Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame^] | 1 | From c14d9bf71753a38df57cc6538b22ed389d2c2cb1 Mon Sep 17 00:00:00 2001 |
| 2 | From: Khem Raj <raj.khem@gmail.com> |
| 3 | Date: Tue, 4 Sep 2018 17:18:51 -0700 |
| 4 | Subject: [PATCH] Support OpenSSL 1.1.0 |
| 5 | |
| 6 | Taken from https://github.com/x42/liboauth/issues/9 |
| 7 | |
| 8 | Upstream-Status: Submitted[https://github.com/x42/liboauth/issues/9] |
| 9 | Signed-off-by: Khem Raj <raj.khem@gmail.com> |
| 10 | --- |
| 11 | src/hash.c | 65 ++++++++++++++++++++++++++++++++++++------------------ |
| 12 | 1 file changed, 44 insertions(+), 21 deletions(-) |
| 13 | |
| 14 | diff --git a/src/hash.c b/src/hash.c |
| 15 | index 17ff5c8..e128826 100644 |
| 16 | --- a/src/hash.c |
| 17 | +++ b/src/hash.c |
| 18 | @@ -362,6 +362,11 @@ looser: |
| 19 | #include "oauth.h" // base64 encode fn's. |
| 20 | #include <openssl/hmac.h> |
| 21 | |
| 22 | +#if OPENSSL_VERSION_NUMBER < 0x10100000 |
| 23 | +#define EVP_MD_CTX_new EVP_MD_CTX_create |
| 24 | +#define EVP_MD_CTX_free EVP_MD_CTX_destroy |
| 25 | +#endif |
| 26 | + |
| 27 | char *oauth_sign_hmac_sha1 (const char *m, const char *k) { |
| 28 | return(oauth_sign_hmac_sha1_raw (m, strlen(m), k, strlen(k))); |
| 29 | } |
| 30 | @@ -386,7 +391,7 @@ char *oauth_sign_rsa_sha1 (const char *m, const char *k) { |
| 31 | unsigned char *sig = NULL; |
| 32 | unsigned char *passphrase = NULL; |
| 33 | unsigned int len=0; |
| 34 | - EVP_MD_CTX md_ctx; |
| 35 | + EVP_MD_CTX *md_ctx; |
| 36 | |
| 37 | EVP_PKEY *pkey; |
| 38 | BIO *in; |
| 39 | @@ -399,24 +404,31 @@ char *oauth_sign_rsa_sha1 (const char *m, const char *k) { |
| 40 | return xstrdup("liboauth/OpenSSL: can not read private key"); |
| 41 | } |
| 42 | |
| 43 | + md_ctx = EVP_MD_CTX_new(); |
| 44 | + if (md_ctx == NULL) { |
| 45 | + return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX"); |
| 46 | + } |
| 47 | + |
| 48 | len = EVP_PKEY_size(pkey); |
| 49 | sig = (unsigned char*)xmalloc((len+1)*sizeof(char)); |
| 50 | |
| 51 | - EVP_SignInit(&md_ctx, EVP_sha1()); |
| 52 | - EVP_SignUpdate(&md_ctx, m, strlen(m)); |
| 53 | - if (EVP_SignFinal (&md_ctx, sig, &len, pkey)) { |
| 54 | + EVP_SignInit(md_ctx, EVP_sha1()); |
| 55 | + EVP_SignUpdate(md_ctx, m, strlen(m)); |
| 56 | + if (EVP_SignFinal (md_ctx, sig, &len, pkey)) { |
| 57 | char *tmp; |
| 58 | sig[len] = '\0'; |
| 59 | tmp = oauth_encode_base64(len,sig); |
| 60 | OPENSSL_free(sig); |
| 61 | EVP_PKEY_free(pkey); |
| 62 | + EVP_MD_CTX_free(md_ctx); |
| 63 | return tmp; |
| 64 | } |
| 65 | + EVP_MD_CTX_free(md_ctx); |
| 66 | return xstrdup("liboauth/OpenSSL: rsa-sha1 signing failed"); |
| 67 | } |
| 68 | |
| 69 | int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) { |
| 70 | - EVP_MD_CTX md_ctx; |
| 71 | + EVP_MD_CTX *md_ctx; |
| 72 | EVP_PKEY *pkey; |
| 73 | BIO *in; |
| 74 | X509 *cert = NULL; |
| 75 | @@ -437,13 +449,18 @@ int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) { |
| 76 | return -2; |
| 77 | } |
| 78 | |
| 79 | + md_ctx = EVP_MD_CTX_new(); |
| 80 | + if (md_ctx == NULL) { |
| 81 | + return -2; |
| 82 | + } |
| 83 | + |
| 84 | b64d= (unsigned char*) xmalloc(sizeof(char)*strlen(s)); |
| 85 | slen = oauth_decode_base64(b64d, s); |
| 86 | |
| 87 | - EVP_VerifyInit(&md_ctx, EVP_sha1()); |
| 88 | - EVP_VerifyUpdate(&md_ctx, m, strlen(m)); |
| 89 | - err = EVP_VerifyFinal(&md_ctx, b64d, slen, pkey); |
| 90 | - EVP_MD_CTX_cleanup(&md_ctx); |
| 91 | + EVP_VerifyInit(md_ctx, EVP_sha1()); |
| 92 | + EVP_VerifyUpdate(md_ctx, m, strlen(m)); |
| 93 | + err = EVP_VerifyFinal(md_ctx, b64d, slen, pkey); |
| 94 | + EVP_MD_CTX_free(md_ctx); |
| 95 | EVP_PKEY_free(pkey); |
| 96 | xfree(b64d); |
| 97 | return (err); |
| 98 | @@ -455,35 +472,41 @@ int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) { |
| 99 | */ |
| 100 | char *oauth_body_hash_file(char *filename) { |
| 101 | unsigned char fb[BUFSIZ]; |
| 102 | - EVP_MD_CTX ctx; |
| 103 | + EVP_MD_CTX *ctx; |
| 104 | size_t len=0; |
| 105 | unsigned char *md; |
| 106 | FILE *F= fopen(filename, "r"); |
| 107 | if (!F) return NULL; |
| 108 | |
| 109 | - EVP_MD_CTX_init(&ctx); |
| 110 | - EVP_DigestInit(&ctx,EVP_sha1()); |
| 111 | + ctx = EVP_MD_CTX_new(); |
| 112 | + if (ctx == NULL) { |
| 113 | + return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX"); |
| 114 | + } |
| 115 | + EVP_DigestInit(ctx,EVP_sha1()); |
| 116 | while (!feof(F) && (len=fread(fb,sizeof(char),BUFSIZ, F))>0) { |
| 117 | - EVP_DigestUpdate(&ctx, fb, len); |
| 118 | + EVP_DigestUpdate(ctx, fb, len); |
| 119 | } |
| 120 | fclose(F); |
| 121 | len=0; |
| 122 | md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char)); |
| 123 | - EVP_DigestFinal(&ctx, md,(unsigned int*) &len); |
| 124 | - EVP_MD_CTX_cleanup(&ctx); |
| 125 | + EVP_DigestFinal(ctx, md,(unsigned int*) &len); |
| 126 | + EVP_MD_CTX_free(ctx); |
| 127 | return oauth_body_hash_encode(len, md); |
| 128 | } |
| 129 | |
| 130 | char *oauth_body_hash_data(size_t length, const char *data) { |
| 131 | - EVP_MD_CTX ctx; |
| 132 | + EVP_MD_CTX *ctx; |
| 133 | size_t len=0; |
| 134 | unsigned char *md; |
| 135 | md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char)); |
| 136 | - EVP_MD_CTX_init(&ctx); |
| 137 | - EVP_DigestInit(&ctx,EVP_sha1()); |
| 138 | - EVP_DigestUpdate(&ctx, data, length); |
| 139 | - EVP_DigestFinal(&ctx, md,(unsigned int*) &len); |
| 140 | - EVP_MD_CTX_cleanup(&ctx); |
| 141 | + ctx = EVP_MD_CTX_new(); |
| 142 | + if (ctx == NULL) { |
| 143 | + return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX"); |
| 144 | + } |
| 145 | + EVP_DigestInit(ctx,EVP_sha1()); |
| 146 | + EVP_DigestUpdate(ctx, data, length); |
| 147 | + EVP_DigestFinal(ctx, md,(unsigned int*) &len); |
| 148 | + EVP_MD_CTX_free(ctx); |
| 149 | return oauth_body_hash_encode(len, md); |
| 150 | } |
| 151 | |