xref: /netbsd-src/external/bsd/ntp/dist/libntp/libssl_compat.c (revision e89934bbf778a6d6d6894877c4da59d0c7835b0f) 
1 /*	$NetBSD: libssl_compat.c,v 1.1.1.1 2016/11/22 01:35:04 christos Exp $	*/
2 
3 /*
4  * libssl_compat.c -- OpenSSL v1.1 compatibility functions
5  *
6  * ---------------------------------------------------------------------
7  * Written by Juergen Perlinger <perlinger@ntp.org> for the NTP project
8  *
9  * Based on an idea by Kurt Roeckx <kurt@roeckx.be>
10  *
11  * ---------------------------------------------------------------------
12  * This is a clean room implementation of shim functions that have
13  * counterparts in the OpenSSL v1.1 API but not in earlier versions. So
14  * while OpenSSL broke binary compatibility with v1.1, this shim module
15  * should provide the necessary source code compatibility with older
16  * versions of OpenSSL.
17  * ---------------------------------------------------------------------
18  */
19 #include "config.h"
20 
21 #include <string.h>
22 #include <openssl/bn.h>
23 #include <openssl/evp.h>
24 
25 #include "ntp_types.h"
26 
27 /* ----------------------------------------------------------------- */
28 #if OPENSSL_VERSION_NUMBER < 0x10100000L
29 /* ----------------------------------------------------------------- */
30 
31 #include "libssl_compat.h"
32 #include "ntp_assert.h"
33 
34 /* --------------------------------------------------------------------
35  * replace a BIGNUM owned by the caller with another one if it's not
36  * NULL, taking over the ownership of the new value. This clears & frees
37  * the old value -- the clear might be overkill, but it's better to err
38  * on the side of paranoia here.
39  */
40 static void
41 replace_bn_nn(
42 	BIGNUM **	ps,
43 	BIGNUM *	n
44 	)
45 {
46 	if (n) {
47 		REQUIRE(*ps != n);
48 		BN_clear_free(*ps);
49 		*ps = n;
50 	}
51 }
52 
53 /* --------------------------------------------------------------------
54  * allocation and deallocation of prime number callbacks
55  */
56 BN_GENCB*
57 sslshimBN_GENCB_new(void)
58 {
59 	return calloc(1,sizeof(BN_GENCB));
60 }
61 
62 void
63 sslshimBN_GENCB_free(
64 	BN_GENCB	*cb
65 	)
66 {
67 	free(cb);
68 }
69 
70 /* --------------------------------------------------------------------
71  * allocation and deallocation of message digests
72  */
73 EVP_MD_CTX*
74 sslshim_EVP_MD_CTX_new(void)
75 {
76 	return calloc(1, sizeof(EVP_MD_CTX));
77 }
78 
79 void
80 sslshim_EVP_MD_CTX_free(
81 	EVP_MD_CTX *	pctx
82 	)
83 {
84 	free(pctx);
85 }
86 
87 /* --------------------------------------------------------------------
88  * get EVP keys and key type
89  */
90 int
91 sslshim_EVP_PKEY_id(
92 	const EVP_PKEY *pkey
93 	)
94 {
95 	return (pkey) ? pkey->type : EVP_PKEY_NONE;
96 }
97 
98 int
99 sslshim_EVP_PKEY_base_id(
100 	const EVP_PKEY *pkey
101 	)
102 {
103 	return (pkey) ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
104 }
105 
106 RSA*
107 sslshim_EVP_PKEY_get0_RSA(
108 	EVP_PKEY *	pkey
109 	)
110 {
111 	return (pkey) ? pkey->pkey.rsa : NULL;
112 }
113 
114 DSA*
115 sslshim_EVP_PKEY_get0_DSA(
116 	EVP_PKEY *	pkey
117 	)
118 {
119 	return (pkey) ? pkey->pkey.dsa : NULL;
120 }
121 
122 /* --------------------------------------------------------------------
123  * set/get RSA params
124  */
125 void
126 sslshim_RSA_get0_key(
127 	const RSA *	prsa,
128 	const BIGNUM **	pn,
129 	const BIGNUM **	pe,
130 	const BIGNUM **	pd
131 	)
132 {
133 	REQUIRE(prsa != NULL);
134 
135 	if (pn)
136 		*pn = prsa->n;
137 	if (pe)
138 		*pe = prsa->e;
139 	if (pd)
140 		*pd = prsa->d;
141 }
142 
143 int
144 sslshim_RSA_set0_key(
145 	RSA *		prsa,
146 	BIGNUM *	n,
147 	BIGNUM *	e,
148 	BIGNUM *	d
149 	)
150 {
151 	REQUIRE(prsa != NULL);
152 	if (!((prsa->n || n) && (prsa->e || e)))
153 		return 0;
154 
155 	replace_bn_nn(&prsa->n, n);
156 	replace_bn_nn(&prsa->e, e);
157 	replace_bn_nn(&prsa->d, d);
158 
159 	return 1;
160 }
161 
162 void
163 sslshim_RSA_get0_factors(
164 	const RSA *	prsa,
165 	const BIGNUM **	pp,
166 	const BIGNUM **	pq
167 	)
168 {
169 	REQUIRE(prsa != NULL);
170 
171 	if (pp)
172 		*pp = prsa->p;
173 	if (pq)
174 		*pq = prsa->q;
175 }
176 
177 int
178 sslshim_RSA_set0_factors(
179 	RSA    *	prsa,
180 	BIGNUM *	p,
181 	BIGNUM *	q
182 	)
183 {
184 	REQUIRE(prsa != NULL);
185 	if (!((prsa->p || p) && (prsa->q || q)))
186 		return 0;
187 
188 	replace_bn_nn(&prsa->p, p);
189 	replace_bn_nn(&prsa->q, q);
190 
191 	return 1;
192 }
193 
194 int
195 sslshim_RSA_set0_crt_params(
196 	RSA    *	prsa,
197 	BIGNUM *	dmp1,
198 	BIGNUM *	dmq1,
199 	BIGNUM *	iqmp
200 	)
201 {
202 	REQUIRE(prsa != NULL);
203 	if (!((prsa->dmp1 || dmp1) &&
204 	      (prsa->dmq1 || dmq1) &&
205 	      (prsa->iqmp || iqmp) ))
206 		return 0;
207 
208 	replace_bn_nn(&prsa->dmp1, dmp1);
209 	replace_bn_nn(&prsa->dmq1, dmq1);
210 	replace_bn_nn(&prsa->iqmp, iqmp);
211 
212 	return 1;
213 }
214 
215 /* --------------------------------------------------------------------
216  * set/get DSA signature parameters
217  */
218 void
219 sslshim_DSA_SIG_get0(
220 	const DSA_SIG *	psig,
221 	const BIGNUM **	pr,
222 	const BIGNUM **	ps
223 	)
224 {
225 	REQUIRE(psig != NULL);
226 
227 	if (pr != NULL)
228 		*pr = psig->r;
229 	if (ps != NULL)
230 		*ps = psig->s;
231 }
232 
233 int
234 sslshim_DSA_SIG_set0(
235 	DSA_SIG *	psig,
236 	BIGNUM *	r,
237 	BIGNUM *	s
238 	)
239 {
240 	REQUIRE(psig != NULL);
241 	if (!(r && s))
242 		return 0;
243 
244 	replace_bn_nn(&psig->r, r);
245 	replace_bn_nn(&psig->s, s);
246 
247 	return 1;
248 }
249 
250 /* --------------------------------------------------------------------
251  * get/set DSA parameters
252  */
253 void
254 sslshim_DSA_get0_pqg(
255 	const DSA *	pdsa,
256 	const BIGNUM **	pp,
257 	const BIGNUM **	pq,
258 	const BIGNUM **	pg
259 	)
260 {
261 	REQUIRE(pdsa != NULL);
262 
263 	if (pp != NULL)
264 		*pp = pdsa->p;
265 	if (pq != NULL)
266 		*pq = pdsa->q;
267 	if (pg != NULL)
268 		*pg = pdsa->g;
269 }
270 
271 int
272 sslshim_DSA_set0_pqg(
273 	DSA *		pdsa,
274 	BIGNUM *	p,
275 	BIGNUM *	q,
276 	BIGNUM *	g
277 	)
278 {
279 	if (!((pdsa->p || p) && (pdsa->q || q) && (pdsa->g || g)))
280 		return 0;
281 
282 	replace_bn_nn(&pdsa->p, p);
283 	replace_bn_nn(&pdsa->q, q);
284 	replace_bn_nn(&pdsa->g, g);
285 
286 	return 1;
287 }
288 
289 void
290 sslshim_DSA_get0_key(
291 	const DSA *	pdsa,
292 	const BIGNUM **	ppub_key,
293 	const BIGNUM **	ppriv_key
294 	)
295 {
296 	REQUIRE(pdsa != NULL);
297 
298 	if (ppub_key != NULL)
299 		*ppub_key = pdsa->pub_key;
300 	if (ppriv_key != NULL)
301 		*ppriv_key = pdsa->priv_key;
302 }
303 
304 int
305 sslshim_DSA_set0_key(
306 	DSA *		pdsa,
307 	BIGNUM *	pub_key,
308 	BIGNUM *	priv_key
309 	)
310 {
311 	REQUIRE(pdsa != NULL);
312 	if (!(pdsa->pub_key || pub_key))
313 		return 0;
314 
315 	replace_bn_nn(&pdsa->pub_key, pub_key);
316 	replace_bn_nn(&pdsa->priv_key, priv_key);
317 
318 	return 1;
319 }
320 
321 int
322 sslshim_X509_get_signature_nid(
323 	const X509 *x
324 	)
325 {
326 	return OBJ_obj2nid(x->sig_alg->algorithm);
327 }
328 
329 /* ----------------------------------------------------------------- */
330 #else /* OPENSSL_VERSION_NUMBER >= v1.1.0 */
331 /* ----------------------------------------------------------------- */
332 
333 NONEMPTY_TRANSLATION_UNIT
334 
335 /* ----------------------------------------------------------------- */
336 #endif
337 /* ----------------------------------------------------------------- */
338