diff options
Diffstat (limited to 'libs/libssh2/src/openssl.h')
| -rw-r--r-- | libs/libssh2/src/openssl.h | 187 |
1 files changed, 78 insertions, 109 deletions
diff --git a/libs/libssh2/src/openssl.h b/libs/libssh2/src/openssl.h index efd9a007f6..e44c87498c 100644 --- a/libs/libssh2/src/openssl.h +++ b/libs/libssh2/src/openssl.h @@ -1,5 +1,5 @@ -#ifndef __LIBSSH2_OPENSSL_H -#define __LIBSSH2_OPENSSL_H +#ifndef LIBSSH2_OPENSSL_H +#define LIBSSH2_OPENSSL_H /* Copyright (C) Simon Josefsson * Copyright (C) The Written Word, Inc. * All rights reserved. @@ -78,6 +78,7 @@ #endif /* LIBSSH2_WOLFSSL */ +#include <openssl/opensslconf.h> #include <openssl/sha.h> #include <openssl/rsa.h> #ifndef OPENSSL_NO_ENGINE @@ -96,9 +97,15 @@ #include <openssl/pem.h> #include <openssl/rand.h> +#if OPENSSL_VERSION_NUMBER >= 0x30000000L +#define USE_OPENSSL_3 1 +#include <openssl/core_names.h> +#endif + #if (OPENSSL_VERSION_NUMBER >= 0x10100000L && \ !defined(LIBRESSL_VERSION_NUMBER)) || defined(LIBSSH2_WOLFSSL) || \ - LIBRESSL_VERSION_NUMBER >= 0x3050000fL + (defined(LIBRESSL_VERSION_NUMBER) && \ + LIBRESSL_VERSION_NUMBER >= 0x3050000fL) /* For wolfSSL, whether the structs are truly opaque or not, it's best to not * rely on their internal data members being exposed publicly. */ # define HAVE_OPAQUE_STRUCTS 1 @@ -192,6 +199,8 @@ # define LIBSSH2_3DES 1 #endif +#include "crypto_config.h" + #define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1) #define _libssh2_random(buf, len) \ @@ -207,19 +216,15 @@ /* returns 0 in case of failure */ int _libssh2_sha1_init(libssh2_sha1_ctx *ctx); -#define libssh2_sha1_init(x) _libssh2_sha1_init(x) -#ifdef HAVE_OPAQUE_STRUCTS -#define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len) -#define libssh2_sha1_final(ctx, out) do { \ - EVP_DigestFinal(ctx, out, NULL); \ - EVP_MD_CTX_free(ctx); \ - } while(0) -#else -#define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len) -#define libssh2_sha1_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL) -#endif +int _libssh2_sha1_update(libssh2_sha1_ctx *ctx, + const void *data, size_t len); +int _libssh2_sha1_final(libssh2_sha1_ctx *ctx, unsigned char *out); int _libssh2_sha1(const unsigned char *message, size_t len, unsigned char *out); +#define libssh2_sha1_init(x) _libssh2_sha1_init(x) +#define libssh2_sha1_update(ctx, data, len) \ + _libssh2_sha1_update(&(ctx), data, len) +#define libssh2_sha1_final(ctx, out) _libssh2_sha1_final(&(ctx), out) #define libssh2_sha1(x,y,z) _libssh2_sha1(x,y,z) #ifdef HAVE_OPAQUE_STRUCTS @@ -230,20 +235,15 @@ int _libssh2_sha1(const unsigned char *message, size_t len, /* returns 0 in case of failure */ int _libssh2_sha256_init(libssh2_sha256_ctx *ctx); -#define libssh2_sha256_init(x) _libssh2_sha256_init(x) -#ifdef HAVE_OPAQUE_STRUCTS -#define libssh2_sha256_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len) -#define libssh2_sha256_final(ctx, out) do { \ - EVP_DigestFinal(ctx, out, NULL); \ - EVP_MD_CTX_free(ctx); \ - } while(0) -#else -#define libssh2_sha256_update(ctx, data, len) \ - EVP_DigestUpdate(&(ctx), data, len) -#define libssh2_sha256_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL) -#endif +int _libssh2_sha256_update(libssh2_sha256_ctx *ctx, + const void *data, size_t len); +int _libssh2_sha256_final(libssh2_sha256_ctx *ctx, unsigned char *out); int _libssh2_sha256(const unsigned char *message, size_t len, unsigned char *out); +#define libssh2_sha256_init(x) _libssh2_sha256_init(x) +#define libssh2_sha256_update(ctx, data, len) \ + _libssh2_sha256_update(&(ctx), data, len) +#define libssh2_sha256_final(ctx, out) _libssh2_sha256_final(&(ctx), out) #define libssh2_sha256(x,y,z) _libssh2_sha256(x,y,z) #ifdef HAVE_OPAQUE_STRUCTS @@ -254,20 +254,15 @@ int _libssh2_sha256(const unsigned char *message, size_t len, /* returns 0 in case of failure */ int _libssh2_sha384_init(libssh2_sha384_ctx *ctx); -#define libssh2_sha384_init(x) _libssh2_sha384_init(x) -#ifdef HAVE_OPAQUE_STRUCTS -#define libssh2_sha384_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len) -#define libssh2_sha384_final(ctx, out) do { \ - EVP_DigestFinal(ctx, out, NULL); \ - EVP_MD_CTX_free(ctx); \ - } while(0) -#else -#define libssh2_sha384_update(ctx, data, len) \ - EVP_DigestUpdate(&(ctx), data, len) -#define libssh2_sha384_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL) -#endif +int _libssh2_sha384_update(libssh2_sha384_ctx *ctx, + const void *data, size_t len); +int _libssh2_sha384_final(libssh2_sha384_ctx *ctx, unsigned char *out); int _libssh2_sha384(const unsigned char *message, size_t len, unsigned char *out); +#define libssh2_sha384_init(x) _libssh2_sha384_init(x) +#define libssh2_sha384_update(ctx, data, len) \ + _libssh2_sha384_update(&(ctx), data, len) +#define libssh2_sha384_final(ctx, out) _libssh2_sha384_final(&(ctx), out) #define libssh2_sha384(x,y,z) _libssh2_sha384(x,y,z) #ifdef HAVE_OPAQUE_STRUCTS @@ -278,22 +273,18 @@ int _libssh2_sha384(const unsigned char *message, size_t len, /* returns 0 in case of failure */ int _libssh2_sha512_init(libssh2_sha512_ctx *ctx); -#define libssh2_sha512_init(x) _libssh2_sha512_init(x) -#ifdef HAVE_OPAQUE_STRUCTS -#define libssh2_sha512_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len) -#define libssh2_sha512_final(ctx, out) do { \ - EVP_DigestFinal(ctx, out, NULL); \ - EVP_MD_CTX_free(ctx); \ - } while(0) -#else -#define libssh2_sha512_update(ctx, data, len) \ - EVP_DigestUpdate(&(ctx), data, len) -#define libssh2_sha512_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL) -#endif +int _libssh2_sha512_update(libssh2_sha512_ctx *ctx, + const void *data, size_t len); +int _libssh2_sha512_final(libssh2_sha512_ctx *ctx, unsigned char *out); int _libssh2_sha512(const unsigned char *message, size_t len, unsigned char *out); +#define libssh2_sha512_init(x) _libssh2_sha512_init(x) +#define libssh2_sha512_update(ctx, data, len) \ + _libssh2_sha512_update(&(ctx), data, len) +#define libssh2_sha512_final(ctx, out) _libssh2_sha512_final(&(ctx), out) #define libssh2_sha512(x,y,z) _libssh2_sha512(x,y,z) +#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM #ifdef HAVE_OPAQUE_STRUCTS #define libssh2_md5_ctx EVP_MD_CTX * #else @@ -302,62 +293,22 @@ int _libssh2_sha512(const unsigned char *message, size_t len, /* returns 0 in case of failure */ int _libssh2_md5_init(libssh2_md5_ctx *ctx); +int _libssh2_md5_update(libssh2_md5_ctx *ctx, + const void *data, size_t len); +int _libssh2_md5_final(libssh2_md5_ctx *ctx, unsigned char *out); #define libssh2_md5_init(x) _libssh2_md5_init(x) -#ifdef HAVE_OPAQUE_STRUCTS -#define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len) -#define libssh2_md5_final(ctx, out) do { \ - EVP_DigestFinal(ctx, out, NULL); \ - EVP_MD_CTX_free(ctx); \ - } while(0) -#else -#define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len) -#define libssh2_md5_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL) -#endif - -#ifdef HAVE_OPAQUE_STRUCTS +#define libssh2_md5_update(ctx, data, len) \ + _libssh2_md5_update(&(ctx), data, len) +#define libssh2_md5_final(ctx, out) _libssh2_md5_final(&(ctx), out) +#endif /* LIBSSH2_MD5 || LIBSSH2_MD5_PEM */ + +#ifdef USE_OPENSSL_3 +#define libssh2_hmac_ctx EVP_MAC_CTX * +#elif defined(HAVE_OPAQUE_STRUCTS) #define libssh2_hmac_ctx HMAC_CTX * -#define libssh2_hmac_ctx_init(ctx) ctx = HMAC_CTX_new() -#define libssh2_hmac_sha1_init(ctx, key, keylen) \ - HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_sha1(), NULL) -#define libssh2_hmac_md5_init(ctx, key, keylen) \ - HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_md5(), NULL) -#define libssh2_hmac_ripemd160_init(ctx, key, keylen) \ - HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_ripemd160(), NULL) -#define libssh2_hmac_sha256_init(ctx, key, keylen) \ - HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_sha256(), NULL) -#define libssh2_hmac_sha512_init(ctx, key, keylen) \ - HMAC_Init_ex(*(ctx), key, (int)keylen, EVP_sha512(), NULL) - -#ifdef LIBSSH2_WOLFSSL -/* FIXME: upstream bug as of v5.6.0: datalen is int instead of size_t */ -#define libssh2_hmac_update(ctx, data, datalen) \ - HMAC_Update(ctx, data, (int)datalen) -#else -#define libssh2_hmac_update(ctx, data, datalen) \ - HMAC_Update(ctx, data, datalen) -#endif /* LIBSSH2_WOLFSSL */ -#define libssh2_hmac_final(ctx, data) HMAC_Final(ctx, data, NULL) -#define libssh2_hmac_cleanup(ctx) HMAC_CTX_free(*(ctx)) -#else +#else /* !HAVE_OPAQUE_STRUCTS */ #define libssh2_hmac_ctx HMAC_CTX -#define libssh2_hmac_ctx_init(ctx) \ - HMAC_CTX_init(&ctx) -#define libssh2_hmac_sha1_init(ctx, key, keylen) \ - HMAC_Init_ex(ctx, key, (int)keylen, EVP_sha1(), NULL) -#define libssh2_hmac_md5_init(ctx, key, keylen) \ - HMAC_Init_ex(ctx, key, (int)keylen, EVP_md5(), NULL) -#define libssh2_hmac_ripemd160_init(ctx, key, keylen) \ - HMAC_Init_ex(ctx, key, (int)keylen, EVP_ripemd160(), NULL) -#define libssh2_hmac_sha256_init(ctx, key, keylen) \ - HMAC_Init_ex(ctx, key, (int)keylen, EVP_sha256(), NULL) -#define libssh2_hmac_sha512_init(ctx, key, keylen) \ - HMAC_Init_ex(ctx, key, (int)keylen, EVP_sha512(), NULL) - -#define libssh2_hmac_update(ctx, data, datalen) \ - HMAC_Update(&(ctx), data, datalen) -#define libssh2_hmac_final(ctx, data) HMAC_Final(&(ctx), data, NULL) -#define libssh2_hmac_cleanup(ctx) HMAC_cleanup(ctx) -#endif +#endif /* USE_OPENSSL_3 */ extern void _libssh2_openssl_crypto_init(void); extern void _libssh2_openssl_crypto_exit(void); @@ -365,21 +316,40 @@ extern void _libssh2_openssl_crypto_exit(void); #define libssh2_crypto_exit() _libssh2_openssl_crypto_exit() #if LIBSSH2_RSA -#define libssh2_rsa_ctx RSA +#ifdef USE_OPENSSL_3 +#define libssh2_rsa_ctx EVP_PKEY +#define _libssh2_rsa_free(rsactx) EVP_PKEY_free(rsactx) +#else +#define libssh2_rsa_ctx RSA #define _libssh2_rsa_free(rsactx) RSA_free(rsactx) #endif +#endif /* LIBSSH2_RSA */ + #if LIBSSH2_DSA -#define libssh2_dsa_ctx DSA +#ifdef USE_OPENSSL_3 +#define libssh2_dsa_ctx EVP_PKEY +#define _libssh2_dsa_free(rsactx) EVP_PKEY_free(rsactx) +#else +#define libssh2_dsa_ctx DSA #define _libssh2_dsa_free(dsactx) DSA_free(dsactx) #endif +#endif /* LIBSSH2_DSA */ + #if LIBSSH2_ECDSA + +#ifdef USE_OPENSSL_3 +#define libssh2_ecdsa_ctx EVP_PKEY +#define _libssh2_ecdsa_free(ecdsactx) EVP_PKEY_free(ecdsactx) +#define _libssh2_ec_key EVP_PKEY +#else #define libssh2_ecdsa_ctx EC_KEY #define _libssh2_ecdsa_free(ecdsactx) EC_KEY_free(ecdsactx) #define _libssh2_ec_key EC_KEY +#endif typedef enum { LIBSSH2_EC_CURVE_NISTP256 = NID_X9_62_prime256v1, @@ -387,15 +357,14 @@ typedef enum { LIBSSH2_EC_CURVE_NISTP521 = NID_secp521r1 } libssh2_curve_type; -#else +#else /* !LIBSSH2_ECDSA */ #define _libssh2_ec_key void #endif /* LIBSSH2_ECDSA */ #if LIBSSH2_ED25519 #define libssh2_ed25519_ctx EVP_PKEY - #define _libssh2_ed25519_free(ctx) EVP_PKEY_free(ctx) -#endif /* ED25519 */ +#endif /* LIBSSH2_ED25519 */ #define _libssh2_cipher_type(name) const EVP_CIPHER *(*name)(void) #ifdef HAVE_OPAQUE_STRUCTS @@ -468,4 +437,4 @@ const EVP_CIPHER *_libssh2_EVP_aes_128_ctr(void); const EVP_CIPHER *_libssh2_EVP_aes_192_ctr(void); const EVP_CIPHER *_libssh2_EVP_aes_256_ctr(void); -#endif /* __LIBSSH2_OPENSSL_H */ +#endif /* LIBSSH2_OPENSSL_H */ |