diff --git a/.gitmodules b/.gitmodules index a6847177c0..f434b79f0b 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,6 +1,8 @@ [submodule "openssl"] path = openssl url = https://github.com/pocoproject/openssl + branch = master + [submodule "gradle"] path = gradle url = https://github.com/pocoproject/gradle diff --git a/Crypto/src/CipherKeyImpl.cpp b/Crypto/src/CipherKeyImpl.cpp index 0bd8c2c329..5a547f4abf 100644 --- a/Crypto/src/CipherKeyImpl.cpp +++ b/Crypto/src/CipherKeyImpl.cpp @@ -121,9 +121,6 @@ CipherKeyImpl::Mode CipherKeyImpl::mode() const case EVP_CIPH_GCM_MODE: return MODE_GCM; - - case EVP_CIPH_CCM_MODE: - return MODE_CCM; #endif } throw Poco::IllegalStateException("Unexpected value of EVP_CIPHER_mode()"); diff --git a/Crypto/src/DigestEngine.cpp b/Crypto/src/DigestEngine.cpp index bac2d44e07..b81827d71a 100644 --- a/Crypto/src/DigestEngine.cpp +++ b/Crypto/src/DigestEngine.cpp @@ -12,10 +12,13 @@ // +//Changed for port OpenSSL -> BoringSSL +#if defined(OPENSSL_IS_BORINGSSL) + #include "openssl/digest.h" +#endif #include "Poco/Crypto/DigestEngine.h" #include "Poco/Exception.h" - namespace Poco { namespace Crypto { @@ -37,7 +40,12 @@ DigestEngine::~DigestEngine() int DigestEngine::nid() const { - return EVP_MD_nid(EVP_MD_CTX_md(_pContext)); + //Changed for port OpenSSL -> BoringSSL + #if defined(OPENSSL_IS_BORINGSSL) + return EVP_MD_type(EVP_MD_CTX_md(_pContext)); + #else + return EVP_MD_nid(EVP_MD_CTX_md(_pContext)); + #endif } std::size_t DigestEngine::digestLength() const diff --git a/Crypto/src/PKCS12Container.cpp b/Crypto/src/PKCS12Container.cpp index 5c03a9ff85..5483d53157 100644 --- a/Crypto/src/PKCS12Container.cpp +++ b/Crypto/src/PKCS12Container.cpp @@ -128,26 +128,31 @@ PKCS12Container::~PKCS12Container() std::string PKCS12Container::extractFriendlyName(X509* pCert) { - std::string friendlyName; - if(pCert) - { - STACK_OF(PKCS12_SAFEBAG)*pBags = 0; - PKCS12_SAFEBAG*pBag = PKCS12_add_cert(&pBags, pCert); - if(pBag) - { - char* pBuffer = PKCS12_get_friendlyname(pBag); - if(pBuffer) + //Changed for port OpenSSL -> BoringSSL + #if defined(OPENSSL_IS_BORINGSSL) + throw NotImplementedException(); + #else + std::string friendlyName; + f(pCert) + { + STACK_OF(PKCS12_SAFEBAG)*pBags = 0; + PKCS12_SAFEBAG*pBag = PKCS12_add_cert(&pBags, pCert); + if(pBag) { - friendlyName = pBuffer; - OPENSSL_free(pBuffer); + char* pBuffer = PKCS12_get_friendlyname(pBag); + if(pBuffer) + { + friendlyName = pBuffer; + OPENSSL_free(pBuffer); + } + if(pBags) sk_PKCS12_SAFEBAG_pop_free(pBags, PKCS12_SAFEBAG_free); } - if(pBags) sk_PKCS12_SAFEBAG_pop_free(pBags, PKCS12_SAFEBAG_free); + else throw OpenSSLException("PKCS12Container::extractFriendlyName()"); } - else throw OpenSSLException("PKCS12Container::extractFriendlyName()"); - } - else throw NullPointerException("PKCS12Container::extractFriendlyName()"); + else throw NullPointerException("PKCS12Container::extractFriendlyName()"); - return friendlyName; + return friendlyName; + #endif } diff --git a/Crypto/src/RSACipherImpl.cpp b/Crypto/src/RSACipherImpl.cpp index 5c2e493ed0..27e4a392a4 100644 --- a/Crypto/src/RSACipherImpl.cpp +++ b/Crypto/src/RSACipherImpl.cpp @@ -51,7 +51,12 @@ namespace case RSA_PADDING_PKCS1_OAEP: return RSA_PKCS1_OAEP_PADDING; case RSA_PADDING_SSLV23: - return RSA_SSLV23_PADDING; + //Changed for port OpenSSL -> BoringSSL + #if defined(OPENSSL_IS_BORINGSSL) + throw NotImplementedException(); + #else + return RSA_SSLV23_PADDING; + #endif case RSA_PADDING_NONE: return RSA_NO_PADDING; default: diff --git a/NetSSL_OpenSSL/src/Context.cpp b/NetSSL_OpenSSL/src/Context.cpp index 8815f6d25a..f15c175a0c 100644 --- a/NetSSL_OpenSSL/src/Context.cpp +++ b/NetSSL_OpenSSL/src/Context.cpp @@ -198,7 +198,13 @@ void Context::useCertificate(const Poco::Crypto::X509Certificate& certificate) void Context::addChainCertificate(const Poco::Crypto::X509Certificate& certificate) { - int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, certificate.certificate()); + //Changed for port OpenSSL -> BoringSSL + #if defined(OPENSSL_IS_BORINGSSL) + int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, const_cast(certificate.certificate())); + #else + int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, certificate.certificate()); + #endif + if (errCode != 1) { std::string msg = Utility::getLastError(); @@ -511,25 +517,37 @@ void Context::initDH(const std::string& dhParamsFile) std::string msg = Utility::getLastError(); throw SSLContextException("Error creating Diffie-Hellman parameters", msg); } -#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - BIGNUM* p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0); - BIGNUM* g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0); - DH_set0_pqg(dh, p, 0, g); - DH_set_length(dh, 160); - if (!p || !g) - { - DH_free(dh); - throw SSLContextException("Error creating Diffie-Hellman parameters"); - } -#else + +//Changed for port OpenSSL -> BoringSSL +#if defined(OPENSSL_IS_BORINGSSL) dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0); dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0); - dh->length = 160; if ((!dh->p) || (!dh->g)) { DH_free(dh); throw SSLContextException("Error creating Diffie-Hellman parameters"); } +#else + #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + BIGNUM* p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0); + BIGNUM* g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0); + DH_set0_pqg(dh, p, 0, g); + DH_set_length(dh, 160); + if (!p || !g) + { + DH_free(dh); + throw SSLContextException("Error creating Diffie-Hellman parameters"); + } + #else + dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0); + dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0); + dh->length = 160; + if ((!dh->p) || (!dh->g)) + { + DH_free(dh); + throw SSLContextException("Error creating Diffie-Hellman parameters"); + } + #endif #endif } SSL_CTX_set_tmp_dh(_pSSLContext, dh); diff --git a/openssl b/openssl deleted file mode 160000 index 26b1673caa..0000000000 --- a/openssl +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 26b1673caad94a702b6d694f48f917a283b30777