You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

212 lines
5.5 KiB

  1. diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c
  2. index f3b3908..06b7fea 100644
  3. --- a/src/Mayaqua/Encrypt.c
  4. +++ b/src/Mayaqua/Encrypt.c
  5. @@ -129,6 +129,7 @@
  6. #include <openssl/rand.h>
  7. #include <openssl/engine.h>
  8. #include <openssl/bio.h>
  9. +#include <openssl/bn.h>
  10. #include <openssl/x509.h>
  11. #include <openssl/pkcs7.h>
  12. #include <openssl/pkcs12.h>
  13. @@ -137,6 +138,7 @@
  14. #include <openssl/md4.h>
  15. #include <openssl/hmac.h>
  16. #include <openssl/sha.h>
  17. +#include <openssl/rsa.h>
  18. #include <openssl/des.h>
  19. #include <openssl/aes.h>
  20. #include <openssl/dh.h>
  21. @@ -634,7 +636,7 @@ UINT CipherProcess(CIPHER *c, void *iv, void *dest, void *src, UINT size)
  22. return 0;
  23. }
  24. - if (EVP_CipherFinal(c->Ctx, ((UCHAR *)dest) + (UINT)r, &r2) == 0)
  25. + if (EVP_CipherFinal_ex(c->Ctx, ((UCHAR *)dest) + (UINT)r, &r2) == 0)
  26. {
  27. return 0;
  28. }
  29. @@ -933,6 +935,7 @@ BUF *BigNumToBuf(const BIGNUM *bn)
  30. // Initialization of the lock of OpenSSL
  31. void OpenSSL_InitLock()
  32. {
  33. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  34. UINT i;
  35. // Initialization of the lock object
  36. @@ -946,11 +949,13 @@ void OpenSSL_InitLock()
  37. // Setting the lock function
  38. CRYPTO_set_locking_callback(OpenSSL_Lock);
  39. CRYPTO_set_id_callback(OpenSSL_Id);
  40. +#endif
  41. }
  42. // Release of the lock of OpenSSL
  43. void OpenSSL_FreeLock()
  44. {
  45. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  46. UINT i;
  47. for (i = 0;i < ssl_lock_num;i++)
  48. @@ -962,11 +967,13 @@ void OpenSSL_FreeLock()
  49. CRYPTO_set_locking_callback(NULL);
  50. CRYPTO_set_id_callback(NULL);
  51. +#endif
  52. }
  53. // Lock function for OpenSSL
  54. void OpenSSL_Lock(int mode, int n, const char *file, int line)
  55. {
  56. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  57. LOCK *lock = ssl_lock_obj[n];
  58. if (mode & CRYPTO_LOCK)
  59. @@ -979,12 +986,15 @@ void OpenSSL_Lock(int mode, int n, const char *file, int line)
  60. // Unlock
  61. Unlock(lock);
  62. }
  63. +#endif
  64. }
  65. // Return the thread ID
  66. unsigned long OpenSSL_Id(void)
  67. {
  68. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  69. return (unsigned long)ThreadId();
  70. +#endif
  71. }
  72. // Get the display name of the certificate
  73. @@ -1908,8 +1918,8 @@ X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial)
  74. X509_set_version(x509, 2L);
  75. // Set the Expiration
  76. - t1 = X509_get_notBefore(x509);
  77. - t2 = X509_get_notAfter(x509);
  78. + t1 = X509_getm_notBefore(x509);
  79. + t2 = X509_getm_notAfter(x509);
  80. if (!UINT64ToAsn1Time(t1, notBefore))
  81. {
  82. FreeX509(x509);
  83. @@ -2050,8 +2060,8 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial)
  84. X509_set_version(x509, 2L);
  85. // Set the Expiration
  86. - t1 = X509_get_notBefore(x509);
  87. - t2 = X509_get_notAfter(x509);
  88. + t1 = X509_getm_notBefore(x509);
  89. + t2 = X509_getm_notAfter(x509);
  90. if (!UINT64ToAsn1Time(t1, notBefore))
  91. {
  92. FreeX509(x509);
  93. @@ -2677,6 +2687,43 @@ bool RsaCheckEx()
  94. return false;
  95. }
  96. +
  97. +// RSA key generation
  98. +static RSA *RsaGenKey(UINT bit, BN_ULONG e)
  99. +{
  100. + RSA *rsa = NULL;
  101. + char errbuf[MAX_SIZE];
  102. + BIGNUM *bne = NULL;
  103. +
  104. + if ((bne = BN_new()) == NULL)
  105. + {
  106. + Debug("BN_new: err=%s\n", ERR_error_string(ERR_get_error(), errbuf));
  107. + return NULL;
  108. + }
  109. + if (BN_set_word(bne, e) == 0)
  110. + {
  111. + Debug("BN_set_word: err=%s\n", ERR_error_string(ERR_get_error(), errbuf));
  112. + goto fail;
  113. + }
  114. + if ((rsa = RSA_new()) == NULL)
  115. + {
  116. + Debug("RSA_new: err=%s\n", ERR_error_string(ERR_get_error(), errbuf));
  117. + goto fail;
  118. + }
  119. + if (RSA_generate_key_ex(rsa, bit, bne, NULL) == 0)
  120. + {
  121. + Debug("RSA_generate_key_ex: err=%s\n", ERR_error_string(ERR_get_error(), errbuf));
  122. + goto fail;
  123. + }
  124. + BN_free(bne);
  125. + return rsa;
  126. +
  127. +fail:
  128. + RSA_free(rsa);
  129. + BN_free(bne);
  130. + return NULL;
  131. +}
  132. +
  133. bool RsaCheck()
  134. {
  135. RSA *rsa;
  136. @@ -2690,12 +2737,11 @@ bool RsaCheck()
  137. // Key generation
  138. Lock(openssl_lock);
  139. {
  140. - rsa = RSA_generate_key(bit, RSA_F4, NULL, NULL);
  141. + rsa = RsaGenKey(bit, RSA_F4);
  142. }
  143. Unlock(openssl_lock);
  144. if (rsa == NULL)
  145. {
  146. - Debug("RSA_generate_key: err=%s\n", ERR_error_string(ERR_get_error(), errbuf));
  147. return false;
  148. }
  149. @@ -2760,12 +2806,11 @@ bool RsaGen(K **priv, K **pub, UINT bit)
  150. // Key generation
  151. Lock(openssl_lock);
  152. {
  153. - rsa = RSA_generate_key(bit, RSA_F4, NULL, NULL);
  154. + rsa = RsaGenKey(bit, RSA_F4);
  155. }
  156. Unlock(openssl_lock);
  157. if (rsa == NULL)
  158. {
  159. - Debug("RSA_generate_key: err=%s\n", ERR_error_string(ERR_get_error(), errbuf));
  160. return false;
  161. }
  162. @@ -3875,7 +3920,7 @@ X *X509ToX(X509 *x509)
  163. {
  164. if (OBJ_obj2nid(ad->method) == NID_ad_ca_issuers && ad->location->type == GEN_URI)
  165. {
  166. - char *uri = (char *)ASN1_STRING_data(ad->location->d.uniformResourceIdentifier);
  167. + char *uri = (char *)ASN1_STRING_get0_data(ad->location->d.uniformResourceIdentifier);
  168. if (IsEmptyStr(uri) == false)
  169. {
  170. @@ -4088,7 +4133,9 @@ void Rand(void *buf, UINT size)
  171. // Delete a thread-specific information that OpenSSL has holded
  172. void FreeOpenSSLThreadState()
  173. {
  174. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  175. ERR_remove_state(0);
  176. +#endif
  177. }
  178. // Release the Crypt library
  179. @@ -4110,13 +4157,16 @@ void InitCryptLibrary()
  180. CheckIfIntelAesNiSupportedInit();
  181. // RAND_Init_For_SoftEther()
  182. openssl_lock = NewLock();
  183. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  184. SSL_library_init();
  185. //OpenSSL_add_all_algorithms();
  186. OpenSSL_add_all_ciphers();
  187. OpenSSL_add_all_digests();
  188. ERR_load_crypto_strings();
  189. SSL_load_error_strings();
  190. -
  191. +#else
  192. + OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
  193. +#endif
  194. #ifdef OS_UNIX
  195. {
  196. char *name1 = "/dev/random";