openbsd-compat/openssl-compat.h

   1 /* $Id: openssl-compat.h,v 1.18 2011/01/21 22:37:06 dtucker Exp $ */
   2
   3 /*
   4  * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
   5  *
   6  * Permission to use, copy, modify, and distribute this software for any
   7  * purpose with or without fee is hereby granted, provided that the above
   8  * copyright notice and this permission notice appear in all copies.
   9  *
  10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  11  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  12  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  13  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  14  * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER
  15  * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
  16  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  17  */
  18
  19 #include "includes.h"
  20 #include <openssl/opensslv.h>
  21 #include <openssl/evp.h>
  22 #include <openssl/rsa.h>
  23 #include <openssl/dsa.h>
  24
  25 /* Only in 0.9.8 */
  26 #ifndef OPENSSL_DSA_MAX_MODULUS_BITS
  27 # define OPENSSL_DSA_MAX_MODULUS_BITS        10000
  28 #endif
  29 #ifndef OPENSSL_RSA_MAX_MODULUS_BITS
  30 # define OPENSSL_RSA_MAX_MODULUS_BITS        16384
  31 #endif
  32
  33 /* OPENSSL_free() is Free() in versions before OpenSSL 0.9.6 */
  34 #if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090600f)
  35 # define OPENSSL_free(x) Free(x)
  36 #endif
  37
  38 #if OPENSSL_VERSION_NUMBER < 0x00906000L
  39 # define SSH_OLD_EVP
  40 # define EVP_CIPHER_CTX_get_app_data(e)         ((e)->app_data)
  41 #endif
  42
  43 #if OPENSSL_VERSION_NUMBER < 0x1000000fL
  44 # define LIBCRYPTO_EVP_INL_TYPE unsigned int
  45 #else
  46 # define LIBCRYPTO_EVP_INL_TYPE size_t
  47 #endif
  48
  49 #if (OPENSSL_VERSION_NUMBER < 0x00907000L) || defined(OPENSSL_LOBOTOMISED_AES)
  50 # define USE_BUILTIN_RIJNDAEL
  51 #endif
  52
  53 #ifdef USE_BUILTIN_RIJNDAEL
  54 # include "rijndael.h"
  55 # define AES_KEY rijndael_ctx
  56 # define AES_BLOCK_SIZE 16
  57 # define AES_encrypt(a, b, c)           rijndael_encrypt(c, a, b)
  58 # define AES_set_encrypt_key(a, b, c)   rijndael_set_key(c, (char *)a, b, 1)
  59 # define EVP_aes_128_cbc evp_rijndael
  60 # define EVP_aes_192_cbc evp_rijndael
  61 # define EVP_aes_256_cbc evp_rijndael
  62 extern const EVP_CIPHER *evp_rijndael(void);
  63 extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int);
  64 #endif
  65
  66 #if !defined(EVP_CTRL_SET_ACSS_MODE)
  67 # if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
  68 #  define USE_CIPHER_ACSS 1
  69 extern const EVP_CIPHER *evp_acss(void);
  70 #  define EVP_acss evp_acss
  71 # else
  72 #  define EVP_acss NULL
  73 # endif
  74 #endif
  75
  76 /* OpenSSL 0.9.8e returns cipher key len not context key len */
  77 #if (OPENSSL_VERSION_NUMBER == 0x0090805fL)
  78 # define EVP_CIPHER_CTX_key_length(c) ((c)->key_len)
  79 #endif
  80
  81 #ifndef HAVE_RSA_GET_DEFAULT_METHOD
  82 RSA_METHOD *RSA_get_default_method(void);
  83 #endif
  84
  85 /*
  86  * We overload some of the OpenSSL crypto functions with ssh_* equivalents
  87  * which cater for older and/or less featureful OpenSSL version.
  88  *
  89  * In order for the compat library to call the real functions, it must
  90  * define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and
  91  * implement the ssh_* equivalents.
  92  */
  93 #ifndef SSH_DONT_OVERLOAD_OPENSSL_FUNCS
  94
  95 # ifdef SSH_OLD_EVP
  96 #  ifdef EVP_Cipher
  97 #   undef EVP_Cipher
  98 #  endif
  99 #  define EVP_CipherInit(a,b,c,d,e)     ssh_EVP_CipherInit((a),(b),(c),(d),(e))
 100 #  define EVP_Cipher(a,b,c,d)           ssh_EVP_Cipher((a),(b),(c),(d))
 101 #  define EVP_CIPHER_CTX_cleanup(a)     ssh_EVP_CIPHER_CTX_cleanup((a))
 102 # endif /* SSH_OLD_EVP */
 103
 104 # ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
 105 #  define EVP_DigestUpdate(a,b,c)       ssh_EVP_DigestUpdate((a),(b),(c))
 106 #  endif
 107
 108 # ifdef USE_OPENSSL_ENGINE
 109 #  ifdef SSLeay_add_all_algorithms
 110 #   undef SSLeay_add_all_algorithms
 111 #  endif
 112 #  define SSLeay_add_all_algorithms()  ssh_SSLeay_add_all_algorithms()
 113 # endif
 114
 115 # ifndef HAVE_BN_IS_PRIME_EX
 116 int BN_is_prime_ex(const BIGNUM *, int, BN_CTX *, void *);
 117 # endif
 118
 119 # ifndef HAVE_DSA_GENERATE_PARAMETERS_EX
 120 int DSA_generate_parameters_ex(DSA *, int, const unsigned char *, int, int *,
 121     unsigned long *, void *);
 122 # endif
 123
 124 # ifndef HAVE_RSA_GENERATE_KEY_EX
 125 int RSA_generate_key_ex(RSA *, int, BIGNUM *, void *);
 126 # endif
 127
 128 int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *,
 129     unsigned char *, int);
 130 int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int);
 131 int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
 132 void ssh_SSLeay_add_all_algorithms(void);
 133 #endif  /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
 134