00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011 #include RUBY_EXTCONF_H
00012
00013 #if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ST_ENGINE)
00014 # include <openssl/engine.h>
00015 #endif
00016 #include <openssl/x509_vfy.h>
00017
00018 #if !defined(OPENSSL_NO_HMAC)
00019 #include <string.h>
00020 #include <openssl/hmac.h>
00021
00022 #include "openssl_missing.h"
00023
00024 #if !defined(HAVE_HMAC_CTX_COPY)
00025 void
00026 HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in)
00027 {
00028 if (!out || !in) return;
00029 memcpy(out, in, sizeof(HMAC_CTX));
00030
00031 EVP_MD_CTX_copy(&out->md_ctx, &in->md_ctx);
00032 EVP_MD_CTX_copy(&out->i_ctx, &in->i_ctx);
00033 EVP_MD_CTX_copy(&out->o_ctx, &in->o_ctx);
00034 }
00035 #endif
00036 #endif
00037
00038 #if !defined(HAVE_X509_STORE_SET_EX_DATA)
00039 int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data)
00040 {
00041 return CRYPTO_set_ex_data(&str->ex_data, idx, data);
00042 }
00043 #endif
00044
00045 #if !defined(HAVE_X509_STORE_GET_EX_DATA)
00046 void *X509_STORE_get_ex_data(X509_STORE *str, int idx)
00047 {
00048 return CRYPTO_get_ex_data(&str->ex_data, idx);
00049 }
00050 #endif
00051
00052 #if !defined(HAVE_EVP_MD_CTX_CREATE)
00053 EVP_MD_CTX *
00054 EVP_MD_CTX_create(void)
00055 {
00056 EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(EVP_MD_CTX));
00057 if (!ctx) return NULL;
00058
00059 memset(ctx, 0, sizeof(EVP_MD_CTX));
00060
00061 return ctx;
00062 }
00063 #endif
00064
00065 #if !defined(HAVE_EVP_MD_CTX_CLEANUP)
00066 int
00067 EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
00068 {
00069
00070 memset(ctx, 0, sizeof(EVP_MD_CTX));
00071
00072 return 1;
00073 }
00074 #endif
00075
00076 #if !defined(HAVE_EVP_MD_CTX_DESTROY)
00077 void
00078 EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
00079 {
00080 EVP_MD_CTX_cleanup(ctx);
00081 OPENSSL_free(ctx);
00082 }
00083 #endif
00084
00085 #if !defined(HAVE_EVP_MD_CTX_INIT)
00086 void
00087 EVP_MD_CTX_init(EVP_MD_CTX *ctx)
00088 {
00089 memset(ctx, 0, sizeof(EVP_MD_CTX));
00090 }
00091 #endif
00092
00093 #if !defined(HAVE_HMAC_CTX_INIT)
00094 void
00095 HMAC_CTX_init(HMAC_CTX *ctx)
00096 {
00097 EVP_MD_CTX_init(&ctx->i_ctx);
00098 EVP_MD_CTX_init(&ctx->o_ctx);
00099 EVP_MD_CTX_init(&ctx->md_ctx);
00100 }
00101 #endif
00102
00103 #if !defined(HAVE_HMAC_CTX_CLEANUP)
00104 void
00105 HMAC_CTX_cleanup(HMAC_CTX *ctx)
00106 {
00107 EVP_MD_CTX_cleanup(&ctx->i_ctx);
00108 EVP_MD_CTX_cleanup(&ctx->o_ctx);
00109 EVP_MD_CTX_cleanup(&ctx->md_ctx);
00110 memset(ctx, 0, sizeof(HMAC_CTX));
00111 }
00112 #endif
00113
00114 #if !defined(HAVE_EVP_CIPHER_CTX_COPY)
00115
00116
00117
00118
00119
00120 int
00121 EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, EVP_CIPHER_CTX *in)
00122 {
00123 memcpy(out, in, sizeof(EVP_CIPHER_CTX));
00124
00125 #if defined(HAVE_ENGINE_ADD) && defined(HAVE_ST_ENGINE)
00126 if (in->engine) ENGINE_add(out->engine);
00127 if (in->cipher_data) {
00128 out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
00129 memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
00130 }
00131 #endif
00132
00133 return 1;
00134 }
00135 #endif
00136
00137 #if !defined(HAVE_X509_CRL_SET_VERSION)
00138 int
00139 X509_CRL_set_version(X509_CRL *x, long version)
00140 {
00141 if (x == NULL || x->crl == NULL) return 0;
00142 if (x->crl->version == NULL) {
00143 x->crl->version = M_ASN1_INTEGER_new();
00144 if (x->crl->version == NULL) return 0;
00145 }
00146 return ASN1_INTEGER_set(x->crl->version, version);
00147 }
00148 #endif
00149
00150 #if !defined(HAVE_X509_CRL_SET_ISSUER_NAME)
00151 int
00152 X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
00153 {
00154 if (x == NULL || x->crl == NULL) return 0;
00155 return X509_NAME_set(&x->crl->issuer, name);
00156 }
00157 #endif
00158
00159 #if !defined(HAVE_X509_CRL_SORT)
00160 int
00161 X509_CRL_sort(X509_CRL *c)
00162 {
00163 int i;
00164 X509_REVOKED *r;
00165
00166
00167 sk_X509_REVOKED_sort(c->crl->revoked);
00168 for (i=0; i<sk_X509_REVOKED_num(c->crl->revoked); i++) {
00169 r=sk_X509_REVOKED_value(c->crl->revoked, i);
00170 r->sequence=i;
00171 }
00172 return 1;
00173 }
00174 #endif
00175
00176 #if !defined(HAVE_X509_CRL_ADD0_REVOKED)
00177 static int
00178 OSSL_X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b)
00179 {
00180 return(ASN1_STRING_cmp(
00181 (ASN1_STRING *)(*a)->serialNumber,
00182 (ASN1_STRING *)(*b)->serialNumber));
00183 }
00184
00185 int
00186 X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
00187 {
00188 X509_CRL_INFO *inf;
00189
00190 inf = crl->crl;
00191 if (!inf->revoked)
00192 inf->revoked = sk_X509_REVOKED_new(OSSL_X509_REVOKED_cmp);
00193 if (!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev))
00194 return 0;
00195 return 1;
00196 }
00197 #endif
00198
00199 #if !defined(HAVE_BN_MOD_SQR)
00200 int
00201 BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
00202 {
00203 if (!BN_sqr(r, (BIGNUM*)a, ctx)) return 0;
00204 return BN_mod(r, r, m, ctx);
00205 }
00206 #endif
00207
00208 #if !defined(HAVE_BN_MOD_ADD) || !defined(HAVE_BN_MOD_SUB)
00209 int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
00210 {
00211 if (!BN_mod(r,m,d,ctx)) return 0;
00212 if (!r->neg) return 1;
00213 return (d->neg ? BN_sub : BN_add)(r, r, d);
00214 }
00215 #endif
00216
00217 #if !defined(HAVE_BN_MOD_ADD)
00218 int
00219 BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
00220 {
00221 if (!BN_add(r, a, b)) return 0;
00222 return BN_nnmod(r, r, m, ctx);
00223 }
00224 #endif
00225
00226 #if !defined(HAVE_BN_MOD_SUB)
00227 int
00228 BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
00229 {
00230 if (!BN_sub(r, a, b)) return 0;
00231 return BN_nnmod(r, r, m, ctx);
00232 }
00233 #endif
00234
00235 #if !defined(HAVE_BN_RAND_RANGE) || !defined(HAVE_BN_PSEUDO_RAND_RANGE)
00236 static int
00237 bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range)
00238 {
00239 int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand;
00240 int n;
00241
00242 if (range->neg || BN_is_zero(range)) return 0;
00243
00244 n = BN_num_bits(range);
00245
00246 if (n == 1) {
00247 if (!BN_zero(r)) return 0;
00248 } else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) {
00249 do {
00250 if (!bn_rand(r, n + 1, -1, 0)) return 0;
00251 if (BN_cmp(r ,range) >= 0) {
00252 if (!BN_sub(r, r, range)) return 0;
00253 if (BN_cmp(r, range) >= 0)
00254 if (!BN_sub(r, r, range)) return 0;
00255 }
00256 } while (BN_cmp(r, range) >= 0);
00257 } else {
00258 do {
00259 if (!bn_rand(r, n, -1, 0)) return 0;
00260 } while (BN_cmp(r, range) >= 0);
00261 }
00262
00263 return 1;
00264 }
00265 #endif
00266
00267 #if !defined(HAVE_BN_RAND_RANGE)
00268 int
00269 BN_rand_range(BIGNUM *r, BIGNUM *range)
00270 {
00271 return bn_rand_range(0, r, range);
00272 }
00273 #endif
00274
00275 #if !defined(HAVE_BN_PSEUDO_RAND_RANGE)
00276 int
00277 BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range)
00278 {
00279 return bn_rand_range(1, r, range);
00280 }
00281 #endif
00282
00283 #if !defined(HAVE_CONF_GET1_DEFAULT_CONFIG_FILE)
00284 #define OPENSSL_CONF "openssl.cnf"
00285 char *
00286 CONF_get1_default_config_file(void)
00287 {
00288 char *file;
00289 int len;
00290
00291 file = getenv("OPENSSL_CONF");
00292 if (file) return BUF_strdup(file);
00293 len = strlen(X509_get_default_cert_area());
00294 #ifndef OPENSSL_SYS_VMS
00295 len++;
00296 #endif
00297 len += strlen(OPENSSL_CONF);
00298 file = OPENSSL_malloc(len + 1);
00299 if (!file) return NULL;
00300 strcpy(file,X509_get_default_cert_area());
00301 #ifndef OPENSSL_SYS_VMS
00302 strcat(file,"/");
00303 #endif
00304 strcat(file,OPENSSL_CONF);
00305
00306 return file;
00307 }
00308 #endif
00309
00310 #if !defined(HAVE_PEM_DEF_CALLBACK)
00311 #define OSSL_PASS_MIN_LENGTH 4
00312 int
00313 PEM_def_callback(char *buf, int num, int w, void *key)
00314 {
00315 int i,j;
00316 const char *prompt;
00317
00318 if (key) {
00319 i = strlen(key);
00320 i = (i > num) ? num : i;
00321 memcpy(buf, key, i);
00322 return i;
00323 }
00324
00325 prompt = EVP_get_pw_prompt();
00326 if (prompt == NULL) prompt = "Enter PEM pass phrase:";
00327 for (;;) {
00328 i = EVP_read_pw_string(buf, num, prompt, w);
00329 if (i != 0) {
00330 memset(buf, 0, (unsigned int)num);
00331 return(-1);
00332 }
00333 j = strlen(buf);
00334 if (j < OSSL_PASS_MIN_LENGTH) {
00335 fprintf(stderr,
00336 "phrase is too short, needs to be at least %d chars\n",
00337 OSSL_PASS_MIN_LENGTH);
00338 }
00339 else break;
00340 }
00341 return j;
00342 }
00343 #endif
00344
00345