Skip to content

Commit 939c83a

Browse files
developernotesdevelopernotes
committed
Support OpenSSL 1.1.0 and prior
1 parent bae72ae commit 939c83a

File tree

1 file changed

+38
-15
lines changed

1 file changed

+38
-15
lines changed

src/crypto_openssl.c

Lines changed: 38 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,29 @@ static unsigned int openssl_external_init = 0;
4646
static unsigned int openssl_init_count = 0;
4747
static sqlite3_mutex* openssl_rand_mutex = NULL;
4848

49+
#if OPENSSL_VERSION_NUMBER < 0x10100000L
50+
static HMAC_CTX *HMAC_CTX_new(void)
51+
{
52+
HMAC_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
53+
if (ctx != NULL) {
54+
HMAC_CTX_init(ctx);
55+
}
56+
return ctx;
57+
}
58+
59+
// Per 1.1.0 (https://wiki.openssl.org/index.php/1.1_API_Changes)
60+
// HMAC_CTX_free should call HMAC_CTX_cleanup, then EVP_MD_CTX_Cleanup.
61+
// HMAC_CTX_cleanup internally calls EVP_MD_CTX_cleanup so these
62+
// calls are not needed.
63+
static void HMAC_CTX_free(HMAC_CTX *ctx)
64+
{
65+
if (ctx != NULL) {
66+
HMAC_CTX_cleanup(ctx);
67+
OPENSSL_free(ctx);
68+
}
69+
}
70+
#endif
71+
4972
static int sqlcipher_openssl_add_random(void *ctx, void *buffer, int length) {
5073
#ifndef SQLCIPHER_OPENSSL_NO_MUTEX_RAND
5174
sqlite3_mutex_enter(openssl_rand_mutex);
@@ -157,14 +180,14 @@ static int sqlcipher_openssl_random (void *ctx, void *buffer, int length) {
157180
}
158181

159182
static int sqlcipher_openssl_hmac(void *ctx, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) {
160-
HMAC_CTX hctx;
161183
unsigned int outlen;
162-
HMAC_CTX_init(&hctx);
163-
HMAC_Init_ex(&hctx, hmac_key, key_sz, EVP_sha1(), NULL);
164-
HMAC_Update(&hctx, in, in_sz);
165-
HMAC_Update(&hctx, in2, in2_sz);
166-
HMAC_Final(&hctx, out, &outlen);
167-
HMAC_CTX_cleanup(&hctx);
184+
HMAC_CTX* hctx = HMAC_CTX_new();
185+
if(hctx == NULL) return SQLITE_ERROR;
186+
HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha1(), NULL);
187+
HMAC_Update(hctx, in, in_sz);
188+
HMAC_Update(hctx, in2, in2_sz);
189+
HMAC_Final(hctx, out, &outlen);
190+
HMAC_CTX_free(hctx);
168191
return SQLITE_OK;
169192
}
170193

@@ -174,18 +197,18 @@ static int sqlcipher_openssl_kdf(void *ctx, const unsigned char *pass, int pass_
174197
}
175198

176199
static int sqlcipher_openssl_cipher(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out) {
177-
EVP_CIPHER_CTX ectx;
178200
int tmp_csz, csz;
179-
180-
EVP_CipherInit(&ectx, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, mode);
181-
EVP_CIPHER_CTX_set_padding(&ectx, 0); // no padding
182-
EVP_CipherInit(&ectx, NULL, key, iv, mode);
183-
EVP_CipherUpdate(&ectx, out, &tmp_csz, in, in_sz);
201+
EVP_CIPHER_CTX* ectx = EVP_CIPHER_CTX_new();
202+
if(ectx == NULL) return SQLITE_ERROR;
203+
EVP_CipherInit_ex(ectx, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, NULL, mode);
204+
EVP_CIPHER_CTX_set_padding(ectx, 0); // no padding
205+
EVP_CipherInit_ex(ectx, NULL, NULL, key, iv, mode);
206+
EVP_CipherUpdate(ectx, out, &tmp_csz, in, in_sz);
184207
csz = tmp_csz;
185208
out += tmp_csz;
186-
EVP_CipherFinal(&ectx, out, &tmp_csz);
209+
EVP_CipherFinal_ex(ectx, out, &tmp_csz);
187210
csz += tmp_csz;
188-
EVP_CIPHER_CTX_cleanup(&ectx);
211+
EVP_CIPHER_CTX_free(ectx);
189212
assert(in_sz == csz);
190213
return SQLITE_OK;
191214
}

0 commit comments

Comments
 (0)