Add support for OpenSSL 3

This commit is contained in:
Grégory Soutadé 2022-06-05 15:29:20 +02:00
parent 3d4e6e3918
commit 4f288f4e24
4 changed files with 54 additions and 1 deletions

View File

@ -114,7 +114,8 @@ namespace gourou
CLIENT_GENERIC_EXCEPTION, CLIENT_GENERIC_EXCEPTION,
CLIENT_NETWORK_ERROR, CLIENT_NETWORK_ERROR,
CLIENT_INVALID_PKCS8, CLIENT_INVALID_PKCS8,
CLIENT_FILE_ERROR CLIENT_FILE_ERROR,
CLIENT_OSSL_ERROR,
}; };
enum DRM_REMOVAL_ERROR { enum DRM_REMOVAL_ERROR {

View File

@ -3,6 +3,9 @@ TARGETS=acsmdownloader adept_activate adept_remove adept_loan_mgt
CXXFLAGS=-Wall -fPIC -I$(ROOT)/include -I$(ROOT)/lib/pugixml/src/ CXXFLAGS=-Wall -fPIC -I$(ROOT)/include -I$(ROOT)/lib/pugixml/src/
# OpenSSL 1.1.0 compat
CXXFLAGS += -DOPENSSL_API_COMPAT=0x10100000L
STATIC_DEP= STATIC_DEP=
LDFLAGS=-L$(ROOT) -lcrypto -lzip -lz -lcurl LDFLAGS=-L$(ROOT) -lcrypto -lzip -lz -lcurl

View File

@ -35,6 +35,8 @@
#include <openssl/pkcs12.h> #include <openssl/pkcs12.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <curl/curl.h> #include <curl/curl.h>
@ -45,6 +47,31 @@
#include <libgourou_log.h> #include <libgourou_log.h>
#include "drmprocessorclientimpl.h" #include "drmprocessorclientimpl.h"
DRMProcessorClientImpl::DRMProcessorClientImpl():
legacy(0), deflt(0)
{
#if OPENSSL_VERSION_MAJOR >= 3
legacy = OSSL_PROVIDER_load(NULL, "legacy");
if (!legacy)
EXCEPTION(gourou::CLIENT_OSSL_ERROR, "Error, OpenSSL legacy provider not available");
deflt = OSSL_PROVIDER_load(NULL, "default");
if (!deflt)
EXCEPTION(gourou::CLIENT_OSSL_ERROR, "Error, OpenSSL default provider not available");
#endif
}
DRMProcessorClientImpl::~DRMProcessorClientImpl()
{
#if OPENSSL_VERSION_MAJOR >= 3
if (legacy)
OSSL_PROVIDER_unload(legacy);
if (deflt)
OSSL_PROVIDER_unload(deflt);
#endif
}
/* Digest interface */ /* Digest interface */
void* DRMProcessorClientImpl::createDigest(const std::string& digestName) void* DRMProcessorClientImpl::createDigest(const std::string& digestName)
{ {
@ -289,7 +316,12 @@ void DRMProcessorClientImpl::RSAPrivateEncrypt(const unsigned char* RSAKey, unsi
pkcs12 = d2i_PKCS12(NULL, &RSAKey, RSAKeyLength); pkcs12 = d2i_PKCS12(NULL, &RSAKey, RSAKeyLength);
if (!pkcs12) if (!pkcs12)
EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL)); EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL));
PKCS12_parse(pkcs12, password.c_str(), &pkey, &cert, &ca); PKCS12_parse(pkcs12, password.c_str(), &pkey, &cert, &ca);
if (!pkey)
EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL));
rsa = EVP_PKEY_get1_RSA(pkey); rsa = EVP_PKEY_get1_RSA(pkey);
int ret = RSA_private_encrypt(dataLength, data, res, rsa, RSA_PKCS1_PADDING); int ret = RSA_private_encrypt(dataLength, data, res, rsa, RSA_PKCS1_PADDING);
@ -413,6 +445,9 @@ void DRMProcessorClientImpl::extractCertificate(const unsigned char* RSAKey, uns
EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL)); EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL));
PKCS12_parse(pkcs12, password.c_str(), &pkey, &cert, &ca); PKCS12_parse(pkcs12, password.c_str(), &pkey, &cert, &ca);
if (!cert)
EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL));
*certOutLength = i2d_X509(cert, certOut); *certOutLength = i2d_X509(cert, certOut);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);

View File

@ -31,11 +31,18 @@
#include <string> #include <string>
#if OPENSSL_VERSION_MAJOR >= 3
#include <openssl/provider.h>
#endif
#include <drmprocessorclient.h> #include <drmprocessorclient.h>
class DRMProcessorClientImpl : public gourou::DRMProcessorClient class DRMProcessorClientImpl : public gourou::DRMProcessorClient
{ {
public: public:
DRMProcessorClientImpl();
~DRMProcessorClientImpl();
/* Digest interface */ /* Digest interface */
virtual void* createDigest(const std::string& digestName); virtual void* createDigest(const std::string& digestName);
virtual int digestUpdate(void* handler, unsigned char* data, unsigned int length); virtual int digestUpdate(void* handler, unsigned char* data, unsigned int length);
@ -118,6 +125,13 @@ public:
virtual void deflate(gourou::ByteArray& data, gourou::ByteArray& result, virtual void deflate(gourou::ByteArray& data, gourou::ByteArray& result,
int wbits=-15, int compressionLevel=8); int wbits=-15, int compressionLevel=8);
private:
#if OPENSSL_VERSION_MAJOR >= 3
OSSL_PROVIDER *legacy, *deflt;
#else
void *legacy, *deflt;
#endif
}; };
#endif #endif