projects / tinc / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Ensure compatibility with OpenSSL 1.1.0.
[tinc] / src / openssl / cipher.c
diff --git a/src/openssl/cipher.c b/src/openssl/cipher.c
index 04aee27..ae9640f 100644 (file)
--- a/src/openssl/cipher.c
+++ b/src/openssl/cipher.c
@@ -28,14 +28,16 @@
 #include "../xalloc.h"
 
 struct cipher {
-       EVP_CIPHER_CTX ctx;
+       EVP_CIPHER_CTX *ctx;
        const EVP_CIPHER *cipher;
 };
 
 static cipher_t *cipher_open(const EVP_CIPHER *evp_cipher) {
        cipher_t *cipher = xzalloc(sizeof *cipher);
        cipher->cipher = evp_cipher;
-       EVP_CIPHER_CTX_init(&cipher->ctx);
+       cipher->ctx = EVP_CIPHER_CTX_new();
+       if(!cipher->ctx)
+               abort();
 
        return cipher;
 }
@@ -68,7 +70,7 @@ void cipher_close(cipher_t *cipher) {
        if(!cipher)
                return;
 
-       EVP_CIPHER_CTX_cleanup(&cipher->ctx);
+       EVP_CIPHER_CTX_free(cipher->ctx);
        free(cipher);
 }
 
@@ -76,23 +78,23 @@ size_t cipher_keylength(const cipher_t *cipher) {
        if(!cipher || !cipher->cipher)
                return 0;
 
-       return cipher->cipher->key_len + cipher->cipher->iv_len;
+       return EVP_CIPHER_key_length(cipher->cipher) + EVP_CIPHER_iv_length(cipher->cipher);
 }
 
 size_t cipher_blocksize(const cipher_t *cipher) {
        if(!cipher || !cipher->cipher)
                return 1;
 
-       return cipher->cipher->block_size;
+       return EVP_CIPHER_block_size(cipher->cipher);
 }
 
 bool cipher_set_key(cipher_t *cipher, void *key, bool encrypt) {
        bool result;
 
        if(encrypt)
-               result = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key, (unsigned char *)key + cipher->cipher->key_len);
+               result = EVP_EncryptInit_ex(cipher->ctx, cipher->cipher, NULL, (unsigned char *)key, (unsigned char *)key + EVP_CIPHER_key_length(cipher->cipher));
        else
-               result = EVP_DecryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key, (unsigned char *)key + cipher->cipher->key_len);
+               result = EVP_DecryptInit_ex(cipher->ctx, cipher->cipher, NULL, (unsigned char *)key, (unsigned char *)key + EVP_CIPHER_key_length(cipher->cipher));
 
        if(result)
                return true;
@@ -105,9 +107,9 @@ bool cipher_set_key_from_rsa(cipher_t *cipher, void *key, size_t len, bool encry
        bool result;
 
        if(encrypt)
-               result = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key + len - cipher->cipher->key_len, (unsigned char *)key + len - cipher->cipher->iv_len - cipher->cipher->key_len);
+               result = EVP_EncryptInit_ex(cipher->ctx, cipher->cipher, NULL, (unsigned char *)key + len - EVP_CIPHER_key_length(cipher->cipher), (unsigned char *)key + len - EVP_CIPHER_iv_length(cipher->cipher) - EVP_CIPHER_key_length(cipher->cipher));
        else
-               result = EVP_DecryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key + len - cipher->cipher->key_len, (unsigned char *)key + len - cipher->cipher->iv_len - cipher->cipher->key_len);
+               result = EVP_DecryptInit_ex(cipher->ctx, cipher->cipher, NULL, (unsigned char *)key + len - EVP_CIPHER_key_length(cipher->cipher), (unsigned char *)key + len - EVP_CIPHER_iv_length(cipher->cipher) - EVP_CIPHER_key_length(cipher->cipher));
 
        if(result)
                return true;
@@ -119,15 +121,15 @@ bool cipher_set_key_from_rsa(cipher_t *cipher, void *key, size_t len, bool encry
 bool cipher_encrypt(cipher_t *cipher, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) {
        if(oneshot) {
                int len, pad;
-               if(EVP_EncryptInit_ex(&cipher->ctx, NULL, NULL, NULL, NULL)
-                               && EVP_EncryptUpdate(&cipher->ctx, (unsigned char *)outdata, &len, indata, inlen)
-                               && EVP_EncryptFinal(&cipher->ctx, (unsigned char *)outdata + len, &pad)) {
+               if(EVP_EncryptInit_ex(cipher->ctx, NULL, NULL, NULL, NULL)
+                               && EVP_EncryptUpdate(cipher->ctx, (unsigned char *)outdata, &len, indata, inlen)
+                               && EVP_EncryptFinal(cipher->ctx, (unsigned char *)outdata + len, &pad)) {
                        if(outlen) *outlen = len + pad;
                        return true;
                }
        } else {
                int len;
-               if(EVP_EncryptUpdate(&cipher->ctx, outdata, &len, indata, inlen)) {
+               if(EVP_EncryptUpdate(cipher->ctx, outdata, &len, indata, inlen)) {
                        if(outlen) *outlen = len;
                        return true;
                }
@@ -140,15 +142,15 @@ bool cipher_encrypt(cipher_t *cipher, const void *indata, size_t inlen, void *ou
 bool cipher_decrypt(cipher_t *cipher, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) {
        if(oneshot) {
                int len, pad;
-               if(EVP_DecryptInit_ex(&cipher->ctx, NULL, NULL, NULL, NULL)
-                               && EVP_DecryptUpdate(&cipher->ctx, (unsigned char *)outdata, &len, indata, inlen)
-                               && EVP_DecryptFinal(&cipher->ctx, (unsigned char *)outdata + len, &pad)) {
+               if(EVP_DecryptInit_ex(cipher->ctx, NULL, NULL, NULL, NULL)
+                               && EVP_DecryptUpdate(cipher->ctx, (unsigned char *)outdata, &len, indata, inlen)
+                               && EVP_DecryptFinal(cipher->ctx, (unsigned char *)outdata + len, &pad)) {
                        if(outlen) *outlen = len + pad;
                        return true;
                }
        } else {
                int len;
-               if(EVP_EncryptUpdate(&cipher->ctx, outdata, &len, indata, inlen)) {
+               if(EVP_EncryptUpdate(cipher->ctx, outdata, &len, indata, inlen)) {
                        if(outlen) *outlen = len;
                        return true;
                }
@@ -162,9 +164,9 @@ int cipher_get_nid(const cipher_t *cipher) {
        if(!cipher || !cipher->cipher)
                return 0;
 
-       return cipher->cipher->nid;
+       return EVP_CIPHER_nid(cipher->cipher);
 }
 
 bool cipher_active(const cipher_t *cipher) {
-       return cipher && cipher->cipher && cipher->cipher->nid != 0;
+       return cipher && cipher->cipher && EVP_CIPHER_nid(cipher->cipher) != 0;
 }
tinc, the VPN daemon