contrib/ntp/libntp/libssl_compat.c

   1 /*
   2  * libssl_compat.c -- OpenSSL v1.1 compatibility functions
   3  *
   4  * ---------------------------------------------------------------------
   5  * Written by Juergen Perlinger <perlinger@ntp.org> for the NTP project
   6  *
   7  * Based on an idea by Kurt Roeckx <kurt@roeckx.be>
   8  *
   9  * ---------------------------------------------------------------------
  10  * This is a clean room implementation of shim functions that have
  11  * counterparts in the OpenSSL v1.1 API but not in earlier versions. So
  12  * while OpenSSL broke binary compatibility with v1.1, this shim module
  13  * should provide the necessary source code compatibility with older
  14  * versions of OpenSSL.
  15  * ---------------------------------------------------------------------
  16  */
  17 #include "config.h"
  18 #include "ntp_types.h"
  19
  20 /* ----------------------------------------------------------------- */
  21 #ifdef OPENSSL
  22 # include <string.h>
  23 # include <openssl/bn.h>
  24 # include <openssl/evp.h>
  25 #endif
  26 /* ----------------------------------------------------------------- */
  27
  28 /* ----------------------------------------------------------------- */
  29 #if defined(OPENSSL) && OPENSSL_VERSION_NUMBER < 0x10100000L
  30 /* ----------------------------------------------------------------- */
  31
  32 #include "libssl_compat.h"
  33 #include "ntp_assert.h"
  34
  35 /* --------------------------------------------------------------------
  36  * replace a BIGNUM owned by the caller with another one if it's not
  37  * NULL, taking over the ownership of the new value. This clears & frees
  38  * the old value -- the clear might be overkill, but it's better to err
  39  * on the side of paranoia here.
  40  */
  41 static void
  42 replace_bn_nn(
  43         BIGNUM **       ps,
  44         BIGNUM *        n
  45         )
  46 {
  47         if (n) {
  48                 REQUIRE(*ps != n);
  49                 BN_clear_free(*ps);
  50                 *ps = n;
  51         }
  52 }
  53
  54 /* --------------------------------------------------------------------
  55  * allocation and deallocation of prime number callbacks
  56  */
  57 BN_GENCB*
  58 sslshimBN_GENCB_new(void)
  59 {
  60         return calloc(1,sizeof(BN_GENCB));
  61 }
  62
  63 void
  64 sslshimBN_GENCB_free(
  65         BN_GENCB        *cb
  66         )
  67 {
  68         free(cb);
  69 }
  70
  71 /* --------------------------------------------------------------------
  72  * allocation and deallocation of message digests
  73  */
  74 EVP_MD_CTX*
  75 sslshim_EVP_MD_CTX_new(void)
  76 {
  77         return calloc(1, sizeof(EVP_MD_CTX));
  78 }
  79
  80 void
  81 sslshim_EVP_MD_CTX_free(
  82         EVP_MD_CTX *    pctx
  83         )
  84 {
  85         free(pctx);
  86 }
  87
  88 /* --------------------------------------------------------------------
  89  * get EVP keys and key type
  90  */
  91 int
  92 sslshim_EVP_PKEY_id(
  93         const EVP_PKEY *pkey
  94         )
  95 {
  96         return (pkey) ? pkey->type : EVP_PKEY_NONE;
  97 }
  98
  99 int
 100 sslshim_EVP_PKEY_base_id(
 101         const EVP_PKEY *pkey
 102         )
 103 {
 104         return (pkey) ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
 105 }
 106
 107 RSA*
 108 sslshim_EVP_PKEY_get0_RSA(
 109         EVP_PKEY *      pkey
 110         )
 111 {
 112         return (pkey) ? pkey->pkey.rsa : NULL;
 113 }
 114
 115 DSA*
 116 sslshim_EVP_PKEY_get0_DSA(
 117         EVP_PKEY *      pkey
 118         )
 119 {
 120         return (pkey) ? pkey->pkey.dsa : NULL;
 121 }
 122
 123 /* --------------------------------------------------------------------
 124  * set/get RSA params
 125  */
 126 void
 127 sslshim_RSA_get0_key(
 128         const RSA *     prsa,
 129         const BIGNUM ** pn,
 130         const BIGNUM ** pe,
 131         const BIGNUM ** pd
 132         )
 133 {
 134         REQUIRE(prsa != NULL);
 135
 136         if (pn)
 137                 *pn = prsa->n;
 138         if (pe)
 139                 *pe = prsa->e;
 140         if (pd)
 141                 *pd = prsa->d;
 142 }
 143
 144 int
 145 sslshim_RSA_set0_key(
 146         RSA *           prsa,
 147         BIGNUM *        n,
 148         BIGNUM *        e,
 149         BIGNUM *        d
 150         )
 151 {
 152         REQUIRE(prsa != NULL);
 153         if (!((prsa->n || n) && (prsa->e || e)))
 154                 return 0;
 155
 156         replace_bn_nn(&prsa->n, n);
 157         replace_bn_nn(&prsa->e, e);
 158         replace_bn_nn(&prsa->d, d);
 159
 160         return 1;
 161 }
 162
 163 void
 164 sslshim_RSA_get0_factors(
 165         const RSA *     prsa,
 166         const BIGNUM ** pp,
 167         const BIGNUM ** pq
 168         )
 169 {
 170         REQUIRE(prsa != NULL);
 171
 172         if (pp)
 173                 *pp = prsa->p;
 174         if (pq)
 175                 *pq = prsa->q;
 176 }
 177
 178 int
 179 sslshim_RSA_set0_factors(
 180         RSA    *        prsa,
 181         BIGNUM *        p,
 182         BIGNUM *        q
 183         )
 184 {
 185         REQUIRE(prsa != NULL);
 186         if (!((prsa->p || p) && (prsa->q || q)))
 187                 return 0;
 188
 189         replace_bn_nn(&prsa->p, p);
 190         replace_bn_nn(&prsa->q, q);
 191
 192         return 1;
 193 }
 194
 195 int
 196 sslshim_RSA_set0_crt_params(
 197         RSA    *        prsa,
 198         BIGNUM *        dmp1,
 199         BIGNUM *        dmq1,
 200         BIGNUM *        iqmp
 201         )
 202 {
 203         REQUIRE(prsa != NULL);
 204         if (!((prsa->dmp1 || dmp1) &&
 205               (prsa->dmq1 || dmq1) &&
 206               (prsa->iqmp || iqmp) ))
 207                 return 0;
 208
 209         replace_bn_nn(&prsa->dmp1, dmp1);
 210         replace_bn_nn(&prsa->dmq1, dmq1);
 211         replace_bn_nn(&prsa->iqmp, iqmp);
 212
 213         return 1;
 214 }
 215
 216 /* --------------------------------------------------------------------
 217  * set/get DSA signature parameters
 218  */
 219 void
 220 sslshim_DSA_SIG_get0(
 221         const DSA_SIG * psig,
 222         const BIGNUM ** pr,
 223         const BIGNUM ** ps
 224         )
 225 {
 226         REQUIRE(psig != NULL);
 227
 228         if (pr != NULL)
 229                 *pr = psig->r;
 230         if (ps != NULL)
 231                 *ps = psig->s;
 232 }
 233
 234 int
 235 sslshim_DSA_SIG_set0(
 236         DSA_SIG *       psig,
 237         BIGNUM *        r,
 238         BIGNUM *        s
 239         )
 240 {
 241         REQUIRE(psig != NULL);
 242         if (!(r && s))
 243                 return 0;
 244
 245         replace_bn_nn(&psig->r, r);
 246         replace_bn_nn(&psig->s, s);
 247
 248         return 1;
 249 }
 250
 251 /* --------------------------------------------------------------------
 252  * get/set DSA parameters
 253  */
 254 void
 255 sslshim_DSA_get0_pqg(
 256         const DSA *     pdsa,
 257         const BIGNUM ** pp,
 258         const BIGNUM ** pq,
 259         const BIGNUM ** pg
 260         )
 261 {
 262         REQUIRE(pdsa != NULL);
 263
 264         if (pp != NULL)
 265                 *pp = pdsa->p;
 266         if (pq != NULL)
 267                 *pq = pdsa->q;
 268         if (pg != NULL)
 269                 *pg = pdsa->g;
 270 }
 271
 272 int
 273 sslshim_DSA_set0_pqg(
 274         DSA *           pdsa,
 275         BIGNUM *        p,
 276         BIGNUM *        q,
 277         BIGNUM *        g
 278         )
 279 {
 280         if (!((pdsa->p || p) && (pdsa->q || q) && (pdsa->g || g)))
 281                 return 0;
 282
 283         replace_bn_nn(&pdsa->p, p);
 284         replace_bn_nn(&pdsa->q, q);
 285         replace_bn_nn(&pdsa->g, g);
 286
 287         return 1;
 288 }
 289
 290 void
 291 sslshim_DSA_get0_key(
 292         const DSA *     pdsa,
 293         const BIGNUM ** ppub_key,
 294         const BIGNUM ** ppriv_key
 295         )
 296 {
 297         REQUIRE(pdsa != NULL);
 298
 299         if (ppub_key != NULL)
 300                 *ppub_key = pdsa->pub_key;
 301         if (ppriv_key != NULL)
 302                 *ppriv_key = pdsa->priv_key;
 303 }
 304
 305 int
 306 sslshim_DSA_set0_key(
 307         DSA *           pdsa,
 308         BIGNUM *        pub_key,
 309         BIGNUM *        priv_key
 310         )
 311 {
 312         REQUIRE(pdsa != NULL);
 313         if (!(pdsa->pub_key || pub_key))
 314                 return 0;
 315
 316         replace_bn_nn(&pdsa->pub_key, pub_key);
 317         replace_bn_nn(&pdsa->priv_key, priv_key);
 318
 319         return 1;
 320 }
 321
 322 int
 323 sslshim_X509_get_signature_nid(
 324         const X509 *x
 325         )
 326 {
 327         return OBJ_obj2nid(x->sig_alg->algorithm);
 328 }
 329
 330 /* ----------------------------------------------------------------- */
 331 #else /* OPENSSL && OPENSSL_VERSION_NUMBER >= v1.1.0 */
 332 /* ----------------------------------------------------------------- */
 333
 334 NONEMPTY_TRANSLATION_UNIT
 335
 336 /* ----------------------------------------------------------------- */
 337 #endif
 338 /* ----------------------------------------------------------------- */