security: Add support for OpenSSL 1.1.0 API
Change-Id: I8deb4c5c5cbc1755b492ccd12707d83764a91ad7
Refs: #3757
diff --git a/src/security/detail/openssl-helper.cpp b/src/security/detail/openssl-helper.cpp
index 3a7140d..8f8422a 100644
--- a/src/security/detail/openssl-helper.cpp
+++ b/src/security/detail/openssl-helper.cpp
@@ -63,7 +63,11 @@
EVP_PKEY_CTX_free(m_ctx);
}
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL
Bio::Bio(BIO_METHOD* method)
+#else
+Bio::Bio(const BIO_METHOD* method)
+#endif // OPENSSL_VERSION_NUMBER < 0x1010000fL
: m_bio(BIO_new(method))
{
BOOST_ASSERT(m_bio != nullptr);
diff --git a/src/security/detail/openssl-helper.hpp b/src/security/detail/openssl-helper.hpp
index d74bcf6..50f21bc 100644
--- a/src/security/detail/openssl-helper.hpp
+++ b/src/security/detail/openssl-helper.hpp
@@ -80,7 +80,11 @@
{
public:
explicit
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL
Bio(BIO_METHOD* method);
+#else
+ Bio(const BIO_METHOD* method);
+#endif // OPENSSL_VERSION_NUMBER < 0x1010000fL
~Bio();
diff --git a/src/security/transform/hmac-filter.cpp b/src/security/transform/hmac-filter.cpp
index 10dc0a7..d45cd85 100644
--- a/src/security/transform/hmac-filter.cpp
+++ b/src/security/transform/hmac-filter.cpp
@@ -29,6 +29,7 @@
class HmacFilter::Impl
{
public:
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL
Impl()
{
HMAC_CTX_init(&m_context);
@@ -39,8 +40,32 @@
HMAC_CTX_cleanup(&m_context);
}
-public:
+ operator HMAC_CTX*()
+ {
+ return &m_context;
+ }
+
+private:
HMAC_CTX m_context;
+#else
+ Impl()
+ : m_context(HMAC_CTX_new())
+ {
+ }
+
+ ~Impl()
+ {
+ HMAC_CTX_free(m_context);
+ }
+
+ operator HMAC_CTX*()
+ {
+ return m_context;
+ }
+
+private:
+ HMAC_CTX* m_context;
+#endif // OPENSSL_VERSION_NUMBER < 0x1010000fL
};
HmacFilter::HmacFilter(DigestAlgorithm algo, const uint8_t* key, size_t keyLen)
@@ -53,14 +78,14 @@
if (algorithm == nullptr)
BOOST_THROW_EXCEPTION(Error(getIndex(), "Unsupported digest algorithm"));
- if (HMAC_Init_ex(&m_impl->m_context, key, keyLen, algorithm, nullptr) == 0)
+ if (HMAC_Init_ex(*m_impl, key, keyLen, algorithm, nullptr) == 0)
BOOST_THROW_EXCEPTION(Error(getIndex(), "Cannot initialize HMAC"));
}
size_t
HmacFilter::convert(const uint8_t* buf, size_t size)
{
- if (HMAC_Update(&m_impl->m_context, buf, size) == 0)
+ if (HMAC_Update(*m_impl, buf, size) == 0)
BOOST_THROW_EXCEPTION(Error(getIndex(), "Failed to update HMAC"));
return size;
@@ -72,7 +97,7 @@
auto buffer = make_unique<OBuffer>(EVP_MAX_MD_SIZE);
unsigned int mdLen = 0;
- if (HMAC_Final(&m_impl->m_context, &(*buffer)[0], &mdLen) == 0)
+ if (HMAC_Final(*m_impl, &(*buffer)[0], &mdLen) == 0)
BOOST_THROW_EXCEPTION(Error(getIndex(), "Failed to finalize HMAC"));
buffer->erase(buffer->begin() + mdLen, buffer->end());
diff --git a/src/security/transform/private-key.cpp b/src/security/transform/private-key.cpp
index 0c61817..8dfef00 100644
--- a/src/security/transform/private-key.cpp
+++ b/src/security/transform/private-key.cpp
@@ -241,7 +241,11 @@
{
ENSURE_PRIVATE_KEY_LOADED(m_impl->key);
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL
switch (EVP_PKEY_type(m_impl->key->type)) {
+#else
+ switch (EVP_PKEY_base_id(m_impl->key)) {
+#endif // OPENSSL_VERSION_NUMBER < 0x1010000fL
case EVP_PKEY_RSA:
return rsaDecrypt(cipherText, cipherLen);
default:
diff --git a/src/security/transform/public-key.cpp b/src/security/transform/public-key.cpp
index a0116e9..3232e5e 100644
--- a/src/security/transform/public-key.cpp
+++ b/src/security/transform/public-key.cpp
@@ -67,7 +67,11 @@
{
ENSURE_PUBLIC_KEY_LOADED(m_impl->key);
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL
switch (EVP_PKEY_type(m_impl->key->type)) {
+#else
+ switch (EVP_PKEY_base_id(m_impl->key)) {
+#endif // OPENSSL_VERSION_NUMBER < 0x1010000fL
case EVP_PKEY_RSA:
return KeyType::RSA;
case EVP_PKEY_EC:
@@ -137,7 +141,11 @@
{
ENSURE_PUBLIC_KEY_LOADED(m_impl->key);
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL
switch (EVP_PKEY_type(m_impl->key->type)) {
+#else
+ switch (EVP_PKEY_base_id(m_impl->key)) {
+#endif // OPENSSL_VERSION_NUMBER < 0x1010000fL
case EVP_PKEY_RSA:
return rsaEncrypt(plainText, plainLen);
default:
diff --git a/tests/unit-tests/util/random.t.cpp b/tests/unit-tests/util/random.t.cpp
index 18af4ff..62949b6 100644
--- a/tests/unit-tests/util/random.t.cpp
+++ b/tests/unit-tests/util/random.t.cpp
@@ -158,10 +158,18 @@
}
private: // RAND_METHOD callbacks
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL
static void
seed(const void* buf, int num)
{
}
+#else
+ static int
+ seed(const void* buf, int num)
+ {
+ return 0;
+ }
+#endif // OPENSSL_VERSION_NUMBER < 0x1010000fL
static int
bytes(unsigned char *buf, int num)
@@ -174,10 +182,18 @@
{
}
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL
static void
add(const void *buf, int num, double entropy)
{
}
+#else
+ static int
+ add(const void *buf, int num, double entropy)
+ {
+ return 0;
+ }
+#endif // OPENSSL_VERSION_NUMBER < 0x1010000fL
static int
pseudorand(unsigned char *buf, int num)