From 3ec716dc906a43d155ab6222856c5a606f491bc8 Mon Sep 17 00:00:00 2001
From: George Hazan <ghazan@miranda.im>
Date: Thu, 8 Oct 2020 22:56:11 +0300
Subject: OpenSSL upgraded to 1.1.1

---
 protocols/JabberG/jabber.vcxproj       |  2 +-
 protocols/JabberG/src/jabber_omemo.cpp | 58 ++++++++++++++--------------------
 protocols/JabberG/src/jabber_secur.cpp | 37 +++++++++++-----------
 protocols/JabberG/src/stdafx.h         |  1 -
 4 files changed, 44 insertions(+), 54 deletions(-)

(limited to 'protocols/JabberG')

diff --git a/protocols/JabberG/jabber.vcxproj b/protocols/JabberG/jabber.vcxproj
index 81294626ef..d129d6928a 100755
--- a/protocols/JabberG/jabber.vcxproj
+++ b/protocols/JabberG/jabber.vcxproj
@@ -111,7 +111,7 @@
   </ItemGroup>
   <ItemDefinitionGroup>
     <Link>
-      <AdditionalDependencies>libeay32.lib;ssleay32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>libcrypto.lib;libssl.lib;%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
   </ItemDefinitionGroup>
   <ItemGroup>
diff --git a/protocols/JabberG/src/jabber_omemo.cpp b/protocols/JabberG/src/jabber_omemo.cpp
index 66e0284f72..8a8ce8c27c 100755
--- a/protocols/JabberG/src/jabber_omemo.cpp
+++ b/protocols/JabberG/src/jabber_omemo.cpp
@@ -62,8 +62,7 @@ namespace omemo
 
 	int hmac_sha256_init_func(void **hmac_context, const uint8_t *key, size_t key_len, void * /*user_data*/)
 	{
-		HMAC_CTX *ctx = (HMAC_CTX*)mir_alloc(sizeof(HMAC_CTX));
-		HMAC_CTX_init(ctx);
+		HMAC_CTX *ctx = HMAC_CTX_new();
 		HMAC_Init_ex(ctx, key, (int)key_len, EVP_sha256(), NULL);
 		*hmac_context = ctx;
 		return 0;
@@ -90,8 +89,7 @@ namespace omemo
 	void hmac_sha256_cleanup_func(void * hmac_context, void * /*user_data*/)
 	{
 		HMAC_CTX *ctx = (HMAC_CTX*)hmac_context;
-		HMAC_CTX_cleanup(ctx);
-		mir_free(ctx);
+		HMAC_CTX_free(ctx);
 	}
 
 	int sha512_digest_init_func(void **digest_context, void * /*user_data*/)
@@ -225,20 +223,21 @@ complete:
 			return SG_ERR_UNKNOWN;
 		}
 
-		EVP_CIPHER_CTX ctx;
-		EVP_CIPHER_CTX_init(&ctx);
+		EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+		if (!ctx) {
+			result = SG_ERR_UNKNOWN;
+			goto complete;
+		}
 
-		result = EVP_EncryptInit_ex(&ctx, evp_cipher, nullptr, key, iv);
+		result = EVP_EncryptInit_ex(ctx, evp_cipher, nullptr, key, iv);
 		if (!result) {
-			//fprintf(stderr, "cannot initialize cipher\n");
 			result = SG_ERR_UNKNOWN;
 			goto complete;
 		}
 
 		if (cipher == SG_CIPHER_AES_CTR_NOPADDING) {
-			result = EVP_CIPHER_CTX_set_padding(&ctx, 0);
+			result = EVP_CIPHER_CTX_set_padding(ctx, 0);
 			if (!result) {
-				//fprintf(stderr, "cannot set padding\n");
 				result = SG_ERR_UNKNOWN;
 				goto complete;
 			}
@@ -246,24 +245,20 @@ complete:
 
 		out_buf = (uint8_t*)mir_alloc(sizeof(uint8_t) * (plaintext_len + EVP_CIPHER_block_size(evp_cipher)));
 		if (!out_buf) {
-			//fprintf(stderr, "cannot allocate output buffer\n");
 			result = SG_ERR_NOMEM;
 			goto complete;
 		}
 
 		int out_len = 0;
-		result = EVP_EncryptUpdate(&ctx,
-			out_buf, &out_len, plaintext, (int)plaintext_len);
+		result = EVP_EncryptUpdate(ctx, out_buf, &out_len, plaintext, (int)plaintext_len);
 		if (!result) {
-			//fprintf(stderr, "cannot encrypt plaintext\n");
 			result = SG_ERR_UNKNOWN;
 			goto complete;
 		}
 
 		int final_len = 0;
-		result = EVP_EncryptFinal_ex(&ctx, out_buf + out_len, &final_len);
+		result = EVP_EncryptFinal_ex(ctx, out_buf + out_len, &final_len);
 		if (!result) {
-			//fprintf(stderr, "cannot finish encrypting plaintext\n");
 			result = SG_ERR_UNKNOWN;
 			goto complete;
 		}
@@ -271,10 +266,8 @@ complete:
 		*output = signal_buffer_create(out_buf, out_len + final_len);
 
 complete:
-		EVP_CIPHER_CTX_cleanup(&ctx);
-		if (out_buf) {
-			mir_free(out_buf);
-		}
+		EVP_CIPHER_CTX_free(ctx);
+		mir_free(out_buf);
 		return result;
 	}
 
@@ -305,20 +298,21 @@ complete:
 			return SG_ERR_UNKNOWN;
 		}
 
-		EVP_CIPHER_CTX ctx;
-		EVP_CIPHER_CTX_init(&ctx);
-
-		result = EVP_DecryptInit_ex(&ctx, evp_cipher, nullptr, key, iv);
+		EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+		if (!ctx) {
+			result = SG_ERR_UNKNOWN;
+			goto complete;
+		}
+	
+		result = EVP_DecryptInit_ex(ctx, evp_cipher, nullptr, key, iv);
 		if (!result) {
-			///fprintf(stderr, "cannot initialize cipher\n");
 			result = SG_ERR_UNKNOWN;
 			goto complete;
 		}
 
 		if (cipher == SG_CIPHER_AES_CTR_NOPADDING) {
-			result = EVP_CIPHER_CTX_set_padding(&ctx, 0);
+			result = EVP_CIPHER_CTX_set_padding(ctx, 0);
 			if (!result) {
-				//fprintf(stderr, "cannot set padding\n");
 				result = SG_ERR_UNKNOWN;
 				goto complete;
 			}
@@ -326,24 +320,20 @@ complete:
 
 		out_buf = (uint8_t*)mir_alloc(sizeof(uint8_t) * (ciphertext_len + EVP_CIPHER_block_size(evp_cipher)));
 		if (!out_buf) {
-			//fprintf(stderr, "cannot allocate output buffer\n");
 			result = SG_ERR_UNKNOWN;
 			goto complete;
 		}
 
 		int out_len = 0;
-		result = EVP_DecryptUpdate(&ctx,
-			out_buf, &out_len, ciphertext, (int)ciphertext_len);
+		result = EVP_DecryptUpdate(ctx, out_buf, &out_len, ciphertext, (int)ciphertext_len);
 		if (!result) {
-			//fprintf(stderr, "cannot decrypt ciphertext\n");
 			result = SG_ERR_UNKNOWN;
 			goto complete;
 		}
 
 		int final_len = 0;
-		result = EVP_DecryptFinal_ex(&ctx, out_buf + out_len, &final_len);
+		result = EVP_DecryptFinal_ex(ctx, out_buf + out_len, &final_len);
 		if (!result) {
-			//fprintf(stderr, "cannot finish decrypting ciphertext\n");
 			result = SG_ERR_UNKNOWN;
 			goto complete;
 		}
@@ -351,7 +341,7 @@ complete:
 		*output = signal_buffer_create(out_buf, out_len + final_len);
 
 complete:
-		EVP_CIPHER_CTX_cleanup(&ctx);
+		EVP_CIPHER_CTX_free(ctx);
 		if (out_buf) {
 			mir_free(out_buf);
 		}
diff --git a/protocols/JabberG/src/jabber_secur.cpp b/protocols/JabberG/src/jabber_secur.cpp
index fc397cdbc7..ba3a75c3d0 100644
--- a/protocols/JabberG/src/jabber_secur.cpp
+++ b/protocols/JabberG/src/jabber_secur.cpp
@@ -241,9 +241,9 @@ void TScramAuth::Hi(BYTE *res, char *passw, size_t passwLen, char *salt, size_t
 	for (int i = 0; i < ind; i++) {
 		unsigned int len;
 		HMAC(hashMethod, (BYTE*)passw, (unsigned)passwLen, u, (unsigned)bufLen, u, &len);
-		bufLen = hashMethod->md_size;
+		bufLen = EVP_MD_size(hashMethod);
 
-		for (int j = 0; j < hashMethod->md_size; j++)
+		for (size_t j = 0; j < bufLen; j++)
 			res[j] ^= u[j];
 	}
 }
@@ -290,40 +290,41 @@ char* TScramAuth::getChallenge(const char *challenge)
 	if (snonce == nullptr || salt == nullptr || ind == -1)
 		return nullptr;
 
+	int hashSize = EVP_MD_size(hashMethod);
+
 	BYTE saltedPassw[EVP_MAX_MD_SIZE];
 	Hi(saltedPassw, info->conn.password, mir_strlen(info->conn.password), salt, saltLen, ind);
 
 	BYTE clientKey[EVP_MAX_MD_SIZE];
 	unsigned int len;
-	HMAC(hashMethod, saltedPassw, hashMethod->md_size, (BYTE*)"Client Key", 10, clientKey, &len);
+	HMAC(hashMethod, saltedPassw, hashSize, (BYTE*)"Client Key", 10, clientKey, &len);
 
 	BYTE storedKey[EVP_MAX_MD_SIZE];
-
-	EVP_MD_CTX pctx = {};
-	pctx.digest = hashMethod;
-	pctx.md_data = _alloca(hashMethod->ctx_size);
-	hashMethod->init(&pctx);
-	hashMethod->update(&pctx, clientKey, hashMethod->md_size);
-	hashMethod->final(&pctx, storedKey);
-
-	CMStringA authmsg(FORMAT, "%s,%s,c=%s,r=%s", msg1, chl.get(), cbd.get(), snonce.get());
+	{
+		EVP_MD_CTX *pctx = EVP_MD_CTX_new();
+		EVP_DigestInit(pctx, hashMethod);
+		EVP_DigestUpdate(pctx, clientKey, hashSize);
+		EVP_DigestFinal(pctx, storedKey, &len);
+		EVP_MD_CTX_free(pctx);
+	}
 
 	BYTE clientSig[EVP_MAX_MD_SIZE];
-	HMAC(hashMethod, storedKey, hashMethod->md_size, (BYTE*)authmsg.c_str(), authmsg.GetLength(), clientSig, &len);
+	CMStringA authmsg(FORMAT, "%s,%s,c=%s,r=%s", msg1, chl.get(), cbd.get(), snonce.get());
+	HMAC(hashMethod, storedKey, hashSize, (BYTE*)authmsg.c_str(), authmsg.GetLength(), clientSig, &len);
 
 	BYTE clientProof[EVP_MAX_MD_SIZE];
-	for (int j = 0; j < hashMethod->md_size; j++)
+	for (int j = 0; j < hashSize; j++)
 		clientProof[j] = clientKey[j] ^ clientSig[j];
 
 	/* Calculate the server signature */
 	BYTE serverKey[EVP_MAX_MD_SIZE];
-	HMAC(hashMethod, saltedPassw, hashMethod->md_size, (BYTE*)"Server Key", 10, serverKey, &len);
+	HMAC(hashMethod, saltedPassw, hashSize, (BYTE*)"Server Key", 10, serverKey, &len);
 
 	BYTE srvSig[EVP_MAX_MD_SIZE];
-	HMAC(hashMethod, serverKey, hashMethod->md_size, (BYTE*)authmsg.c_str(), authmsg.GetLength(), srvSig, &len);
-	serverSignature = mir_base64_encode(srvSig, hashMethod->md_size);
+	HMAC(hashMethod, serverKey, hashSize, (BYTE*)authmsg.c_str(), authmsg.GetLength(), srvSig, &len);
+	serverSignature = mir_base64_encode(srvSig, hashSize);
 
-	ptrA encproof(mir_base64_encode(clientProof, hashMethod->md_size));
+	ptrA encproof(mir_base64_encode(clientProof, hashSize));
 	CMStringA buf(FORMAT, "c=%s,r=%s,p=%s", cbd.get(), snonce.get(), encproof.get());
 	return mir_base64_encode(buf, buf.GetLength());
 }
diff --git a/protocols/JabberG/src/stdafx.h b/protocols/JabberG/src/stdafx.h
index dc11269456..fa4beaab7f 100755
--- a/protocols/JabberG/src/stdafx.h
+++ b/protocols/JabberG/src/stdafx.h
@@ -103,7 +103,6 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 #include <openssl/hmac.h>
 #include <openssl/rand.h>
 #include <openssl/sha.h>
-#pragma comment(lib, "libeay32.lib")
 
 #include "../../libs/zlib/src/zlib.h"
 
-- 
cgit v1.2.3