Lines 104-110
Link Here
|
104 |
using v8::Undefined; |
104 |
using v8::Undefined; |
105 |
using v8::Value; |
105 |
using v8::Value; |
106 |
|
106 |
|
107 |
#ifdef OPENSSL_NO_OCB |
107 |
#if defined (OPENSSL_NO_OCB) || defined (LIBRESSL_VERSION_NUMBER) |
108 |
# define IS_OCB_MODE(mode) false |
108 |
# define IS_OCB_MODE(mode) false |
109 |
#else |
109 |
#else |
110 |
# define IS_OCB_MODE(mode) ((mode) == EVP_CIPH_OCB_MODE) |
110 |
# define IS_OCB_MODE(mode) ((mode) == EVP_CIPH_OCB_MODE) |
Lines 539-545
Link Here
|
539 |
|
539 |
|
540 |
// A maxVersion of 0 means "any", but OpenSSL may support TLS versions that |
540 |
// A maxVersion of 0 means "any", but OpenSSL may support TLS versions that |
541 |
// Node.js doesn't, so pin the max to what we do support. |
541 |
// Node.js doesn't, so pin the max to what we do support. |
|
|
542 |
#if defined (LIBRESSL_VERSION_NUMBER) |
543 |
#if defined (LIBRESSL_HAS_TLS1_3) |
542 |
const int MAX_SUPPORTED_VERSION = TLS1_3_VERSION; |
544 |
const int MAX_SUPPORTED_VERSION = TLS1_3_VERSION; |
|
|
545 |
#else |
546 |
const int MAX_SUPPORTED_VERSION = TLS1_2_VERSION; |
547 |
#endif |
548 |
#else |
549 |
const int MAX_SUPPORTED_VERSION = TLS1_3_VERSION; |
550 |
#endif |
543 |
|
551 |
|
544 |
void SecureContext::Init(const FunctionCallbackInfo<Value>& args) { |
552 |
void SecureContext::Init(const FunctionCallbackInfo<Value>& args) { |
545 |
SecureContext* sc; |
553 |
SecureContext* sc; |
Lines 760-770
Link Here
|
760 |
|
768 |
|
761 |
const node::Utf8Value sigalgs(env->isolate(), args[0]); |
769 |
const node::Utf8Value sigalgs(env->isolate(), args[0]); |
762 |
|
770 |
|
|
|
771 |
#ifndef LIBRESSL_VERSION_NUMBER |
763 |
int rv = SSL_CTX_set1_sigalgs_list(sc->ctx_.get(), *sigalgs); |
772 |
int rv = SSL_CTX_set1_sigalgs_list(sc->ctx_.get(), *sigalgs); |
764 |
|
773 |
|
765 |
if (rv == 0) { |
774 |
if (rv == 0) { |
766 |
return ThrowCryptoError(env, ERR_get_error()); |
775 |
return ThrowCryptoError(env, ERR_get_error()); |
767 |
} |
776 |
} |
|
|
777 |
#endif |
768 |
} |
778 |
} |
769 |
|
779 |
|
770 |
#ifndef OPENSSL_NO_ENGINE |
780 |
#ifndef OPENSSL_NO_ENGINE |
Lines 1181-1186
Link Here
|
1181 |
CHECK(args[0]->IsString()); |
1191 |
CHECK(args[0]->IsString()); |
1182 |
|
1192 |
|
1183 |
const node::Utf8Value ciphers(args.GetIsolate(), args[0]); |
1193 |
const node::Utf8Value ciphers(args.GetIsolate(), args[0]); |
|
|
1194 |
#ifdef LIBRESSL_VERSION_NUMBER |
1195 |
return env->ThrowError("SSL_CTX_set_ciphersuites not supported in libressl"); |
1196 |
#else |
1184 |
if (!SSL_CTX_set_ciphersuites(sc->ctx_.get(), *ciphers)) { |
1197 |
if (!SSL_CTX_set_ciphersuites(sc->ctx_.get(), *ciphers)) { |
1185 |
unsigned long err = ERR_get_error(); // NOLINT(runtime/int) |
1198 |
unsigned long err = ERR_get_error(); // NOLINT(runtime/int) |
1186 |
if (!err) { |
1199 |
if (!err) { |
Lines 1190-1195
Link Here
|
1190 |
return ThrowCryptoError(env, err); |
1203 |
return ThrowCryptoError(env, err); |
1191 |
} |
1204 |
} |
1192 |
#endif |
1205 |
#endif |
|
|
1206 |
#endif |
1193 |
} |
1207 |
} |
1194 |
|
1208 |
|
1195 |
|
1209 |
|
Lines 2078-2083
Link Here
|
2078 |
info->Set(env->context(), env->pubkey_string(), pubbuff).Check(); |
2092 |
info->Set(env->context(), env->pubkey_string(), pubbuff).Check(); |
2079 |
} else if (ec) { |
2093 |
} else if (ec) { |
2080 |
const EC_GROUP* group = EC_KEY_get0_group(ec.get()); |
2094 |
const EC_GROUP* group = EC_KEY_get0_group(ec.get()); |
|
|
2095 |
#ifndef LIBRESSL_VERSION_NUMBER |
2081 |
if (group != nullptr) { |
2096 |
if (group != nullptr) { |
2082 |
int bits = EC_GROUP_order_bits(group); |
2097 |
int bits = EC_GROUP_order_bits(group); |
2083 |
if (bits > 0) { |
2098 |
if (bits > 0) { |
Lines 2085-2090
Link Here
|
2085 |
Integer::New(env->isolate(), bits)).Check(); |
2100 |
Integer::New(env->isolate(), bits)).Check(); |
2086 |
} |
2101 |
} |
2087 |
} |
2102 |
} |
|
|
2103 |
#endif |
2088 |
|
2104 |
|
2089 |
const EC_POINT* pubkey = EC_KEY_get0_public_key(ec.get()); |
2105 |
const EC_POINT* pubkey = EC_KEY_get0_public_key(ec.get()); |
2090 |
Local<Object> buf; |
2106 |
Local<Object> buf; |
Lines 2473-2478
Link Here
|
2473 |
|
2489 |
|
2474 |
template <class Base> |
2490 |
template <class Base> |
2475 |
void SSLWrap<Base>::GetTLSTicket(const FunctionCallbackInfo<Value>& args) { |
2491 |
void SSLWrap<Base>::GetTLSTicket(const FunctionCallbackInfo<Value>& args) { |
|
|
2492 |
#ifdef LIBRESSL_VERSION_NUMBER |
2493 |
return; |
2494 |
#else |
2476 |
Base* w; |
2495 |
Base* w; |
2477 |
ASSIGN_OR_RETURN_UNWRAP(&w, args.Holder()); |
2496 |
ASSIGN_OR_RETURN_UNWRAP(&w, args.Holder()); |
2478 |
Environment* env = w->ssl_env(); |
2497 |
Environment* env = w->ssl_env(); |
Lines 2492-2497
Link Here
|
2492 |
env, reinterpret_cast<const char*>(ticket), length).ToLocalChecked(); |
2511 |
env, reinterpret_cast<const char*>(ticket), length).ToLocalChecked(); |
2493 |
|
2512 |
|
2494 |
args.GetReturnValue().Set(buff); |
2513 |
args.GetReturnValue().Set(buff); |
|
|
2514 |
#endif |
2495 |
} |
2515 |
} |
2496 |
|
2516 |
|
2497 |
|
2517 |
|
Lines 2685-2691
Link Here
|
2685 |
const char* cipher_name = SSL_CIPHER_get_name(c); |
2705 |
const char* cipher_name = SSL_CIPHER_get_name(c); |
2686 |
info->Set(context, env->name_string(), |
2706 |
info->Set(context, env->name_string(), |
2687 |
OneByteString(args.GetIsolate(), cipher_name)).Check(); |
2707 |
OneByteString(args.GetIsolate(), cipher_name)).Check(); |
|
|
2708 |
#ifdef LIBRESSL_VERSION_NUMBER |
2709 |
const char* cipher_standard_name = "(NONE)"; |
2710 |
#else |
2688 |
const char* cipher_standard_name = SSL_CIPHER_standard_name(c); |
2711 |
const char* cipher_standard_name = SSL_CIPHER_standard_name(c); |
|
|
2712 |
#endif |
2689 |
info->Set(context, env->standard_name_string(), |
2713 |
info->Set(context, env->standard_name_string(), |
2690 |
OneByteString(args.GetIsolate(), cipher_standard_name)).Check(); |
2714 |
OneByteString(args.GetIsolate(), cipher_standard_name)).Check(); |
2691 |
const char* cipher_version = SSL_CIPHER_get_version(c); |
2715 |
const char* cipher_version = SSL_CIPHER_get_version(c); |
Lines 2702-2709
Link Here
|
2702 |
Environment* env = w->ssl_env(); |
2726 |
Environment* env = w->ssl_env(); |
2703 |
|
2727 |
|
2704 |
SSL* ssl = w->ssl_.get(); |
2728 |
SSL* ssl = w->ssl_.get(); |
|
|
2729 |
#ifdef LIBRESSL_VERSION_NUMBER |
2730 |
int nsig = 0; |
2731 |
#else |
2705 |
int nsig = SSL_get_shared_sigalgs(ssl, 0, nullptr, nullptr, nullptr, nullptr, |
2732 |
int nsig = SSL_get_shared_sigalgs(ssl, 0, nullptr, nullptr, nullptr, nullptr, |
2706 |
nullptr); |
2733 |
nullptr); |
|
|
2734 |
#endif |
2707 |
MaybeStackBuffer<Local<Value>, 16> ret_arr(nsig); |
2735 |
MaybeStackBuffer<Local<Value>, 16> ret_arr(nsig); |
2708 |
|
2736 |
|
2709 |
for (int i = 0; i < nsig; i++) { |
2737 |
for (int i = 0; i < nsig; i++) { |
Lines 2711-2718
Link Here
|
2711 |
int sign_nid; |
2739 |
int sign_nid; |
2712 |
std::string sig_with_md; |
2740 |
std::string sig_with_md; |
2713 |
|
2741 |
|
|
|
2742 |
#ifndef LIBRESSL_VERSION_NUMBER |
2714 |
SSL_get_shared_sigalgs(ssl, i, &sign_nid, &hash_nid, nullptr, nullptr, |
2743 |
SSL_get_shared_sigalgs(ssl, i, &sign_nid, &hash_nid, nullptr, nullptr, |
2715 |
nullptr); |
2744 |
nullptr); |
|
|
2745 |
#endif |
2716 |
|
2746 |
|
2717 |
switch (sign_nid) { |
2747 |
switch (sign_nid) { |
2718 |
case EVP_PKEY_RSA: |
2748 |
case EVP_PKEY_RSA: |
Lines 2959-2965
Link Here
|
2959 |
info->Set(context, env->servername_string(), str).Check(); |
2989 |
info->Set(context, env->servername_string(), str).Check(); |
2960 |
} |
2990 |
} |
2961 |
|
2991 |
|
|
|
2992 |
#ifdef LIBRESSL_VERSION_NUMBER |
2993 |
const bool ocsp = false; |
2994 |
#else |
2962 |
const bool ocsp = (SSL_get_tlsext_status_type(s) == TLSEXT_STATUSTYPE_ocsp); |
2995 |
const bool ocsp = (SSL_get_tlsext_status_type(s) == TLSEXT_STATUSTYPE_ocsp); |
|
|
2996 |
#endif |
2963 |
info->Set(context, env->ocsp_request_string(), |
2997 |
info->Set(context, env->ocsp_request_string(), |
2964 |
Boolean::New(env->isolate(), ocsp)).Check(); |
2998 |
Boolean::New(env->isolate(), ocsp)).Check(); |
2965 |
|
2999 |
|
Lines 3001-3007
Link Here
|
3001 |
|
3035 |
|
3002 |
// NOTE: reference count is not increased by this API methods |
3036 |
// NOTE: reference count is not increased by this API methods |
3003 |
X509* x509 = SSL_CTX_get0_certificate(sc->ctx_.get()); |
3037 |
X509* x509 = SSL_CTX_get0_certificate(sc->ctx_.get()); |
|
|
3038 |
#ifdef LIBRESSL_VERSION_NUMBER |
3039 |
EVP_PKEY* pkey = NULL; |
3040 |
#else |
3004 |
EVP_PKEY* pkey = SSL_CTX_get0_privatekey(sc->ctx_.get()); |
3041 |
EVP_PKEY* pkey = SSL_CTX_get0_privatekey(sc->ctx_.get()); |
|
|
3042 |
#endif |
3005 |
STACK_OF(X509)* chain; |
3043 |
STACK_OF(X509)* chain; |
3006 |
|
3044 |
|
3007 |
rv = SSL_CTX_get0_chain_certs(sc->ctx_.get(), &chain); |
3045 |
rv = SSL_CTX_get0_chain_certs(sc->ctx_.get(), &chain); |
Lines 3055-3060
Link Here
|
3055 |
|
3093 |
|
3056 |
template <class Base> |
3094 |
template <class Base> |
3057 |
int SSLWrap<Base>::SetCACerts(SecureContext* sc) { |
3095 |
int SSLWrap<Base>::SetCACerts(SecureContext* sc) { |
|
|
3096 |
#ifdef LIBRESSL_VERSION_NUMBER |
3097 |
return 0; |
3098 |
#else |
3058 |
int err = SSL_set1_verify_cert_store(ssl_.get(), |
3099 |
int err = SSL_set1_verify_cert_store(ssl_.get(), |
3059 |
SSL_CTX_get_cert_store(sc->ctx_.get())); |
3100 |
SSL_CTX_get_cert_store(sc->ctx_.get())); |
3060 |
if (err != 1) |
3101 |
if (err != 1) |
Lines 3066-3071
Link Here
|
3066 |
// NOTE: `SSL_set_client_CA_list` takes the ownership of `list` |
3107 |
// NOTE: `SSL_set_client_CA_list` takes the ownership of `list` |
3067 |
SSL_set_client_CA_list(ssl_.get(), list); |
3108 |
SSL_set_client_CA_list(ssl_.get(), list); |
3068 |
return 1; |
3109 |
return 1; |
|
|
3110 |
#endif |
3069 |
} |
3111 |
} |
3070 |
|
3112 |
|
3071 |
template <class Base> |
3113 |
template <class Base> |
Lines 3133-3139
Link Here
|
3133 |
// OpenSSL might modify the pointer, so we need to make a copy before parsing. |
3175 |
// OpenSSL might modify the pointer, so we need to make a copy before parsing. |
3134 |
const unsigned char* p = der_data; |
3176 |
const unsigned char* p = der_data; |
3135 |
pkey->reset(parse(&p, der_len)); |
3177 |
pkey->reset(parse(&p, der_len)); |
|
|
3178 |
#ifdef LIBRESSL_VERSION_NUMBER |
3179 |
OPENSSL_cleanse(der_data, der_len); |
3180 |
OPENSSL_free(der_data); |
3181 |
#else |
3136 |
OPENSSL_clear_free(der_data, der_len); |
3182 |
OPENSSL_clear_free(der_data, der_len); |
|
|
3183 |
#endif |
3137 |
|
3184 |
|
3138 |
return *pkey ? ParseKeyResult::kParseKeyOk : |
3185 |
return *pkey ? ParseKeyResult::kParseKeyOk : |
3139 |
ParseKeyResult::kParseKeyFailed; |
3186 |
ParseKeyResult::kParseKeyFailed; |
Lines 3375-3386
Link Here
|
3375 |
} |
3422 |
} |
3376 |
|
3423 |
|
3377 |
ByteSource::~ByteSource() { |
3424 |
ByteSource::~ByteSource() { |
|
|
3425 |
#ifdef LIBRESSL_VERSION_NUMBER |
3426 |
OPENSSL_cleanse(allocated_data_, size_); |
3427 |
OPENSSL_free(allocated_data_); |
3428 |
#else |
3378 |
OPENSSL_clear_free(allocated_data_, size_); |
3429 |
OPENSSL_clear_free(allocated_data_, size_); |
|
|
3430 |
#endif |
3379 |
} |
3431 |
} |
3380 |
|
3432 |
|
3381 |
ByteSource& ByteSource::operator=(ByteSource&& other) { |
3433 |
ByteSource& ByteSource::operator=(ByteSource&& other) { |
3382 |
if (&other != this) { |
3434 |
if (&other != this) { |
|
|
3435 |
#ifdef LIBRESSL_VERSION_NUMBER |
3436 |
OPENSSL_cleanse(allocated_data_, size_); |
3437 |
OPENSSL_free(allocated_data_); |
3438 |
#else |
3383 |
OPENSSL_clear_free(allocated_data_, size_); |
3439 |
OPENSSL_clear_free(allocated_data_, size_); |
|
|
3440 |
#endif |
3384 |
data_ = other.data_; |
3441 |
data_ = other.data_; |
3385 |
allocated_data_ = other.allocated_data_; |
3442 |
allocated_data_ = other.allocated_data_; |
3386 |
other.allocated_data_ = nullptr; |
3443 |
other.allocated_data_ = nullptr; |
Lines 3864-3870
Link Here
|
3864 |
abv->CopyContents(mem, key_len); |
3921 |
abv->CopyContents(mem, key_len); |
3865 |
this->symmetric_key_ = std::unique_ptr<char, std::function<void(char*)>>(mem, |
3922 |
this->symmetric_key_ = std::unique_ptr<char, std::function<void(char*)>>(mem, |
3866 |
[key_len](char* p) { |
3923 |
[key_len](char* p) { |
|
|
3924 |
#ifdef LIBRESSL_VERSION_NUMBER |
3925 |
OPENSSL_cleanse(p, key_len); |
3926 |
OPENSSL_free(p); |
3927 |
#else |
3867 |
OPENSSL_clear_free(p, key_len); |
3928 |
OPENSSL_clear_free(p, key_len); |
|
|
3929 |
#endif |
3868 |
}); |
3930 |
}); |
3869 |
this->symmetric_key_len_ = key_len; |
3931 |
this->symmetric_key_len_ = key_len; |
3870 |
} |
3932 |
} |
Lines 4840-4847
Link Here
|
4840 |
ret = EVP_DigestFinal_ex(hash->mdctx_.get(), hash->md_value_, |
4902 |
ret = EVP_DigestFinal_ex(hash->mdctx_.get(), hash->md_value_, |
4841 |
&hash->md_len_); |
4903 |
&hash->md_len_); |
4842 |
} else { |
4904 |
} else { |
|
|
4905 |
#ifdef LIBRESSL_VERSION_NUMBER |
4906 |
ret = 0; |
4907 |
#else |
4843 |
ret = EVP_DigestFinalXOF(hash->mdctx_.get(), hash->md_value_, |
4908 |
ret = EVP_DigestFinalXOF(hash->mdctx_.get(), hash->md_value_, |
4844 |
hash->md_len_); |
4909 |
hash->md_len_); |
|
|
4910 |
#endif |
4845 |
} |
4911 |
} |
4846 |
|
4912 |
|
4847 |
if (ret != 1) { |
4913 |
if (ret != 1) { |
Lines 5019-5029
Link Here
|
5019 |
if (base_id == EVP_PKEY_DSA) { |
5085 |
if (base_id == EVP_PKEY_DSA) { |
5020 |
DSA* dsa_key = EVP_PKEY_get0_DSA(pkey.get()); |
5086 |
DSA* dsa_key = EVP_PKEY_get0_DSA(pkey.get()); |
5021 |
// Both r and s are computed mod q, so their width is limited by that of q. |
5087 |
// Both r and s are computed mod q, so their width is limited by that of q. |
|
|
5088 |
#ifdef LIBRESSL_VERSION_NUMBER |
5089 |
bits = BN_num_bits(dsa_key->q); |
5090 |
#else |
5022 |
bits = BN_num_bits(DSA_get0_q(dsa_key)); |
5091 |
bits = BN_num_bits(DSA_get0_q(dsa_key)); |
5023 |
} else if (base_id == EVP_PKEY_EC) { |
5092 |
} else if (base_id == EVP_PKEY_EC) { |
5024 |
EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(pkey.get()); |
5093 |
EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(pkey.get()); |
5025 |
const EC_GROUP* ec_group = EC_KEY_get0_group(ec_key); |
5094 |
const EC_GROUP* ec_group = EC_KEY_get0_group(ec_key); |
5026 |
bits = EC_GROUP_order_bits(ec_group); |
5095 |
bits = EC_GROUP_order_bits(ec_group); |
|
|
5096 |
#endif |
5027 |
} else { |
5097 |
} else { |
5028 |
return kNoDsaSignature; |
5098 |
return kNoDsaSignature; |
5029 |
} |
5099 |
} |
Lines 5048-5055
Link Here
|
5048 |
AllocatedBuffer buf = env->AllocateManaged(2 * n); |
5118 |
AllocatedBuffer buf = env->AllocateManaged(2 * n); |
5049 |
unsigned char* data = reinterpret_cast<unsigned char*>(buf.data()); |
5119 |
unsigned char* data = reinterpret_cast<unsigned char*>(buf.data()); |
5050 |
|
5120 |
|
|
|
5121 |
#ifdef LIBRESSL_VERSION_NUMBER |
5122 |
const ECDSA_SIG* sig = asn1_sig.get(); |
5123 |
const BIGNUM* r = sig->r; |
5124 |
const BIGNUM* s = sig->s; |
5125 |
#else |
5051 |
const BIGNUM* r = ECDSA_SIG_get0_r(asn1_sig.get()); |
5126 |
const BIGNUM* r = ECDSA_SIG_get0_r(asn1_sig.get()); |
5052 |
const BIGNUM* s = ECDSA_SIG_get0_s(asn1_sig.get()); |
5127 |
const BIGNUM* s = ECDSA_SIG_get0_s(asn1_sig.get()); |
|
|
5128 |
#endif |
5053 |
CHECK_EQ(n, static_cast<unsigned int>(BN_bn2binpad(r, data, n))); |
5129 |
CHECK_EQ(n, static_cast<unsigned int>(BN_bn2binpad(r, data, n))); |
5054 |
CHECK_EQ(n, static_cast<unsigned int>(BN_bn2binpad(s, data + n, n))); |
5130 |
CHECK_EQ(n, static_cast<unsigned int>(BN_bn2binpad(s, data + n, n))); |
5055 |
|
5131 |
|
Lines 5262-5271
Link Here
|
5262 |
const unsigned char* input = |
5338 |
const unsigned char* input = |
5263 |
reinterpret_cast<const unsigned char*>(data.data()); |
5339 |
reinterpret_cast<const unsigned char*>(data.data()); |
5264 |
size_t sig_len; |
5340 |
size_t sig_len; |
|
|
5341 |
#ifdef LIBRESSL_VERSION_NUMBER |
5342 |
if (!EVP_DigestSignFinal(mdctx.get(), nullptr, &sig_len)) |
5343 |
return CheckThrow(env, SignBase::Error::kSignPrivateKey); |
5344 |
#else |
5265 |
if (!EVP_DigestSign(mdctx.get(), nullptr, &sig_len, input, data.length())) |
5345 |
if (!EVP_DigestSign(mdctx.get(), nullptr, &sig_len, input, data.length())) |
5266 |
return CheckThrow(env, SignBase::Error::kSignPrivateKey); |
5346 |
return CheckThrow(env, SignBase::Error::kSignPrivateKey); |
|
|
5347 |
#endif |
5267 |
|
5348 |
|
5268 |
AllocatedBuffer signature = env->AllocateManaged(sig_len); |
5349 |
AllocatedBuffer signature = env->AllocateManaged(sig_len); |
|
|
5350 |
#ifdef LIBRESSL_VERSION_NUMBER |
5351 |
if (!EVP_DigestSignFinal(mdctx.get(), |
5352 |
reinterpret_cast<unsigned char*>(signature.data()), |
5353 |
&sig_len)) { |
5354 |
return CheckThrow(env, SignBase::Error::kSignPrivateKey); |
5355 |
} |
5356 |
#else |
5269 |
if (!EVP_DigestSign(mdctx.get(), |
5357 |
if (!EVP_DigestSign(mdctx.get(), |
5270 |
reinterpret_cast<unsigned char*>(signature.data()), |
5358 |
reinterpret_cast<unsigned char*>(signature.data()), |
5271 |
&sig_len, |
5359 |
&sig_len, |
Lines 5273-5278
Link Here
|
5273 |
data.length())) { |
5361 |
data.length())) { |
5274 |
return CheckThrow(env, SignBase::Error::kSignPrivateKey); |
5362 |
return CheckThrow(env, SignBase::Error::kSignPrivateKey); |
5275 |
} |
5363 |
} |
|
|
5364 |
#endif |
5276 |
|
5365 |
|
5277 |
signature.Resize(sig_len); |
5366 |
signature.Resize(sig_len); |
5278 |
|
5367 |
|
Lines 5461-5472
Link Here
|
5461 |
} |
5550 |
} |
5462 |
|
5551 |
|
5463 |
bool verify_result; |
5552 |
bool verify_result; |
|
|
5553 |
#ifdef LIBRESSL_VERSION_NUMBER |
5554 |
const int r = EVP_DigestVerifyFinal( |
5555 |
mdctx.get(), |
5556 |
reinterpret_cast<const unsigned char*>(sig_bytes.get()), |
5557 |
sig_bytes.size()); |
5558 |
#else |
5464 |
const int r = EVP_DigestVerify( |
5559 |
const int r = EVP_DigestVerify( |
5465 |
mdctx.get(), |
5560 |
mdctx.get(), |
5466 |
reinterpret_cast<const unsigned char*>(sig_bytes.get()), |
5561 |
reinterpret_cast<const unsigned char*>(sig_bytes.get()), |
5467 |
sig_bytes.size(), |
5562 |
sig_bytes.size(), |
5468 |
reinterpret_cast<const unsigned char*>(data.data()), |
5563 |
reinterpret_cast<const unsigned char*>(data.data()), |
5469 |
data.length()); |
5564 |
data.length()); |
|
|
5565 |
#endif |
5470 |
switch (r) { |
5566 |
switch (r) { |
5471 |
case 1: |
5567 |
case 1: |
5472 |
verify_result = true; |
5568 |
verify_result = true; |
Lines 6350-6356
Link Here
|
6350 |
} |
6446 |
} |
6351 |
|
6447 |
|
6352 |
|
6448 |
|
6353 |
#ifndef OPENSSL_NO_SCRYPT |
6449 |
#if !( defined(OPENSSL_NO_SCRYPT) || defined(LIBRESSL_VERSION_NUMBER) ) |
6354 |
struct ScryptJob : public CryptoJob { |
6450 |
struct ScryptJob : public CryptoJob { |
6355 |
unsigned char* keybuf_data; |
6451 |
unsigned char* keybuf_data; |
6356 |
size_t keybuf_size; |
6452 |
size_t keybuf_size; |
Lines 7098-7104
Link Here
|
7098 |
} |
7194 |
} |
7099 |
|
7195 |
|
7100 |
void InitCryptoOnce() { |
7196 |
void InitCryptoOnce() { |
7101 |
#ifndef OPENSSL_IS_BORINGSSL |
7197 |
#if !( defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER) ) |
7102 |
OPENSSL_INIT_SETTINGS* settings = OPENSSL_INIT_new(); |
7198 |
OPENSSL_INIT_SETTINGS* settings = OPENSSL_INIT_new(); |
7103 |
|
7199 |
|
7104 |
// --openssl-config=... |
7200 |
// --openssl-config=... |
Lines 7278-7284
Link Here
|
7278 |
PublicKeyCipher::Cipher<PublicKeyCipher::kPublic, |
7374 |
PublicKeyCipher::Cipher<PublicKeyCipher::kPublic, |
7279 |
EVP_PKEY_verify_recover_init, |
7375 |
EVP_PKEY_verify_recover_init, |
7280 |
EVP_PKEY_verify_recover>); |
7376 |
EVP_PKEY_verify_recover>); |
7281 |
#ifndef OPENSSL_NO_SCRYPT |
7377 |
#if !( defined(OPENSSL_NO_SCRYPT) || defined(LIBRESSL_VERSION_NUMBER) ) |
7282 |
env->SetMethod(target, "scrypt", Scrypt); |
7378 |
env->SetMethod(target, "scrypt", Scrypt); |
7283 |
#endif // OPENSSL_NO_SCRYPT |
7379 |
#endif // OPENSSL_NO_SCRYPT |
7284 |
} |
7380 |
} |