|
 |
79c0bd |
From 29ea07ef66be59c8ab62058b2ce3e92765e2be10 Mon Sep 17 00:00:00 2001
|
|
|
79c0bd |
From: Milan Broz <gmazyland@gmail.com>
|
|
|
79c0bd |
Date: Mon, 13 Sep 2021 14:48:15 +0200
|
|
|
79c0bd |
Subject: [PATCH 02/11] OpenSSL backend: make legacy for OpenSSL3 optional and
|
|
|
79c0bd |
report loaded providers
|
|
|
79c0bd |
|
|
|
79c0bd |
---
|
|
|
79c0bd |
lib/crypto_backend/crypto_openssl.c | 48 +++++++++++++++++++----------
|
|
|
79c0bd |
1 file changed, 32 insertions(+), 16 deletions(-)
|
|
|
79c0bd |
|
|
|
79c0bd |
diff --git a/lib/crypto_backend/crypto_openssl.c b/lib/crypto_backend/crypto_openssl.c
|
|
|
79c0bd |
index a5ec4048..92eeb33c 100644
|
|
|
79c0bd |
--- a/lib/crypto_backend/crypto_openssl.c
|
|
|
79c0bd |
+++ b/lib/crypto_backend/crypto_openssl.c
|
|
|
79c0bd |
@@ -45,6 +45,7 @@
|
|
|
79c0bd |
static OSSL_PROVIDER *ossl_legacy = NULL;
|
|
|
79c0bd |
static OSSL_PROVIDER *ossl_default = NULL;
|
|
|
79c0bd |
static OSSL_LIB_CTX *ossl_ctx = NULL;
|
|
|
79c0bd |
+static char backend_version[256] = "OpenSSL";
|
|
|
79c0bd |
#endif
|
|
|
79c0bd |
|
|
|
79c0bd |
#define CONST_CAST(x) (x)(uintptr_t)
|
|
|
79c0bd |
@@ -133,12 +134,30 @@ static void HMAC_CTX_free(HMAC_CTX *md)
|
|
|
79c0bd |
free(md);
|
|
|
79c0bd |
}
|
|
|
79c0bd |
#else
|
|
|
79c0bd |
+static void openssl_backend_exit(void)
|
|
|
79c0bd |
+{
|
|
|
79c0bd |
+#if OPENSSL_VERSION_MAJOR >= 3
|
|
|
79c0bd |
+ if (ossl_legacy)
|
|
|
79c0bd |
+ OSSL_PROVIDER_unload(ossl_legacy);
|
|
|
79c0bd |
+ if (ossl_default)
|
|
|
79c0bd |
+ OSSL_PROVIDER_unload(ossl_default);
|
|
|
79c0bd |
+ if (ossl_ctx)
|
|
|
79c0bd |
+ OSSL_LIB_CTX_free(ossl_ctx);
|
|
|
79c0bd |
+
|
|
|
79c0bd |
+ ossl_legacy = NULL;
|
|
|
79c0bd |
+ ossl_default = NULL;
|
|
|
79c0bd |
+ ossl_ctx = NULL;
|
|
|
79c0bd |
+#endif
|
|
|
79c0bd |
+}
|
|
|
79c0bd |
+
|
|
|
79c0bd |
static int openssl_backend_init(void)
|
|
|
79c0bd |
{
|
|
|
79c0bd |
/*
|
|
|
79c0bd |
* OpenSSL >= 3.0.0 provides some algorithms in legacy provider
|
|
|
79c0bd |
*/
|
|
|
79c0bd |
#if OPENSSL_VERSION_MAJOR >= 3
|
|
|
79c0bd |
+ int r;
|
|
|
79c0bd |
+
|
|
|
79c0bd |
ossl_ctx = OSSL_LIB_CTX_new();
|
|
|
79c0bd |
if (!ossl_ctx)
|
|
|
79c0bd |
return -EINVAL;
|
|
|
79c0bd |
@@ -151,30 +170,27 @@ static int openssl_backend_init(void)
|
|
|
79c0bd |
|
|
|
79c0bd |
/* Optional */
|
|
|
79c0bd |
ossl_legacy = OSSL_PROVIDER_try_load(ossl_ctx, "legacy", 0);
|
|
|
79c0bd |
+
|
|
|
79c0bd |
+ r = snprintf(backend_version, sizeof(backend_version), "%s %s%s",
|
|
|
79c0bd |
+ OpenSSL_version(OPENSSL_VERSION),
|
|
|
79c0bd |
+ ossl_default ? "[default]" : "",
|
|
|
79c0bd |
+ ossl_legacy ? "[legacy]" : "");
|
|
|
79c0bd |
+ if (r < 0 || (size_t)r >= sizeof(backend_version)) {
|
|
|
79c0bd |
+ openssl_backend_exit();
|
|
|
79c0bd |
+ return -EINVAL;
|
|
|
79c0bd |
+ }
|
|
|
79c0bd |
#endif
|
|
|
79c0bd |
return 0;
|
|
|
79c0bd |
}
|
|
|
79c0bd |
|
|
|
79c0bd |
-static void openssl_backend_exit(void)
|
|
|
79c0bd |
+static const char *openssl_backend_version(void)
|
|
|
79c0bd |
{
|
|
|
79c0bd |
#if OPENSSL_VERSION_MAJOR >= 3
|
|
|
79c0bd |
- if (ossl_legacy)
|
|
|
79c0bd |
- OSSL_PROVIDER_unload(ossl_legacy);
|
|
|
79c0bd |
- if (ossl_default)
|
|
|
79c0bd |
- OSSL_PROVIDER_unload(ossl_default);
|
|
|
79c0bd |
- if (ossl_ctx)
|
|
|
79c0bd |
- OSSL_LIB_CTX_free(ossl_ctx);
|
|
|
79c0bd |
-
|
|
|
79c0bd |
- ossl_legacy = NULL;
|
|
|
79c0bd |
- ossl_default = NULL;
|
|
|
79c0bd |
- ossl_ctx = NULL;
|
|
|
79c0bd |
+ return backend_version;
|
|
|
79c0bd |
+#else
|
|
|
79c0bd |
+ return OpenSSL_version(OPENSSL_VERSION);
|
|
|
79c0bd |
#endif
|
|
|
79c0bd |
}
|
|
|
79c0bd |
-
|
|
|
79c0bd |
-static const char *openssl_backend_version(void)
|
|
|
79c0bd |
-{
|
|
|
79c0bd |
- return OpenSSL_version(OPENSSL_VERSION);
|
|
|
79c0bd |
-}
|
|
|
79c0bd |
#endif
|
|
|
79c0bd |
|
|
|
79c0bd |
int crypt_backend_init(void)
|
|
|
79c0bd |
--
|
|
|
79c0bd |
2.27.0
|
|
|
79c0bd |
|