xref: /netbsd-src/external/mpl/bind/dist/lib/isc/openssl_shim.c (revision bcda20f65a8566e103791ec395f7f499ef322704) 
1 /*	$NetBSD: openssl_shim.c,v 1.8 2025/01/26 16:25:38 christos Exp $	*/
2 
3 /*
4  * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
5  *
6  * SPDX-License-Identifier: MPL-2.0
7  *
8  * This Source Code Form is subject to the terms of the Mozilla Public
9  * License, v. 2.0. If a copy of the MPL was not distributed with this
10  * file, you can obtain one at https://mozilla.org/MPL/2.0/.
11  *
12  * See the COPYRIGHT file distributed with this work for additional
13  * information regarding copyright ownership.
14  */
15 
16 #include <inttypes.h>
17 #include <stdlib.h>
18 #include <string.h>
19 
20 #include <openssl/crypto.h>
21 #include <openssl/evp.h>
22 #include <openssl/opensslv.h>
23 #include <openssl/ssl.h>
24 
25 #include "openssl_shim.h"
26 
27 #if !HAVE_CRYPTO_ZALLOC
28 void *
29 CRYPTO_zalloc(size_t num, const char *file, int line) {
30 	void *ret = CRYPTO_malloc(num, file, line);
31 	if (ret != NULL) {
32 		memset(ret, 0, num);
33 	}
34 	return ret;
35 }
36 #endif /* if !HAVE_CRYPTO_ZALLOC */
37 
38 #if !HAVE_EVP_CIPHER_CTX_NEW
39 EVP_CIPHER_CTX *
40 EVP_CIPHER_CTX_new(void) {
41 	EVP_CIPHER_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
42 	return ctx;
43 }
44 #endif /* if !HAVE_EVP_CIPHER_CTX_NEW */
45 
46 #if !HAVE_EVP_CIPHER_CTX_FREE
47 void
48 EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) {
49 	if (ctx != NULL) {
50 		EVP_CIPHER_CTX_cleanup(ctx);
51 		OPENSSL_free(ctx);
52 	}
53 }
54 #endif /* if !HAVE_EVP_CIPHER_CTX_FREE */
55 
56 #if !HAVE_EVP_MD_CTX_RESET
57 int
58 EVP_MD_CTX_reset(EVP_MD_CTX *ctx) {
59 	return EVP_MD_CTX_cleanup(ctx);
60 }
61 #endif /* if !HAVE_EVP_MD_CTX_RESET */
62 
63 #if !HAVE_SSL_READ_EX
64 int
65 SSL_read_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes) {
66 	int rv = SSL_read(ssl, buf, num);
67 	if (rv > 0) {
68 		*readbytes = rv;
69 		rv = 1;
70 	}
71 
72 	return rv;
73 }
74 #endif
75 
76 #if !HAVE_SSL_PEEK_EX
77 int
78 SSL_peek_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes) {
79 	int rv = SSL_peek(ssl, buf, num);
80 	if (rv > 0) {
81 		*readbytes = rv;
82 		rv = 1;
83 	}
84 
85 	return rv;
86 }
87 #endif
88 
89 #if !HAVE_SSL_WRITE_EX
90 int
91 SSL_write_ex(SSL *ssl, const void *buf, size_t num, size_t *written) {
92 	int rv = SSL_write(ssl, buf, num);
93 	if (rv > 0) {
94 		*written = rv;
95 		rv = 1;
96 	}
97 
98 	return rv;
99 }
100 #endif
101 
102 #if !HAVE_BIO_READ_EX
103 int
104 BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes) {
105 	int rv = BIO_read(b, data, dlen);
106 	if (rv > 0) {
107 		*readbytes = rv;
108 		rv = 1;
109 	}
110 
111 	return rv;
112 }
113 #endif
114 
115 #if !HAVE_BIO_WRITE_EX
116 int
117 BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written) {
118 	int rv = BIO_write(b, data, dlen);
119 	if (rv > 0) {
120 		*written = rv;
121 		rv = 1;
122 	}
123 
124 	return rv;
125 }
126 #endif
127 
128 #if !HAVE_OPENSSL_INIT_CRYPTO
129 int
130 OPENSSL_init_crypto(uint64_t opts, const void *settings) {
131 	(void)settings;
132 
133 	if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS) == 0) {
134 		ERR_load_crypto_strings();
135 	}
136 
137 	if ((opts & (OPENSSL_INIT_NO_ADD_ALL_CIPHERS |
138 		     OPENSSL_INIT_NO_ADD_ALL_CIPHERS)) == 0)
139 	{
140 		OpenSSL_add_all_algorithms();
141 	} else if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS) == 0) {
142 		OpenSSL_add_all_digests();
143 	} else if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS) == 0) {
144 		OpenSSL_add_all_ciphers();
145 	}
146 
147 	return 1;
148 }
149 #endif
150 
151 #if !HAVE_OPENSSL_INIT_SSL
152 int
153 OPENSSL_init_ssl(uint64_t opts, const void *settings) {
154 	OPENSSL_init_crypto(opts, settings);
155 
156 	SSL_library_init();
157 
158 	if ((opts & OPENSSL_INIT_NO_LOAD_SSL_STRINGS) == 0) {
159 		SSL_load_error_strings();
160 	}
161 
162 	return 1;
163 }
164 #endif
165 
166 #if !HAVE_OPENSSL_CLEANUP
167 void
168 OPENSSL_cleanup(void) {
169 	return;
170 }
171 #endif
172 
173 #if !HAVE_X509_STORE_UP_REF
174 
175 int
176 X509_STORE_up_ref(X509_STORE *store) {
177 	return CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE) > 0;
178 }
179 
180 #endif /* !HAVE_OPENSSL_CLEANUP */
181 
182 #if !HAVE_SSL_CTX_SET1_CERT_STORE
183 
184 void
185 SSL_CTX_set1_cert_store(SSL_CTX *ctx, X509_STORE *store) {
186 	(void)X509_STORE_up_ref(store);
187 
188 	SSL_CTX_set_cert_store(ctx, store);
189 }
190 
191 #endif /* !HAVE_SSL_CTX_SET1_CERT_STORE */
192 
193 #if !HAVE_SSL_CTX_UP_REF
194 int
195 SSL_CTX_up_ref(SSL_CTX *ctx) {
196 	return CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX) > 0;
197 }
198 #endif /* !HAVE_SSL_CTX_UP_REF */
199