OpenSSL latest version changes fixed

75c0e6e6 · Yann Garcia · d4c294c8 · 75c0e6e6 · 75c0e6e6 · 75c0e6e6
Commit 75c0e6e6 authored Jun 25, 2020 by Yann Garcia
--- a/ccsrc/Protocols/Security/hmac.cc
+++ b/ccsrc/Protocols/Security/hmac.cc
@@ -28,20 +28,19 @@ int hmac::generate(const unsigned char* p_buffer, const size_t p_buffer_length,
  if ((p_buffer == nullptr) || (p_secret_key == nullptr)) {
    return -1;
  }
-  ::HMAC_CTX_reset(_ctx);

  p_hmac = int2oct(0, EVP_MAX_MD_SIZE);
  if (_hash_algorithms == hash_algorithms::sha_256) {
-    ::HMAC_Init_ex(_ctx, (const void*)p_secret_key, (long unsigned int)p_secret_key_length, EVP_sha256(), NULL);
+    ::HMAC_Init_ex(&_ctx, (const void*)p_secret_key, (long unsigned int)p_secret_key_length, EVP_sha256(), NULL);
  } else if (_hash_algorithms == hash_algorithms::sha_384) {
-    ::HMAC_Init_ex(_ctx, (const void*)p_secret_key, (long unsigned int)p_secret_key_length, EVP_sha384(), NULL);
+    ::HMAC_Init_ex(&_ctx, (const void*)p_secret_key, (long unsigned int)p_secret_key_length, EVP_sha384(), NULL);
  } else { // TODO To be continued
    return -1;
  }
  // Compute the hash value
-  ::HMAC_Update(_ctx, p_buffer, p_buffer_length);
+  ::HMAC_Update(&_ctx, p_buffer, p_buffer_length);
  unsigned int length = p_hmac.lengthof();
-  ::HMAC_Final(_ctx, (unsigned char*)static_cast<const unsigned char*>(p_hmac), &length);
+  ::HMAC_Final(&_ctx, (unsigned char*)static_cast<const unsigned char*>(p_hmac), &length);
  loggers::get_instance().log_to_hexa("hmac::generate: ", (unsigned char*)static_cast<const unsigned char*>(p_hmac), length);
  // Resize the hmac
  if (_hash_algorithms == hash_algorithms::sha_256) {

--- a/ccsrc/Protocols/Security/hmac.hh
+++ b/ccsrc/Protocols/Security/hmac.hh
@@ -29,7 +29,7 @@ enum class hash_algorithms: unsigned char {
 * \brief  This class provides description of HMAC helper methods
 */
 class hmac {
-  HMAC_CTX *_ctx; //! HMAC context
+  HMAC_CTX _ctx; //! HMAC context
  hash_algorithms _hash_algorithms; //! HMAC hash algorithm to use
 public:
  /*!
@@ -37,11 +37,11 @@ public:
   *        Create a new instance of the hmac class
   * \param[in] p_hash_algorithms The hash algorithm to be used to compute the HMAC. Default: sha_256
   */
-  hmac(const hash_algorithms p_hash_algorithms = hash_algorithms::sha_256): _ctx{::HMAC_CTX_new()}, _hash_algorithms(p_hash_algorithms) { };
+  hmac(const hash_algorithms p_hash_algorithms = hash_algorithms::sha_256): _ctx{}, _hash_algorithms(p_hash_algorithms) { };
  /*!
   * \brief Default destructor
   */
-  virtual ~hmac() { if (_ctx != nullptr) { ::HMAC_CTX_free(_ctx); }; };
+  virtual ~hmac() { };

  /*!
   * \fn int generate(const OCTETSTRING p_buffer, const OCTETSTRING p_secret_key, OCTETSTRING& p_hmac);

--- a/ccsrc/Protocols/Security/security_ecc.cc
+++ b/ccsrc/Protocols/Security/security_ecc.cc
@@ -791,9 +791,8 @@ int security_ecc::sign(const OCTETSTRING& p_data, OCTETSTRING& p_r_sig, OCTETSTR
    return -1;
  }

-  const BIGNUM* r = nullptr;
-  const BIGNUM* s = nullptr;
-  ::ECDSA_SIG_get0(signature, &r, &s);
+  const BIGNUM* r = signature->r;
+  const BIGNUM* s = signature->s;
  loggers::get_instance().log("security_ecc::sign: r size: %d", BN_num_bytes(r));
  p_r_sig = int2oct(0, BN_num_bytes(r));
  ::BN_bn2bin(r, (unsigned char*)static_cast<const unsigned char*>(p_r_sig));
@@ -823,7 +822,8 @@ int security_ecc::sign_verif(const OCTETSTRING& p_data, const OCTETSTRING& p_sig
  BIGNUM* s = ::BN_bin2bn(static_cast<const unsigned char*>(p_signature) + p_signature.lengthof() / 2, p_signature.lengthof() / 2, nullptr);
  loggers::get_instance().log_to_hexa("security_ecc::sign_verify: s=", static_cast<const unsigned char*>(p_signature) + p_signature.lengthof() / 2, p_signature.lengthof() / 2);
  ECDSA_SIG *signature = ECDSA_SIG_new();
-  ::ECDSA_SIG_set0(signature, r, s);
+  signature->r = r;
+  signature->s = s;
  // Check the signature
  int result = ::ECDSA_do_verify(static_cast<const unsigned char*>(p_data), p_data.lengthof(), signature, _ec_key);
  ::ECDSA_SIG_free(signature);

--- a/data/v3/asn1c_cert.tar.bz2
+++ b/data/v3/asn1c_cert.tar.bz2
--- a/scripts/run_all.bash
+++ b/scripts/run_all.bash
@@ -22,7 +22,7 @@ then
    fi
 fi

-rm ../logs/merged.log.*
+rm ../logs/merged.*.log

 for i in $(seq 1 1 $COUNTER)
 do
@@ -36,8 +36,8 @@ do
        dup=$(ps -ef | grep "$0" | grep -v grep | wc -l)
    done
    sleep 1
-    
-    mv ../logs/merged.log ../logs/merged.log.`date +'%Y%m%d%S'`
+
+    mv ../logs/merged.log ../logs/merged.`date +'%Y%m%d%S'`.log
 done

 exit 0

--- a/tools/itscertgen/asn1certgen/asn1certgen.xslt
+++ b/tools/itscertgen/asn1certgen/asn1certgen.xslt
@@ -11,7 +11,7 @@
                xmlns:date="http://exslt.org/dates-and-times"
                extension-element-prefixes="date"                
                >
- <xsl:variable name="base-time"       select="'2019-01-01'"/>
+ <xsl:variable name="base-time"       select="'2020-01-01'"/>
 <xsl:variable name="local-region"    select="250"/>
 <xsl:variable name="base-latitude"   select="436169490.0"/>
 <xsl:variable name="base-longitude"  select="70533080.0"/>
@@ -742,4 +742,4 @@
    </xsl:if>
  </xsl:template>

-</xsl:stylesheet>
\ No newline at end of file
+</xsl:stylesheet>
--- a/tools/itscertgen/asn1certgen/ecc_openssl.c
+++ b/tools/itscertgen/asn1certgen/ecc_openssl.c
@@ -459,7 +459,9 @@ int    ecc_verify(void * key, const char * hash, int hlength, const char *r, con
 		sr = BN_new(); ss = BN_new();
 		BN_bin2bn(r, fsize, sr);
 		BN_bin2bn(s, fsize, ss);
-		ECDSA_SIG_set0(ecdsa, sr, ss);
+    ecdsa->r = sr;
+    ecdsa->s = ss;
+    //		ECDSA_SIG_set0(ecdsa, sr, ss);
 		rc = ECDSA_do_verify(hash, hlength, ecdsa, eckey);
 		ECDSA_SIG_free(ecdsa);
 		BN_free(sr); BN_free(ss);

--- a/LibIts @ 8fb37587
+++ b/LibIts @ 8fb37587
-Subproject commit 26b8f58bf5d2d4a09b9e63061a6d871a927f8985
+Subproject commit 8fb3758701b5268c91b21bf87a1f68ae4387a108