ospvData, ospvDataLength); | |
34 | + EVP_DigestFinal(ctx, digestedData, &digestedDataLength); | |
35 | +#if (OPENSSL_VERSION_NUMBER >= 0x010100000) | |
36 | + EVP_MD_CTX_free(ctx); | |
37 | +#endif | |
38 | errorcode = OSPC_ERR_NO_ERROR; | |
39 | } else { | |
40 | OSPM_DBGERRORLOG(errorcode, "Error setting digest type"); | |
41 | @@ -127,10 +138,7 @@ | |
42 | unsigned char decryptedData[OSPC_CRYPTO_ENCRYPT_BUFFER_MAXLENGTH]; | |
43 | unsigned int decryptedDataLength = 0; | |
44 | ||
45 | - X509_PUBKEY *pX509PubKey = OSPC_OSNULL; | |
46 | RSA *pRSAPubKey = OSPC_OSNULL; | |
47 | - unsigned char *pData = OSPC_OSNULL; | |
48 | - unsigned int len = 0; | |
49 | ||
50 | OSPM_ARGUSED(ospvFlags); | |
51 | OSPM_ARGUSED(ospvBERAlgorithm); | |
52 | @@ -139,34 +147,21 @@ | |
53 | OSPTNLOGDUMP(ospvEncryptedData, ospvEncryptedDataLength, "DECRYPT: ospvEncryptedData"); | |
54 | OSPTNLOGDUMP(ospvBERReaderKey, ospvBERReaderKeyLength, "DECRYPT: ospvBERReaderKey"); | |
55 | ||
56 | - pX509PubKey = d2i_X509_PUBKEY(NULL, (const unsigned char **)(&ospvBERReaderKey), ospvBERReaderKeyLength); | |
57 | - | |
58 | - if (pX509PubKey) { | |
59 | - pData = pX509PubKey->public_key->data; | |
60 | - len = pX509PubKey->public_key->length; | |
61 | - pRSAPubKey = d2i_RSAPublicKey(NULL, (const unsigned char **)&pData, len); | |
62 | - | |
63 | - if (pRSAPubKey) { | |
64 | - decryptedDataLength = RSA_public_decrypt(ospvEncryptedDataLength, ospvEncryptedData, decryptedData, pRSAPubKey, RSA_PKCS1_PADDING); | |
65 | - if (decryptedDataLength != -1) { | |
66 | - errorcode = OSPC_ERR_NO_ERROR; | |
67 | - } else { | |
68 | - OSPM_DBGERRORLOG(errorcode, "Failed to decrypt message"); | |
69 | - } | |
70 | - | |
71 | - /* Free up mem */ | |
72 | - RSA_free(pRSAPubKey); | |
73 | + pRSAPubKey = d2i_RSA_PUBKEY(NULL, (const unsigned char **)(&ospvBERReaderKey), ospvBERReaderKeyLength); | |
74 | + if (pRSAPubKey) { | |
75 | + decryptedDataLength = RSA_public_decrypt(ospvEncryptedDataLength, ospvEncryptedData, decryptedData, pRSAPubKey, RSA_PKCS1_PADDING); | |
76 | + if (decryptedDataLength != -1) { | |
77 | + errorcode = OSPC_ERR_NO_ERROR; | |
78 | } else { | |
79 | - OSPM_DBGERRORLOG(errorcode, "Failed to init RSA key"); | |
80 | + OSPM_DBGERRORLOG(errorcode, "Failed to decrypt message"); | |
81 | } | |
82 | ||
83 | /* Free up mem */ | |
84 | - X509_PUBKEY_free(pX509PubKey); | |
85 | + RSA_free(pRSAPubKey); | |
86 | } else { | |
87 | - OSPM_DBGERRORLOG(errorcode, "Failed to init X509_PUBKEY"); | |
88 | + OSPM_DBGERRORLOG(errorcode, "Failed to init RSA key"); | |
89 | } | |
90 | ||
91 | - | |
92 | /* Copy results to OUT params */ | |
93 | if (errorcode == OSPC_ERR_NO_ERROR) { | |
94 | if (ospvDecryptedData == OSPC_OSNULL) { | |
95 | @@ -202,10 +197,7 @@ | |
96 | int errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR; | |
97 | unsigned char digestedData[OSPC_CRYPTO_DIGEST_BUFFER_MAXLENGTH]; | |
98 | unsigned int digestedDataLength = OSPC_CRYPTO_DIGEST_BUFFER_MAXLENGTH; | |
99 | - X509_PUBKEY *pX509PubKey = OSPC_OSNULL; | |
100 | RSA *pRSAPubKey = OSPC_OSNULL; | |
101 | - unsigned char *pData = OSPC_OSNULL; | |
102 | - unsigned int len = 0; | |
103 | int type = NID_md5; | |
104 | ||
105 | OSPM_ARGUSED(ospvFlags); | |
106 | @@ -214,34 +206,22 @@ | |
107 | OSPTNLOGDUMP(ospvSignature, ospvSignatureLength, "VERIFY: ospvSignature"); | |
108 | OSPTNLOGDUMP(ospvBERReaderKey, ospvBERReaderKeyLength, "VERIFY: ospvBERReaderKey"); | |
109 | ||
110 | - pX509PubKey = d2i_X509_PUBKEY(NULL, (const unsigned char **)(&ospvBERReaderKey), ospvBERReaderKeyLength); | |
111 | - | |
112 | - if (pX509PubKey) { | |
113 | - pData = pX509PubKey->public_key->data; | |
114 | - len = pX509PubKey->public_key->length; | |
115 | - pRSAPubKey = d2i_RSAPublicKey(NULL, (const unsigned char **)&pData, len); | |
116 | - | |
117 | - if (pRSAPubKey) { | |
118 | - if (OSPC_ERR_NO_ERROR == OSPPCryptoWrapDigest(digestedData, &digestedDataLength, OSPC_OSNULL, 0, ospvData, ospvDataLength, 0)) { | |
119 | - if (1 == RSA_verify(type, digestedData, digestedDataLength, ospvSignature, ospvSignatureLength, pRSAPubKey)) { | |
120 | - errorcode = OSPC_ERR_NO_ERROR; | |
121 | - } else { | |
122 | - OSPM_DBGERRORLOG(errorcode, "Open-SSL error occurred in Verify"); | |
123 | - } | |
124 | + pRSAPubKey = d2i_RSA_PUBKEY(NULL, (const unsigned char **)(&ospvBERReaderKey), ospvBERReaderKeyLength); | |
125 | + if (pRSAPubKey) { | |
126 | + if (OSPC_ERR_NO_ERROR == OSPPCryptoWrapDigest(digestedData, &digestedDataLength, OSPC_OSNULL, 0, ospvData, ospvDataLength, 0)) { | |
127 | + if (1 == RSA_verify(type, digestedData, digestedDataLength, ospvSignature, ospvSignatureLength, pRSAPubKey)) { | |
128 | + errorcode = OSPC_ERR_NO_ERROR; | |
129 | } else { | |
130 | - OSPM_DBGERRORLOG(errorcode, "Failed to calculate digest"); | |
131 | + OSPM_DBGERRORLOG(errorcode, "Open-SSL error occurred in Verify"); | |
132 | } | |
133 | - | |
134 | - /* Free up mem */ | |
135 | - RSA_free(pRSAPubKey); | |
136 | } else { | |
137 | - OSPM_DBGERRORLOG(errorcode, "Failed to init RSA key"); | |
138 | + OSPM_DBGERRORLOG(errorcode, "Failed to calculate digest"); | |
139 | } | |
140 | ||
141 | /* Free up mem */ | |
142 | - X509_PUBKEY_free(pX509PubKey); | |
143 | + RSA_free(pRSAPubKey); | |
144 | } else { | |
145 | - OSPM_DBGERRORLOG(errorcode, "Failed to init X509_PUBKEY"); | |
146 | + OSPM_DBGERRORLOG(errorcode, "Failed to init RSA key"); | |
147 | } | |
148 | ||
149 | return errorcode; | |
150 | Description: Changes for OpenSSL 1.1.0. | |
151 | Forwarded: no | |
152 | From: Di-Shi Sun <di-shi@transnexus.com> | |
153 | Last-Update: 2017-02-21 | |
154 | ||
155 | --- a/src/ospopenssl.c | |
156 | +++ b/src/ospopenssl.c | |
157 | @@ -84,7 +84,11 @@ | |
158 | * function. It will be done only once now, rather than with every ProviderNew | |
159 | */ | |
160 | ctx = (SSL_CTX **)&(security->ContextRef); | |
161 | +#if (OPENSSL_VERSION_NUMBER >= 0x010100000) | |
162 | + version = TLS_client_method(); | |
163 | +#else | |
164 | version = TLSv1_client_method(); | |
165 | +#endif | |
166 | *ctx = SSL_CTX_new(version); | |
167 | ||
168 | if (*ctx != OSPC_OSNULL) { | |
169 | @@ -508,21 +512,21 @@ | |
170 | ok = 0; | |
171 | } | |
172 | } | |
173 | - switch (ctx->error) { | |
174 | + switch (err) { | |
175 | case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: | |
176 | - X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256); | |
177 | + X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256); | |
178 | BIO_printf(bio_stdout, "issuer= %s\n", buf); | |
179 | break; | |
180 | case X509_V_ERR_CERT_NOT_YET_VALID: | |
181 | case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: | |
182 | BIO_printf(bio_stdout, "notBefore="); | |
183 | - ASN1_TIME_print(bio_stdout, X509_get_notBefore(ctx->current_cert)); | |
184 | + ASN1_TIME_print(bio_stdout, X509_get_notBefore(err_cert)); | |
185 | BIO_printf(bio_stdout, "\n"); | |
186 | break; | |
187 | case X509_V_ERR_CERT_HAS_EXPIRED: | |
188 | case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: | |
189 | BIO_printf(bio_stdout, "notAfter="); | |
190 | - ASN1_TIME_print(bio_stdout, X509_get_notAfter(ctx->current_cert)); | |
191 | + ASN1_TIME_print(bio_stdout, X509_get_notAfter(err_cert)); | |
192 | BIO_printf(bio_stdout, "\n"); | |
193 | break; | |
194 | } | |
195 | Description: Changes for gcc and ABI issues. | |
196 | Forwarded: no | |
197 | From: Di-Shi Sun <di-shi@transnexus.com> | |
198 | Last-Update: 2017-02-13 | |
199 | ||
200 | --- a/src/osptransapi.c | |
201 | +++ b/src/osptransapi.c | |
202 | @@ -983,7 +983,7 @@ | |
203 | /* sample mean - have to cast Samples to a float to get some precision on the mean */ | |
204 | mean = ((metrics.mean * currnumber) + (ospvMean * ospvSamples)) / (float)metrics.samples; | |
205 | ||
206 | - OSPM_ISNAN(metrics.mean, tnisnan); | |
207 | + OSPM_ISNAN(((float)metrics.mean), tnisnan); | |
208 | ||
209 | if (tnisnan) { | |
210 | errcode = OSPC_ERR_TRAN_INVALID_CALC; | |
211 | @@ -5297,7 +5297,7 @@ | |
212 | return errcode; | |
213 | } | |
214 | ||
215 | -int OSPPTransactionSetSrcServiceProvider( | |
216 | +int OSPPTransactionSetServiceProvider( | |
217 | OSPTTRANHANDLE ospvTransaction, /* In - Transaction handle */ | |
218 | const char *ospvServiceProvider) /* In - Service provider */ | |
219 | { | |
220 | Description: Change for ABI issue. | |
221 | Forwarded: no | |
222 | From: Di-Shi Sun <di-shi@transnexus.com> | |
223 | Last-Update: 2017-02-28 | |
224 | ||
225 | --- a/include/osp/osptransapi.h | |
226 | +++ b/include/osp/osptransapi.h | |
227 | @@ -136,7 +136,8 @@ | |
228 | int OSPPTransactionSetTransferId(OSPTTRANHANDLE, const char*); | |
229 | int OSPPTransactionSetTransferStatus(OSPTTRANHANDLE, OSPE_TRANSFER_STATUS); | |
230 | int OSPPTransactionSetNetworkTranslatedCalledNumber(OSPTTRANHANDLE, OSPE_NUMBER_FORMAT, const char *); | |
231 | - int OSPPTransactionSetSrcServiceProvider(OSPTTRANHANDLE, const char *); | |
232 | + int OSPPTransactionSetServiceProvider(OSPTTRANHANDLE, const char *); | |
233 | +#define OSPPTransactionSetSrcServiceProvider(transaction, provider) OSPPTransactionSetServiceProvider(transaction, provider); | |
234 | int OSPPTransactionSetDestServiceProvider(OSPTTRANHANDLE, const char *); | |
235 | int OSPPTransactionSetSystemId(OSPTTRANHANDLE, const char *); | |
236 | int OSPPTransactionSetRelatedReason(OSPTTRANHANDLE, const char *); |