Crypto and NetSSL fixes for OpenSSL 1.1

Crypto/include/Poco/Crypto/DigestEngine.h

@@ -61,7 +61,7 @@ protected:
 	
 private:
 	std::string _name;
-	EVP_MD_CTX* _ctx;
+	EVP_MD_CTX* _pContext;
 	Poco::DigestEngine::Digest _digest;
 	OpenSSLInitializer _openSSLInitializer;
 };

Crypto/src/CipherImpl.cpp

@@ -77,7 +77,11 @@ namespace
 
 	private:
 		const EVP_CIPHER* _pCipher;
-		EVP_CIPHER_CTX    _ctx;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		EVP_CIPHER_CTX*   _pContext;
+#else
+		EVP_CIPHER_CTX    _context;
+#endif
 		ByteVec           _key;
 		ByteVec           _iv;
 	};
@@ -92,30 +96,52 @@ namespace
 		_key(key),
 		_iv(iv)
 	{
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		_pContext = EVP_CIPHER_CTX_new();
 		EVP_CipherInit(
-			&_ctx,
+			_pContext,
 			_pCipher,
 			&_key[0],
 			_iv.empty() ? 0 : &_iv[0],
 			(dir == DIR_ENCRYPT) ? 1 : 0);
+#else
+		EVP_CipherInit(
+			&_context,
+			_pCipher,
+			&_key[0],
+			_iv.empty() ? 0 : &_iv[0],
+			(dir == DIR_ENCRYPT) ? 1 : 0);
+#endif
 	}
 
 
 	CryptoTransformImpl::~CryptoTransformImpl()
 	{
-		EVP_CIPHER_CTX_cleanup(&_ctx);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		EVP_CIPHER_CTX_cleanup(_pContext);
+#else
+		EVP_CIPHER_CTX_cleanup(&_context);
+#endif
 	}
 
 
 	std::size_t CryptoTransformImpl::blockSize() const
 	{
-		return EVP_CIPHER_CTX_block_size(&_ctx);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		return EVP_CIPHER_CTX_block_size(_pContext);
+#else
+		return EVP_CIPHER_CTX_block_size(&_context);
+#endif
 	}
 
 	
 	int CryptoTransformImpl::setPadding(int padding)
 	{
-		return EVP_CIPHER_CTX_set_padding(&_ctx, padding);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		return EVP_CIPHER_CTX_block_size(_pContext);
+#else
+		return EVP_CIPHER_CTX_set_padding(&_context, padding);
+#endif
 	}
 	
 
@@ -128,13 +154,21 @@ namespace
 		poco_assert (outputLength >= (inputLength + blockSize() - 1));
 
 		int outLen = static_cast<int>(outputLength);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
 		int rc = EVP_CipherUpdate(
-			&_ctx,
+			_pContext,
 			output,
 			&outLen,
 			input,
 			static_cast<int>(inputLength));
-
+#else
+		int rc = EVP_CipherUpdate(
+			&_context,
+			output,
+			&outLen,
+			input,
+			static_cast<int>(inputLength));
+#endif
 		if (rc == 0)
 			throwError();
 
@@ -153,7 +187,11 @@ namespace
 		// Use the '_ex' version that does not perform implicit cleanup since we
 		// will call EVP_CIPHER_CTX_cleanup() from the dtor as there is no
 		// guarantee that finalize() will be called if an error occurred.
-		int rc = EVP_CipherFinal_ex(&_ctx, output, &len);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		int rc = EVP_CipherFinal_ex(_pContext, output, &len);
+#else
+		int rc = EVP_CipherFinal_ex(&_context, output, &len);
+#endif
 
 		if (rc == 0)
 			throwError();

Crypto/src/DigestEngine.cpp

@@ -23,46 +23,51 @@ namespace Crypto {
 
 
 DigestEngine::DigestEngine(const std::string& name):
-	_name(name)
+	_name(name),
+	_pContext(EVP_MD_CTX_create())
 {
 	const EVP_MD* md = EVP_get_digestbyname(_name.c_str());
 	if (!md) throw Poco::NotFoundException(_name);
-	_ctx = EVP_MD_CTX_create();
-	EVP_DigestInit_ex(_ctx, md, NULL);	
+	EVP_DigestInit_ex(_pContext, md, NULL);	
 }
 
 	
 DigestEngine::~DigestEngine()
 {
-	EVP_MD_CTX_destroy(_ctx);
+	EVP_MD_CTX_destroy(_pContext);
 }
 
 int DigestEngine::nid() const
 {
-	return EVP_MD_nid(_ctx->digest);
+	return EVP_MD_nid(EVP_MD_CTX_md(_pContext));
 }
 
 std::size_t DigestEngine::digestLength() const
 {
-	return EVP_MD_CTX_size(_ctx);
+	return EVP_MD_CTX_size(_pContext);
 }
 
 
 void DigestEngine::reset()
 {
-	EVP_MD_CTX_cleanup(_ctx);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	EVP_MD_CTX_free(_pContext);
+	_pContext = EVP_MD_CTX_create();
+#else
+	EVP_MD_CTX_cleanup(_pContext);
+#endif
 	const EVP_MD* md = EVP_get_digestbyname(_name.c_str());
 	if (!md) throw Poco::NotFoundException(_name);
-	EVP_DigestInit_ex(_ctx, md, NULL);
+	EVP_DigestInit_ex(_pContext, md, NULL);
 }
 
 
 const Poco::DigestEngine::Digest& DigestEngine::digest()
 {
 	_digest.clear();
-	unsigned len = EVP_MD_CTX_size(_ctx);
+	unsigned len = EVP_MD_CTX_size(_pContext);
 	_digest.resize(len);
-	EVP_DigestFinal_ex(_ctx, &_digest[0], &len);
+	EVP_DigestFinal_ex(_pContext, &_digest[0], &len);
 	reset();
 	return _digest;
 }
@@ -70,7 +75,7 @@ const Poco::DigestEngine::Digest& DigestEngine::digest()
 
 void DigestEngine::updateImpl(const void* data, std::size_t length)
 {
-	EVP_DigestUpdate(_ctx, data, length);
+	EVP_DigestUpdate(_pContext, data, length);
 }
 
 

Crypto/src/RSAKeyImpl.cpp

@@ -207,19 +207,43 @@ int RSAKeyImpl::size() const
 
 RSAKeyImpl::ByteVec RSAKeyImpl::modulus() const
 {
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	const BIGNUM* n = 0;
+	const BIGNUM* e = 0;
+	const BIGNUM* d = 0;
+	RSA_get0_key(_pRSA, &n, &e, &d);
+	return convertToByteVec(n);
+#else
 	return convertToByteVec(_pRSA->n);
+#endif
 }
 
 
 RSAKeyImpl::ByteVec RSAKeyImpl::encryptionExponent() const
 {
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	const BIGNUM* n = 0;
+	const BIGNUM* e = 0;
+	const BIGNUM* d = 0;
+	RSA_get0_key(_pRSA, &n, &e, &d);
+	return convertToByteVec(e);
+#else
 	return convertToByteVec(_pRSA->e);
+#endif
 }
 
 
 RSAKeyImpl::ByteVec RSAKeyImpl::decryptionExponent() const
 {
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	const BIGNUM* n = 0;
+	const BIGNUM* e = 0;
+	const BIGNUM* d = 0;
+	RSA_get0_key(_pRSA, &n, &e, &d);
+	return convertToByteVec(d);
+#else
 	return convertToByteVec(_pRSA->d);
+#endif
 }
 
 

Crypto/src/X509Certificate.cpp

@@ -59,7 +59,11 @@ X509Certificate::X509Certificate(X509* pCert, bool shared):
 	
 	if (shared)
 	{
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		X509_up_ref(_pCert);
+#else
 		_pCert->references++;
+#endif
 	}
 
 	init();

NetSSL_OpenSSL/src/Context.cpp

@@ -494,6 +494,17 @@ void Context::initDH(const std::string& dhParamsFile)
 			std::string msg = Utility::getLastError();
 			throw SSLContextException("Error creating Diffie-Hellman parameters", msg);
 		}
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		BIGNUM* p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
+		BIGNUM* g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
+		DH_set0_pqg(dh, p, 0, g);
+		DH_set_length(dh, 160);
+		if (!p || !g)
+		{
+			DH_free(dh);
+			throw SSLContextException("Error creating Diffie-Hellman parameters");
+		}
+#else
 		dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
 		dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
 		dh->length = 160;
@@ -502,6 +513,7 @@ void Context::initDH(const std::string& dhParamsFile)
 			DH_free(dh);
 			throw SSLContextException("Error creating Diffie-Hellman parameters");
 		}
+#endif
 	}
 	SSL_CTX_set_tmp_dh(_pSSLContext, dh);
 	SSL_CTX_set_options(_pSSLContext, SSL_OP_SINGLE_DH_USE);