00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011 #include RUBY_EXTCONF_H
00012
00013 #if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ST_ENGINE)
00014 # include <openssl/engine.h>
00015 #endif
00016 #include <openssl/x509_vfy.h>
00017
00018 #if !defined(OPENSSL_NO_HMAC)
00019 #include <string.h>
00020 #include <openssl/hmac.h>
00021
00022 #include "openssl_missing.h"
00023
00024 #if !defined(HAVE_HMAC_CTX_COPY)
00025 void
00026 HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in)
00027 {
00028 if (!out || !in) return;
00029 memcpy(out, in, sizeof(HMAC_CTX));
00030
00031 EVP_MD_CTX_copy(&out->md_ctx, &in->md_ctx);
00032 EVP_MD_CTX_copy(&out->i_ctx, &in->i_ctx);
00033 EVP_MD_CTX_copy(&out->o_ctx, &in->o_ctx);
00034 }
00035 #endif
00036 #endif
00037
00038 #if !defined(HAVE_X509_STORE_SET_EX_DATA)
00039
00040 int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data)
00041 {
00042 return CRYPTO_set_ex_data(&str->ex_data, idx, data);
00043 }
00044
00045 void *X509_STORE_get_ex_data(X509_STORE *str, int idx)
00046 {
00047 return CRYPTO_get_ex_data(&str->ex_data, idx);
00048 }
00049 #endif
00050
00051 #if !defined(HAVE_EVP_MD_CTX_CREATE)
00052 EVP_MD_CTX *
00053 EVP_MD_CTX_create(void)
00054 {
00055 EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(EVP_MD_CTX));
00056 if (!ctx) return NULL;
00057
00058 memset(ctx, 0, sizeof(EVP_MD_CTX));
00059
00060 return ctx;
00061 }
00062 #endif
00063
00064 #if !defined(HAVE_EVP_MD_CTX_CLEANUP)
00065 int
00066 EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
00067 {
00068
00069 memset(ctx, 0, sizeof(EVP_MD_CTX));
00070
00071 return 1;
00072 }
00073 #endif
00074
00075 #if !defined(HAVE_EVP_MD_CTX_DESTROY)
00076 void
00077 EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
00078 {
00079 EVP_MD_CTX_cleanup(ctx);
00080 OPENSSL_free(ctx);
00081 }
00082 #endif
00083
00084 #if !defined(HAVE_EVP_MD_CTX_INIT)
00085 void
00086 EVP_MD_CTX_init(EVP_MD_CTX *ctx)
00087 {
00088 memset(ctx, 0, sizeof(EVP_MD_CTX));
00089 }
00090 #endif
00091
00092 #if !defined(HAVE_HMAC_CTX_INIT)
00093 void
00094 HMAC_CTX_init(HMAC_CTX *ctx)
00095 {
00096 EVP_MD_CTX_init(&ctx->i_ctx);
00097 EVP_MD_CTX_init(&ctx->o_ctx);
00098 EVP_MD_CTX_init(&ctx->md_ctx);
00099 }
00100 #endif
00101
00102 #if !defined(HAVE_HMAC_CTX_CLEANUP)
00103 void
00104 HMAC_CTX_cleanup(HMAC_CTX *ctx)
00105 {
00106 EVP_MD_CTX_cleanup(&ctx->i_ctx);
00107 EVP_MD_CTX_cleanup(&ctx->o_ctx);
00108 EVP_MD_CTX_cleanup(&ctx->md_ctx);
00109 memset(ctx, 0, sizeof(HMAC_CTX));
00110 }
00111 #endif
00112
00113 #if !defined(HAVE_EVP_CIPHER_CTX_COPY)
00114
00115
00116
00117
00118
00119 int
00120 EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, EVP_CIPHER_CTX *in)
00121 {
00122 memcpy(out, in, sizeof(EVP_CIPHER_CTX));
00123
00124 #if defined(HAVE_ENGINE_ADD) && defined(HAVE_ST_ENGINE)
00125 if (in->engine) ENGINE_add(out->engine);
00126 if (in->cipher_data) {
00127 out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
00128 memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
00129 }
00130 #endif
00131
00132 return 1;
00133 }
00134 #endif
00135
00136 #if !defined(HAVE_X509_CRL_SET_VERSION)
00137 int
00138 X509_CRL_set_version(X509_CRL *x, long version)
00139 {
00140 if (x == NULL || x->crl == NULL) return 0;
00141 if (x->crl->version == NULL) {
00142 x->crl->version = M_ASN1_INTEGER_new();
00143 if (x->crl->version == NULL) return 0;
00144 }
00145 return ASN1_INTEGER_set(x->crl->version, version);
00146 }
00147 #endif
00148
00149 #if !defined(HAVE_X509_CRL_SET_ISSUER_NAME)
00150 int
00151 X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
00152 {
00153 if (x == NULL || x->crl == NULL) return 0;
00154 return X509_NAME_set(&x->crl->issuer, name);
00155 }
00156 #endif
00157
00158 #if !defined(HAVE_X509_CRL_SORT)
00159 int
00160 X509_CRL_sort(X509_CRL *c)
00161 {
00162 int i;
00163 X509_REVOKED *r;
00164
00165
00166 sk_X509_REVOKED_sort(c->crl->revoked);
00167 for (i=0; i<sk_X509_REVOKED_num(c->crl->revoked); i++) {
00168 r=sk_X509_REVOKED_value(c->crl->revoked, i);
00169 r->sequence=i;
00170 }
00171 return 1;
00172 }
00173 #endif
00174
00175 #if !defined(HAVE_X509_CRL_ADD0_REVOKED)
00176 static int
00177 OSSL_X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b)
00178 {
00179 return(ASN1_STRING_cmp(
00180 (ASN1_STRING *)(*a)->serialNumber,
00181 (ASN1_STRING *)(*b)->serialNumber));
00182 }
00183
00184 int
00185 X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
00186 {
00187 X509_CRL_INFO *inf;
00188
00189 inf = crl->crl;
00190 if (!inf->revoked)
00191 inf->revoked = sk_X509_REVOKED_new(OSSL_X509_REVOKED_cmp);
00192 if (!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev))
00193 return 0;
00194 return 1;
00195 }
00196 #endif
00197
00198 #if !defined(HAVE_BN_MOD_SQR)
00199 int
00200 BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
00201 {
00202 if (!BN_sqr(r, (BIGNUM*)a, ctx)) return 0;
00203 return BN_mod(r, r, m, ctx);
00204 }
00205 #endif
00206
00207 #if !defined(HAVE_BN_MOD_ADD) || !defined(HAVE_BN_MOD_SUB)
00208 int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
00209 {
00210 if (!BN_mod(r,m,d,ctx)) return 0;
00211 if (!r->neg) return 1;
00212 return (d->neg ? BN_sub : BN_add)(r, r, d);
00213 }
00214 #endif
00215
00216 #if !defined(HAVE_BN_MOD_ADD)
00217 int
00218 BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
00219 {
00220 if (!BN_add(r, a, b)) return 0;
00221 return BN_nnmod(r, r, m, ctx);
00222 }
00223 #endif
00224
00225 #if !defined(HAVE_BN_MOD_SUB)
00226 int
00227 BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
00228 {
00229 if (!BN_sub(r, a, b)) return 0;
00230 return BN_nnmod(r, r, m, ctx);
00231 }
00232 #endif
00233
00234 #if !defined(HAVE_BN_RAND_RANGE) || !defined(HAVE_BN_PSEUDO_RAND_RANGE)
00235 static int
00236 bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range)
00237 {
00238 int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand;
00239 int n;
00240
00241 if (range->neg || BN_is_zero(range)) return 0;
00242
00243 n = BN_num_bits(range);
00244
00245 if (n == 1) {
00246 if (!BN_zero(r)) return 0;
00247 } else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) {
00248 do {
00249 if (!bn_rand(r, n + 1, -1, 0)) return 0;
00250 if (BN_cmp(r ,range) >= 0) {
00251 if (!BN_sub(r, r, range)) return 0;
00252 if (BN_cmp(r, range) >= 0)
00253 if (!BN_sub(r, r, range)) return 0;
00254 }
00255 } while (BN_cmp(r, range) >= 0);
00256 } else {
00257 do {
00258 if (!bn_rand(r, n, -1, 0)) return 0;
00259 } while (BN_cmp(r, range) >= 0);
00260 }
00261
00262 return 1;
00263 }
00264 #endif
00265
00266 #if !defined(HAVE_BN_RAND_RANGE)
00267 int
00268 BN_rand_range(BIGNUM *r, BIGNUM *range)
00269 {
00270 return bn_rand_range(0, r, range);
00271 }
00272 #endif
00273
00274 #if !defined(HAVE_BN_PSEUDO_RAND_RANGE)
00275 int
00276 BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range)
00277 {
00278 return bn_rand_range(1, r, range);
00279 }
00280 #endif
00281
00282 #if !defined(HAVE_CONF_GET1_DEFAULT_CONFIG_FILE)
00283 #define OPENSSL_CONF "openssl.cnf"
00284 char *
00285 CONF_get1_default_config_file(void)
00286 {
00287 char *file;
00288 int len;
00289
00290 file = getenv("OPENSSL_CONF");
00291 if (file) return BUF_strdup(file);
00292 len = strlen(X509_get_default_cert_area());
00293 #ifndef OPENSSL_SYS_VMS
00294 len++;
00295 #endif
00296 len += strlen(OPENSSL_CONF);
00297 file = OPENSSL_malloc(len + 1);
00298 if (!file) return NULL;
00299 strcpy(file,X509_get_default_cert_area());
00300 #ifndef OPENSSL_SYS_VMS
00301 strcat(file,"/");
00302 #endif
00303 strcat(file,OPENSSL_CONF);
00304
00305 return file;
00306 }
00307 #endif
00308
00309 #if !defined(HAVE_PEM_DEF_CALLBACK)
00310 #define OSSL_PASS_MIN_LENGTH 4
00311 int
00312 PEM_def_callback(char *buf, int num, int w, void *key)
00313 {
00314 int i,j;
00315 const char *prompt;
00316
00317 if (key) {
00318 i = strlen(key);
00319 i = (i > num) ? num : i;
00320 memcpy(buf, key, i);
00321 return i;
00322 }
00323
00324 prompt = EVP_get_pw_prompt();
00325 if (prompt == NULL) prompt = "Enter PEM pass phrase:";
00326 for (;;) {
00327 i = EVP_read_pw_string(buf, num, prompt, w);
00328 if (i != 0) {
00329 memset(buf, 0, (unsigned int)num);
00330 return(-1);
00331 }
00332 j = strlen(buf);
00333 if (j < OSSL_PASS_MIN_LENGTH) {
00334 fprintf(stderr,
00335 "phrase is too short, needs to be at least %d chars\n",
00336 OSSL_PASS_MIN_LENGTH);
00337 }
00338 else break;
00339 }
00340 return j;
00341 }
00342 #endif
00343
00344