Go to the documentation of this file.
34 #ifndef OPENSSL_COMPAT_H_
35 #define OPENSSL_COMPAT_H_
39 #elif defined(_MSC_VER)
45 #include <openssl/rsa.h>
46 #include <openssl/ssl.h>
47 #include <openssl/x509.h>
50 #if OPENSSL_VERSION_NUMBER < 0x10101000L && !defined(ENABLE_CRYPTO_WOLFSSL)
51 #define SSL_CTX_set1_groups SSL_CTX_set1_curves
55 #if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) && !defined(ENABLE_CRYPTO_WOLFSSL)
66 X509_OBJECT_free_contents(obj);
71 #define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT
72 #define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG
73 #define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG
78 #if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(ENABLE_CRYPTO_WOLFSSL)
88 EVP_MD_CTX_cleanup(ctx);
108 static inline EVP_MD_CTX *
111 EVP_MD_CTX *ctx = NULL;
116 #define EVP_CIPHER_CTX_reset EVP_CIPHER_CTX_init
117 #define X509_get0_notBefore X509_get_notBefore
118 #define X509_get0_notAfter X509_get_notAfter
138 HMAC_CTX_cleanup(ctx);
151 HMAC_CTX_cleanup(ctx);
160 static inline HMAC_CTX *
163 HMAC_CTX *ctx = NULL;
177 return ctx ? ctx->default_passwd_callback_userdata : NULL;
186 static inline pem_password_cb *
189 return ctx ? ctx->default_passwd_callback : NULL;
198 static inline EVP_PKEY *
201 return (x && x->cert_info && x->cert_info->key) ?
202 x->cert_info->key->pkey : NULL;
212 *X509_STORE_get0_objects(X509_STORE *store)
214 return store ? store->objs : NULL;
226 return obj ? obj->type : X509_LU_FAIL;
238 return (pkey && pkey->type == EVP_PKEY_RSA) ? pkey->pkey.rsa : NULL;
247 static inline EC_KEY *
250 return (pkey && pkey->type == EVP_PKEY_EC) ? pkey->pkey.ec : NULL;
263 return (pkey && pkey->type == EVP_PKEY_DSA) ? pkey->pkey.dsa : NULL;
291 const BIGNUM **e,
const BIGNUM **d)
295 *n = rsa ? rsa->n : NULL;
299 *e = rsa ? rsa->e : NULL;
303 *d = rsa ? rsa->d : NULL;
319 if ((rsa->n == NULL && n == NULL)
320 || (rsa->e == NULL && e == NULL))
353 const BIGNUM *n = NULL;
355 return n ? BN_num_bits(n) : 0;
368 const BIGNUM **q,
const BIGNUM **g)
372 *p = dsa ? dsa->p : NULL;
376 *q = dsa ? dsa->q : NULL;
380 *g = dsa ? dsa->g : NULL;
393 const BIGNUM *p = NULL;
395 return p ? BN_num_bits(p) : 0;
405 static inline RSA_METHOD *
408 RSA_METHOD *rsa_meth = NULL;
411 rsa_meth->flags = flags;
431 free((
char *)meth->name);
445 int (*pub_enc)(
int flen,
const unsigned char *from,
446 unsigned char *to, RSA *rsa,
451 meth->rsa_pub_enc = pub_enc;
466 int (*pub_dec)(
int flen,
const unsigned char *from,
467 unsigned char *to, RSA *rsa,
472 meth->rsa_pub_dec = pub_dec;
487 int (*priv_enc)(
int flen,
const unsigned char *from,
488 unsigned char *to, RSA *rsa,
493 meth->rsa_priv_enc = priv_enc;
508 int (*priv_dec)(
int flen,
const unsigned char *from,
509 unsigned char *to, RSA *rsa,
514 meth->rsa_priv_dec = priv_dec;
548 int (*sign)(
int type,
const unsigned char *m,
549 unsigned int m_length,
550 unsigned char *sigret,
unsigned int *siglen,
553 meth->rsa_sign = sign;
569 meth->finish = finish;
587 meth->app_data = app_data;
602 return meth ? meth->app_data : NULL;
614 BIGNUM *order = BN_new();
615 EC_GROUP_get_order(group, order, NULL);
616 int bits = BN_num_bits(order);
622 #define OPENSSL_VERSION SSLEAY_VERSION
623 #define OpenSSL_version SSLeay_version
630 long sslopt = SSL_CTX_get_options(ctx);
631 if (!(sslopt & SSL_OP_NO_TLSv1))
635 if (!(sslopt & SSL_OP_NO_TLSv1_1))
637 return TLS1_1_VERSION;
639 if (!(sslopt & SSL_OP_NO_TLSv1_2))
641 return TLS1_2_VERSION;
651 long sslopt = SSL_CTX_get_options(ctx);
652 if (!(sslopt & SSL_OP_NO_TLSv1_2))
654 return TLS1_2_VERSION;
656 if (!(sslopt & SSL_OP_NO_TLSv1_1))
658 return TLS1_1_VERSION;
660 if (!(sslopt & SSL_OP_NO_TLSv1))
671 long sslopt = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
673 if (tls_ver_min > TLS1_VERSION)
675 sslopt |= SSL_OP_NO_TLSv1;
677 #ifdef SSL_OP_NO_TLSv1_1
678 if (tls_ver_min > TLS1_1_VERSION)
680 sslopt |= SSL_OP_NO_TLSv1_1;
683 #ifdef SSL_OP_NO_TLSv1_2
684 if (tls_ver_min > TLS1_2_VERSION)
686 sslopt |= SSL_OP_NO_TLSv1_2;
689 SSL_CTX_set_options(ctx, sslopt);
700 if (tls_ver_max < TLS1_VERSION)
702 sslopt |= SSL_OP_NO_TLSv1;
704 #ifdef SSL_OP_NO_TLSv1_1
705 if (tls_ver_max < TLS1_1_VERSION)
707 sslopt |= SSL_OP_NO_TLSv1_1;
710 #ifdef SSL_OP_NO_TLSv1_2
711 if (tls_ver_max < TLS1_2_VERSION)
713 sslopt |= SSL_OP_NO_TLSv1_2;
716 SSL_CTX_set_options(ctx, sslopt);
723 #if OPENSSL_VERSION_NUMBER < 0x30000000L && !defined(OPENSSL_NO_EC)
738 const EC_GROUP *group = EC_KEY_get0_group(ec);
739 int nid = EC_GROUP_get_curve_name(group);
745 const char *curve = OBJ_nid2sn(nid);
748 curve =
"(error fetching curve name)";
754 *gname_len = strlen(curve);
759 #if OPENSSL_VERSION_NUMBER < 0x30000000L
760 #define EVP_MD_get0_name EVP_MD_name
761 #define EVP_CIPHER_get0_name EVP_CIPHER_name
762 #define EVP_CIPHER_CTX_get_mode EVP_CIPHER_CTX_mode
765 #define SSL_CTX_new_ex(libctx, propq, method) \
766 SSL_CTX_new((method))
774 static inline const EVP_CIPHER *
779 return EVP_get_cipherbyname(algorithm);
782 static inline const EVP_MD *
787 return EVP_get_digestbyname(algorithm);
static void EVP_CIPHER_free(const EVP_CIPHER *cipher)
static RSA * EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
Get the RSA object of a public key.
static HMAC_CTX * HMAC_CTX_new(void)
Allocate a new HMAC context object.
static void HMAC_CTX_free(HMAC_CTX *ctx)
Cleanup and free an existing HMAC context.
static const EVP_MD * EVP_MD_fetch(void *ctx, const char *algorithm, const char *properties)
static int RSA_meth_set_priv_dec(RSA_METHOD *meth, int(*priv_dec)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the private decoding function of an RSA_METHOD object.
static EVP_MD_CTX * EVP_MD_CTX_new(void)
Allocate a new message digest object.
static int DSA_bits(const DSA *dsa)
Number of significant DSA bits.
static int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
Reset a message digest context.
static int RSA_meth_set_finish(RSA_METHOD *meth, int(*finish)(RSA *rsa))
Set the finish function of an RSA_METHOD object.
static void EVP_MD_free(const EVP_MD *md)
static const EVP_CIPHER * EVP_CIPHER_fetch(void *ctx, const char *algorithm, const char *properties)
static DSA * EVP_PKEY_get0_DSA(EVP_PKEY *pkey)
Get the DSA object of a public key.
static int EC_GROUP_order_bits(const EC_GROUP *group)
Gets the number of bits of the order of an EC_GROUP.
static void RSA_set_flags(RSA *rsa, int flags)
Set the RSA flags.
char * string_alloc(const char *str, struct gc_arena *gc)
static RSA_METHOD * RSA_meth_new(const char *name, int flags)
Allocate a new RSA method object.
static void * SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
Fetch the default password callback user data from the SSL context.
static STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *store)
Fetch the X509 object stack from the X509 store.
static int RSA_meth_set_init(RSA_METHOD *meth, int(*init)(RSA *rsa))
Set the init function of an RSA_METHOD object.
static int RSA_meth_set_priv_enc(RSA_METHOD *meth, int(*priv_enc)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the private encoding function of an RSA_METHOD object.
static int SSL_CTX_get_min_proto_version(SSL_CTX *ctx)
Return the min SSL protocol version currently enabled in the context.
static int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, long tls_ver_max)
Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1.
static void RSA_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
Get the RSA parameters.
static EVP_PKEY * X509_get0_pubkey(const X509 *x)
Get the public key from a X509 certificate.
static void DSA_get0_pqg(const DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
Get the DSA parameters.
static void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
Free an existing message digest context.
static int SSL_CTX_get_max_proto_version(SSL_CTX *ctx)
Return the max SSL protocol version currently enabled in the context.
static int X509_OBJECT_get_type(const X509_OBJECT *obj)
Get the type of an X509 object.
static void * RSA_meth_get0_app_data(const RSA_METHOD *meth)
Get the application data of an RSA_METHOD object.
static pem_password_cb * SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
Fetch the default password callback from the SSL context.
static void X509_OBJECT_free(X509_OBJECT *obj)
Destroy a X509 object.
static int RSA_meth_set_pub_enc(RSA_METHOD *meth, int(*pub_enc)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the public encoding function of an RSA_METHOD object.
static int EVP_PKEY_get_group_name(EVP_PKEY *pkey, char *gname, size_t gname_sz, size_t *gname_len)
static int RSA_meth_set_pub_dec(RSA_METHOD *meth, int(*pub_dec)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the public decoding function of an RSA_METHOD object.
static void strncpynt(char *dest, const char *src, size_t maxlen)
static int RSA_set0_key(RSA *rsa, BIGNUM *n, BIGNUM *e, BIGNUM *d)
Set the RSA parameters.
static int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min)
Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1.
static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey)
Get the EC_KEY object of a public key.
#define ALLOC_OBJ_CLEAR(dptr, type)
static int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data)
Set the application data of an RSA_METHOD object.
static void RSA_meth_free(RSA_METHOD *meth)
Free an existing RSA_METHOD object.
static int RSA_bits(const RSA *rsa)
Number of significant RSA bits.
static int HMAC_CTX_reset(HMAC_CTX *ctx)
Reset a HMAC context.
static int RSA_meth_set_sign(RSA_METHOD *meth, int(*sign)(int type, const unsigned char *m, unsigned int m_length, unsigned char *sigret, unsigned int *siglen, const RSA *rsa))
Set the sign function of an RSA_METHOD object.