1From c14d9bf71753a38df57cc6538b22ed389d2c2cb1 Mon Sep 17 00:00:00 2001 2From: Khem Raj <raj.khem@gmail.com> 3Date: Tue, 4 Sep 2018 17:18:51 -0700 4Subject: [PATCH] Support OpenSSL 1.1.0 5 6Taken from https://github.com/x42/liboauth/issues/9 7 8Upstream-Status: Submitted[https://github.com/x42/liboauth/issues/9] 9Signed-off-by: Khem Raj <raj.khem@gmail.com> 10--- 11 src/hash.c | 65 ++++++++++++++++++++++++++++++++++++------------------ 12 1 file changed, 44 insertions(+), 21 deletions(-) 13 14diff --git a/src/hash.c b/src/hash.c 15index 17ff5c8..e128826 100644 16--- a/src/hash.c 17+++ b/src/hash.c 18@@ -362,6 +362,11 @@ looser: 19 #include "oauth.h" // base64 encode fn's. 20 #include <openssl/hmac.h> 21 22+#if OPENSSL_VERSION_NUMBER < 0x10100000 23+#define EVP_MD_CTX_new EVP_MD_CTX_create 24+#define EVP_MD_CTX_free EVP_MD_CTX_destroy 25+#endif 26+ 27 char *oauth_sign_hmac_sha1 (const char *m, const char *k) { 28 return(oauth_sign_hmac_sha1_raw (m, strlen(m), k, strlen(k))); 29 } 30@@ -386,7 +391,7 @@ char *oauth_sign_rsa_sha1 (const char *m, const char *k) { 31 unsigned char *sig = NULL; 32 unsigned char *passphrase = NULL; 33 unsigned int len=0; 34- EVP_MD_CTX md_ctx; 35+ EVP_MD_CTX *md_ctx; 36 37 EVP_PKEY *pkey; 38 BIO *in; 39@@ -399,24 +404,31 @@ char *oauth_sign_rsa_sha1 (const char *m, const char *k) { 40 return xstrdup("liboauth/OpenSSL: can not read private key"); 41 } 42 43+ md_ctx = EVP_MD_CTX_new(); 44+ if (md_ctx == NULL) { 45+ return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX"); 46+ } 47+ 48 len = EVP_PKEY_size(pkey); 49 sig = (unsigned char*)xmalloc((len+1)*sizeof(char)); 50 51- EVP_SignInit(&md_ctx, EVP_sha1()); 52- EVP_SignUpdate(&md_ctx, m, strlen(m)); 53- if (EVP_SignFinal (&md_ctx, sig, &len, pkey)) { 54+ EVP_SignInit(md_ctx, EVP_sha1()); 55+ EVP_SignUpdate(md_ctx, m, strlen(m)); 56+ if (EVP_SignFinal (md_ctx, sig, &len, pkey)) { 57 char *tmp; 58 sig[len] = '\0'; 59 tmp = oauth_encode_base64(len,sig); 60 OPENSSL_free(sig); 61 EVP_PKEY_free(pkey); 62+ EVP_MD_CTX_free(md_ctx); 63 return tmp; 64 } 65+ EVP_MD_CTX_free(md_ctx); 66 return xstrdup("liboauth/OpenSSL: rsa-sha1 signing failed"); 67 } 68 69 int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) { 70- EVP_MD_CTX md_ctx; 71+ EVP_MD_CTX *md_ctx; 72 EVP_PKEY *pkey; 73 BIO *in; 74 X509 *cert = NULL; 75@@ -437,13 +449,18 @@ int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) { 76 return -2; 77 } 78 79+ md_ctx = EVP_MD_CTX_new(); 80+ if (md_ctx == NULL) { 81+ return -2; 82+ } 83+ 84 b64d= (unsigned char*) xmalloc(sizeof(char)*strlen(s)); 85 slen = oauth_decode_base64(b64d, s); 86 87- EVP_VerifyInit(&md_ctx, EVP_sha1()); 88- EVP_VerifyUpdate(&md_ctx, m, strlen(m)); 89- err = EVP_VerifyFinal(&md_ctx, b64d, slen, pkey); 90- EVP_MD_CTX_cleanup(&md_ctx); 91+ EVP_VerifyInit(md_ctx, EVP_sha1()); 92+ EVP_VerifyUpdate(md_ctx, m, strlen(m)); 93+ err = EVP_VerifyFinal(md_ctx, b64d, slen, pkey); 94+ EVP_MD_CTX_free(md_ctx); 95 EVP_PKEY_free(pkey); 96 xfree(b64d); 97 return (err); 98@@ -455,35 +472,41 @@ int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) { 99 */ 100 char *oauth_body_hash_file(char *filename) { 101 unsigned char fb[BUFSIZ]; 102- EVP_MD_CTX ctx; 103+ EVP_MD_CTX *ctx; 104 size_t len=0; 105 unsigned char *md; 106 FILE *F= fopen(filename, "r"); 107 if (!F) return NULL; 108 109- EVP_MD_CTX_init(&ctx); 110- EVP_DigestInit(&ctx,EVP_sha1()); 111+ ctx = EVP_MD_CTX_new(); 112+ if (ctx == NULL) { 113+ return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX"); 114+ } 115+ EVP_DigestInit(ctx,EVP_sha1()); 116 while (!feof(F) && (len=fread(fb,sizeof(char),BUFSIZ, F))>0) { 117- EVP_DigestUpdate(&ctx, fb, len); 118+ EVP_DigestUpdate(ctx, fb, len); 119 } 120 fclose(F); 121 len=0; 122 md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char)); 123- EVP_DigestFinal(&ctx, md,(unsigned int*) &len); 124- EVP_MD_CTX_cleanup(&ctx); 125+ EVP_DigestFinal(ctx, md,(unsigned int*) &len); 126+ EVP_MD_CTX_free(ctx); 127 return oauth_body_hash_encode(len, md); 128 } 129 130 char *oauth_body_hash_data(size_t length, const char *data) { 131- EVP_MD_CTX ctx; 132+ EVP_MD_CTX *ctx; 133 size_t len=0; 134 unsigned char *md; 135 md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char)); 136- EVP_MD_CTX_init(&ctx); 137- EVP_DigestInit(&ctx,EVP_sha1()); 138- EVP_DigestUpdate(&ctx, data, length); 139- EVP_DigestFinal(&ctx, md,(unsigned int*) &len); 140- EVP_MD_CTX_cleanup(&ctx); 141+ ctx = EVP_MD_CTX_new(); 142+ if (ctx == NULL) { 143+ return xstrdup("liboauth/OpenSSL: failed to allocate EVP_MD_CTX"); 144+ } 145+ EVP_DigestInit(ctx,EVP_sha1()); 146+ EVP_DigestUpdate(ctx, data, length); 147+ EVP_DigestFinal(ctx, md,(unsigned int*) &len); 148+ EVP_MD_CTX_free(ctx); 149 return oauth_body_hash_encode(len, md); 150 } 151 152