1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
--- a/configure.ac
+++ b/configure.ac
@@ -69,12 +69,15 @@ AC_ARG_ENABLE(openssl,
[ --disable-openssl Don't use OpenSSL's SHA1 implementation.],
[
if test "$enableval" = "yes"; then
+dnl move to scripts.
PKG_CHECK_MODULES(OPENSSL, libcrypto,
CXXFLAGS="$CXXFLAGS $OPENSSL_CFLAGS";
LIBS="$LIBS $OPENSSL_LIBS")
AC_DEFINE(USE_OPENSSL, 1, Using OpenSSL.)
AC_DEFINE(USE_OPENSSL_SHA, 1, Using OpenSSL's SHA1 implementation.)
+ AC_CHECK_LIB([crypto], [DH_set0_pqg], [AC_DEFINE(USE_OPENSSL_1_1, 1, Using OpenSSL 1.1.)])
+
else
AC_DEFINE(USE_NSS_SHA, 1, Using Mozilla's SHA1 implementation.)
fi
@@ -85,6 +88,7 @@ AC_ARG_ENABLE(openssl,
AC_DEFINE(USE_OPENSSL, 1, Using OpenSSL.)
AC_DEFINE(USE_OPENSSL_SHA, 1, Using OpenSSL's SHA1 implementation.)
+ AC_CHECK_LIB([crypto], [DH_set0_pqg], [AC_DEFINE(USE_OPENSSL_1_1, 1, Using OpenSSL 1.1.)])
]
)
diff --git a/src/utils/diffie_hellman.cc b/src/utils/diffie_hellman.cc
index aa653d4..7ec1316 100644
--- a/src/utils/diffie_hellman.cc
+++ b/src/utils/diffie_hellman.cc
@@ -54,11 +54,23 @@ DiffieHellman::DiffieHellman(const unsigned char *prime, int primeLength,
m_secret(NULL), m_size(0) {
#ifdef USE_OPENSSL
+
m_dh = DH_new();
+
+#ifdef USE_OPENSSL_1_1
+ BIGNUM * const dh_p = BN_bin2bn(prime, primeLength, NULL);
+ BIGNUM * const dh_g = BN_bin2bn(generator, generatorLength, NULL);
+
+ if (dh_p == NULL || dh_g == NULL ||
+ !DH_set0_pqg(m_dh, dh_p, NULL, dh_g))
+ throw internal_error("Could not generate Diffie-Hellman parameters");
+#else
m_dh->p = BN_bin2bn(prime, primeLength, NULL);
m_dh->g = BN_bin2bn(generator, generatorLength, NULL);
+#endif
DH_generate_key(m_dh);
+
#else
throw internal_error("Compiled without encryption support.");
#endif
@@ -74,7 +86,19 @@ DiffieHellman::~DiffieHellman() {
bool
DiffieHellman::is_valid() const {
#ifdef USE_OPENSSL
+ if (m_dh == NULL)
+ return false;
+
+#ifdef USE_OPENSSL_1_1
+ const BIGNUM *pub_key;
+
+ DH_get0_key(m_dh, &pub_key, NULL);
+
+ return pub_key != NULL;
+#else
return m_dh != NULL && m_dh->pub_key != NULL;
+#endif
+
#else
return false;
#endif
@@ -103,8 +127,16 @@ DiffieHellman::store_pub_key(unsigned char* dest, unsigned int length) {
#ifdef USE_OPENSSL
std::memset(dest, 0, length);
- if ((int)length >= BN_num_bytes(m_dh->pub_key))
- BN_bn2bin(m_dh->pub_key, dest + length - BN_num_bytes(m_dh->pub_key));
+ const BIGNUM *pub_key;
+
+#ifdef USE_OPENSSL_1_1
+ DH_get0_key(m_dh, &pub_key, NULL);
+#else
+ pub_key = m_dh->pub_key;
+#endif
+
+ if ((int)length >= BN_num_bytes(pub_key))
+ BN_bn2bin(pub_key, dest + length - BN_num_bytes(pub_key));
#endif
}
|