aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2017-05-22 17:38:45 -0400
committerJack Lloyd <[email protected]>2017-05-22 17:38:45 -0400
commitb136d4e7ca350bb388a1a6d638b1010a2b1e5b73 (patch)
tree59831426531d0de9ba4c7eb82126d6c20afd4675
parent7728fbf8ebbac349bab487bda842cbd8c073848f (diff)
Add copy_state to OpenSSL hash functions, and port to OpenSSL 1.1.0
-rw-r--r--src/lib/prov/openssl/openssl_block.cpp67
-rw-r--r--src/lib/prov/openssl/openssl_ec.cpp33
-rw-r--r--src/lib/prov/openssl/openssl_hash.cpp47
-rw-r--r--src/lib/prov/openssl/openssl_mode.cpp35
-rw-r--r--src/lib/prov/openssl/openssl_rsa.cpp22
5 files changed, 130 insertions, 74 deletions
diff --git a/src/lib/prov/openssl/openssl_block.cpp b/src/lib/prov/openssl/openssl_block.cpp
index 15d3bdc56..5d5cf0b47 100644
--- a/src/lib/prov/openssl/openssl_block.cpp
+++ b/src/lib/prov/openssl/openssl_block.cpp
@@ -37,14 +37,14 @@ class OpenSSL_BlockCipher : public BlockCipher
void encrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const override
{
int out_len = 0;
- if(!EVP_EncryptUpdate(&m_encrypt, out, &out_len, in, blocks * m_block_sz))
+ if(!EVP_EncryptUpdate(m_encrypt, out, &out_len, in, blocks * m_block_sz))
throw OpenSSL_Error("EVP_EncryptUpdate");
}
void decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks) const override
{
int out_len = 0;
- if(!EVP_DecryptUpdate(&m_decrypt, out, &out_len, in, blocks * m_block_sz))
+ if(!EVP_DecryptUpdate(m_decrypt, out, &out_len, in, blocks * m_block_sz))
throw OpenSSL_Error("EVP_DecryptUpdate");
}
@@ -53,7 +53,8 @@ class OpenSSL_BlockCipher : public BlockCipher
size_t m_block_sz;
Key_Length_Specification m_cipher_key_spec;
std::string m_cipher_name;
- mutable EVP_CIPHER_CTX m_encrypt, m_decrypt;
+ mutable EVP_CIPHER_CTX *m_encrypt;
+ mutable EVP_CIPHER_CTX *m_decrypt;
};
OpenSSL_BlockCipher::OpenSSL_BlockCipher(const std::string& algo_name,
@@ -65,17 +66,19 @@ OpenSSL_BlockCipher::OpenSSL_BlockCipher(const std::string& algo_name,
if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE)
throw Invalid_Argument("OpenSSL_BlockCipher: Non-ECB EVP was passed in");
- EVP_CIPHER_CTX_init(&m_encrypt);
- EVP_CIPHER_CTX_init(&m_decrypt);
+ m_encrypt = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_init(m_encrypt);
+ m_decrypt = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_init(m_decrypt);
- if(!EVP_EncryptInit_ex(&m_encrypt, algo, nullptr, nullptr, nullptr))
+ if(!EVP_EncryptInit_ex(m_encrypt, algo, nullptr, nullptr, nullptr))
throw OpenSSL_Error("EVP_EncryptInit_ex");
- if(!EVP_DecryptInit_ex(&m_decrypt, algo, nullptr, nullptr, nullptr))
+ if(!EVP_DecryptInit_ex(m_decrypt, algo, nullptr, nullptr, nullptr))
throw OpenSSL_Error("EVP_DecryptInit_ex");
- if(!EVP_CIPHER_CTX_set_padding(&m_encrypt, 0))
+ if(!EVP_CIPHER_CTX_set_padding(m_encrypt, 0))
throw OpenSSL_Error("EVP_CIPHER_CTX_set_padding encrypt");
- if(!EVP_CIPHER_CTX_set_padding(&m_decrypt, 0))
+ if(!EVP_CIPHER_CTX_set_padding(m_decrypt, 0))
throw OpenSSL_Error("EVP_CIPHER_CTX_set_padding decrypt");
}
@@ -91,24 +94,26 @@ OpenSSL_BlockCipher::OpenSSL_BlockCipher(const std::string& algo_name,
if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE)
throw Invalid_Argument("OpenSSL_BlockCipher: Non-ECB EVP was passed in");
- EVP_CIPHER_CTX_init(&m_encrypt);
- EVP_CIPHER_CTX_init(&m_decrypt);
+ m_encrypt = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_init(m_encrypt);
+ m_decrypt = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_init(m_decrypt);
- if(!EVP_EncryptInit_ex(&m_encrypt, algo, nullptr, nullptr, nullptr))
+ if(!EVP_EncryptInit_ex(m_encrypt, algo, nullptr, nullptr, nullptr))
throw OpenSSL_Error("EVP_EncryptInit_ex");
- if(!EVP_DecryptInit_ex(&m_decrypt, algo, nullptr, nullptr, nullptr))
+ if(!EVP_DecryptInit_ex(m_decrypt, algo, nullptr, nullptr, nullptr))
throw OpenSSL_Error("EVP_DecryptInit_ex");
- if(!EVP_CIPHER_CTX_set_padding(&m_encrypt, 0))
+ if(!EVP_CIPHER_CTX_set_padding(m_encrypt, 0))
throw OpenSSL_Error("EVP_CIPHER_CTX_set_padding encrypt");
- if(!EVP_CIPHER_CTX_set_padding(&m_decrypt, 0))
+ if(!EVP_CIPHER_CTX_set_padding(m_decrypt, 0))
throw OpenSSL_Error("EVP_CIPHER_CTX_set_padding decrypt");
}
OpenSSL_BlockCipher::~OpenSSL_BlockCipher()
{
- EVP_CIPHER_CTX_cleanup(&m_encrypt);
- EVP_CIPHER_CTX_cleanup(&m_decrypt);
+ EVP_CIPHER_CTX_cleanup(m_encrypt);
+ EVP_CIPHER_CTX_cleanup(m_decrypt);
}
/*
@@ -123,14 +128,14 @@ void OpenSSL_BlockCipher::key_schedule(const uint8_t key[], size_t length)
full_key += std::make_pair(key, 8);
}
else
- if(EVP_CIPHER_CTX_set_key_length(&m_encrypt, length) == 0 ||
- EVP_CIPHER_CTX_set_key_length(&m_decrypt, length) == 0)
+ if(EVP_CIPHER_CTX_set_key_length(m_encrypt, length) == 0 ||
+ EVP_CIPHER_CTX_set_key_length(m_decrypt, length) == 0)
throw Invalid_Argument("OpenSSL_BlockCipher: Bad key length for " +
m_cipher_name);
- if(!EVP_EncryptInit_ex(&m_encrypt, nullptr, nullptr, full_key.data(), nullptr))
+ if(!EVP_EncryptInit_ex(m_encrypt, nullptr, nullptr, full_key.data(), nullptr))
throw OpenSSL_Error("EVP_EncryptInit_ex");
- if(!EVP_DecryptInit_ex(&m_decrypt, nullptr, nullptr, full_key.data(), nullptr))
+ if(!EVP_DecryptInit_ex(m_decrypt, nullptr, nullptr, full_key.data(), nullptr))
throw OpenSSL_Error("EVP_DecryptInit_ex");
}
@@ -140,7 +145,7 @@ void OpenSSL_BlockCipher::key_schedule(const uint8_t key[], size_t length)
BlockCipher* OpenSSL_BlockCipher::clone() const
{
return new OpenSSL_BlockCipher(m_cipher_name,
- EVP_CIPHER_CTX_cipher(&m_encrypt),
+ EVP_CIPHER_CTX_cipher(m_encrypt),
m_cipher_key_spec.minimum_keylength(),
m_cipher_key_spec.maximum_keylength(),
m_cipher_key_spec.keylength_multiple());
@@ -151,21 +156,21 @@ BlockCipher* OpenSSL_BlockCipher::clone() const
*/
void OpenSSL_BlockCipher::clear()
{
- const EVP_CIPHER* algo = EVP_CIPHER_CTX_cipher(&m_encrypt);
+ const EVP_CIPHER* algo = EVP_CIPHER_CTX_cipher(m_encrypt);
- if(!EVP_CIPHER_CTX_cleanup(&m_encrypt))
+ if(!EVP_CIPHER_CTX_cleanup(m_encrypt))
throw OpenSSL_Error("EVP_CIPHER_CTX_cleanup encrypt");
- if(!EVP_CIPHER_CTX_cleanup(&m_decrypt))
+ if(!EVP_CIPHER_CTX_cleanup(m_decrypt))
throw OpenSSL_Error("EVP_CIPHER_CTX_cleanup decrypt");
- EVP_CIPHER_CTX_init(&m_encrypt);
- EVP_CIPHER_CTX_init(&m_decrypt);
- if(!EVP_EncryptInit_ex(&m_encrypt, algo, nullptr, nullptr, nullptr))
+ EVP_CIPHER_CTX_init(m_encrypt);
+ EVP_CIPHER_CTX_init(m_decrypt);
+ if(!EVP_EncryptInit_ex(m_encrypt, algo, nullptr, nullptr, nullptr))
throw OpenSSL_Error("EVP_EncryptInit_ex");
- if(!EVP_DecryptInit_ex(&m_decrypt, algo, nullptr, nullptr, nullptr))
+ if(!EVP_DecryptInit_ex(m_decrypt, algo, nullptr, nullptr, nullptr))
throw OpenSSL_Error("EVP_DecryptInit_ex");
- if(!EVP_CIPHER_CTX_set_padding(&m_encrypt, 0))
+ if(!EVP_CIPHER_CTX_set_padding(m_encrypt, 0))
throw OpenSSL_Error("EVP_CIPHER_CTX_set_padding encrypt");
- if(!EVP_CIPHER_CTX_set_padding(&m_decrypt, 0))
+ if(!EVP_CIPHER_CTX_set_padding(m_decrypt, 0))
throw OpenSSL_Error("EVP_CIPHER_CTX_set_padding decrypt");
}
diff --git a/src/lib/prov/openssl/openssl_ec.cpp b/src/lib/prov/openssl/openssl_ec.cpp
index 4b8afb5ed..0b23fa5e3 100644
--- a/src/lib/prov/openssl/openssl_ec.cpp
+++ b/src/lib/prov/openssl/openssl_ec.cpp
@@ -148,13 +148,18 @@ class OpenSSL_ECDSA_Verification_Operation : public PK_Ops::Verification_with_EM
std::unique_ptr<ECDSA_SIG, std::function<void (ECDSA_SIG*)>> sig(nullptr, ECDSA_SIG_free);
sig.reset(::ECDSA_SIG_new());
- sig->r = BN_bin2bn(sig_bytes , sig_len / 2, nullptr);
- if(!sig->r)
- throw OpenSSL_Error("BN_bin2bn sig r");
- sig->s = BN_bin2bn(sig_bytes + sig_len / 2, sig_len / 2, nullptr);
- if(!sig->s)
+ BIGNUM* r = BN_bin2bn(sig_bytes , sig_len / 2, nullptr);
+ BIGNUM* s = BN_bin2bn(sig_bytes + sig_len / 2, sig_len / 2, nullptr);
+ if(r == nullptr || s == nullptr)
throw OpenSSL_Error("BN_bin2bn sig s");
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ sig->r = r;
+ sig->s = s;
+#else
+ ECDSA_SIG_set0(sig.get(), r, s);
+#endif
+
const int res = ECDSA_do_verify(msg, msg_len, sig.get(), m_ossl_ec.get());
if(res < 0)
throw OpenSSL_Error("ECDSA_do_verify");
@@ -193,11 +198,21 @@ class OpenSSL_ECDSA_Signing_Operation : public PK_Ops::Signature_with_EMSA
throw OpenSSL_Error("ECDSA_do_sign");
const size_t order_bytes = (m_order_bits + 7) / 8;
- const size_t r_bytes = BN_num_bytes(sig->r);
- const size_t s_bytes = BN_num_bytes(sig->s);
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ const BIGNUM* r = sig->r;
+ const BIGNUM* s = sig->s;
+#else
+ const BIGNUM* r;
+ const BIGNUM* s;
+ ECDSA_SIG_get0(sig.get(), &r, &s);
+#endif
+
+ const size_t r_bytes = BN_num_bytes(r);
+ const size_t s_bytes = BN_num_bytes(s);
secure_vector<uint8_t> sigval(2*order_bytes);
- BN_bn2bin(sig->r, &sigval[order_bytes - r_bytes]);
- BN_bn2bin(sig->s, &sigval[2*order_bytes - s_bytes]);
+ BN_bn2bin(r, &sigval[order_bytes - r_bytes]);
+ BN_bn2bin(s, &sigval[2*order_bytes - s_bytes]);
return sigval;
}
diff --git a/src/lib/prov/openssl/openssl_hash.cpp b/src/lib/prov/openssl/openssl_hash.cpp
index 05e97a4e3..4b3e01ac5 100644
--- a/src/lib/prov/openssl/openssl_hash.cpp
+++ b/src/lib/prov/openssl/openssl_hash.cpp
@@ -19,8 +19,8 @@ class OpenSSL_HashFunction : public HashFunction
public:
void clear() override
{
- const EVP_MD* algo = EVP_MD_CTX_md(&m_md);
- if(!EVP_DigestInit_ex(&m_md, algo, nullptr))
+ const EVP_MD* algo = EVP_MD_CTX_md(m_md);
+ if(!EVP_DigestInit_ex(m_md, algo, nullptr))
throw OpenSSL_Error("EVP_DigestInit_ex");
}
@@ -29,50 +29,71 @@ class OpenSSL_HashFunction : public HashFunction
HashFunction* clone() const override
{
- const EVP_MD* algo = EVP_MD_CTX_md(&m_md);
+ const EVP_MD* algo = EVP_MD_CTX_md(m_md);
return new OpenSSL_HashFunction(name(), algo);
}
+ std::unique_ptr<HashFunction> copy_state() const override
+ {
+ std::unique_ptr<OpenSSL_HashFunction> copy(new OpenSSL_HashFunction(m_name, nullptr));
+ EVP_MD_CTX_copy(copy->m_md, m_md);
+ return std::move(copy);
+ }
+
size_t output_length() const override
{
- return EVP_MD_size(EVP_MD_CTX_md(&m_md));
+ return EVP_MD_size(EVP_MD_CTX_md(m_md));
}
size_t hash_block_size() const override
{
- return EVP_MD_block_size(EVP_MD_CTX_md(&m_md));
+ return EVP_MD_block_size(EVP_MD_CTX_md(m_md));
}
OpenSSL_HashFunction(const std::string& name, const EVP_MD* md) : m_name(name)
{
- EVP_MD_CTX_init(&m_md);
- if(!EVP_DigestInit_ex(&m_md, md, nullptr))
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ m_md = EVP_MD_CTX_create();
+#else
+ m_md = EVP_MD_CTX_new();
+#endif
+
+ EVP_MD_CTX_init(m_md);
+ if(md && !EVP_DigestInit_ex(m_md, md, nullptr))
throw OpenSSL_Error("EVP_DigestInit_ex");
}
+ OpenSSL_HashFunction(EVP_MD_CTX* ctx) : m_md(ctx)
+ {
+ }
+
~OpenSSL_HashFunction()
{
- EVP_MD_CTX_cleanup(&m_md);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_MD_CTX_destroy(m_md);
+#else
+ EVP_MD_CTX_free(m_md);
+#endif
}
private:
void add_data(const uint8_t input[], size_t length) override
{
- if(!EVP_DigestUpdate(&m_md, input, length))
+ if(!EVP_DigestUpdate(m_md, input, length))
throw OpenSSL_Error("EVP_DigestUpdate");
}
void final_result(uint8_t output[]) override
{
- if(!EVP_DigestFinal_ex(&m_md, output, nullptr))
+ if(!EVP_DigestFinal_ex(m_md, output, nullptr))
throw OpenSSL_Error("EVP_DigestFinal_ex");
- const EVP_MD* algo = EVP_MD_CTX_md(&m_md);
- if(!EVP_DigestInit_ex(&m_md, algo, nullptr))
+ const EVP_MD* algo = EVP_MD_CTX_md(m_md);
+ if(!EVP_DigestInit_ex(m_md, algo, nullptr))
throw OpenSSL_Error("EVP_DigestInit_ex");
}
std::string m_name;
- EVP_MD_CTX m_md;
+ EVP_MD_CTX* m_md;
};
}
diff --git a/src/lib/prov/openssl/openssl_mode.cpp b/src/lib/prov/openssl/openssl_mode.cpp
index 184bdada7..36f19eaec 100644
--- a/src/lib/prov/openssl/openssl_mode.cpp
+++ b/src/lib/prov/openssl/openssl_mode.cpp
@@ -44,7 +44,7 @@ class BOTAN_DLL OpenSSL_Cipher_Mode : public Cipher_Mode
const std::string m_mode_name;
const Cipher_Dir m_direction;
size_t m_block_size;
- EVP_CIPHER_CTX m_cipher;
+ EVP_CIPHER_CTX* m_cipher;
};
OpenSSL_Cipher_Mode::OpenSSL_Cipher_Mode(const std::string& name,
@@ -58,17 +58,18 @@ OpenSSL_Cipher_Mode::OpenSSL_Cipher_Mode(const std::string& name,
if(EVP_CIPHER_mode(algo) != EVP_CIPH_CBC_MODE)
throw Invalid_Argument("OpenSSL_BlockCipher: Non-CBC EVP was passed in");
- EVP_CIPHER_CTX_init(&m_cipher);
- if(!EVP_CipherInit_ex(&m_cipher, algo, nullptr, nullptr, nullptr,
+ m_cipher = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_init(m_cipher);
+ if(!EVP_CipherInit_ex(m_cipher, algo, nullptr, nullptr, nullptr,
m_direction == ENCRYPTION ? 1 : 0))
throw OpenSSL_Error("EVP_CipherInit_ex");
- if(!EVP_CIPHER_CTX_set_padding(&m_cipher, 0))
+ if(!EVP_CIPHER_CTX_set_padding(m_cipher, 0))
throw OpenSSL_Error("EVP_CIPHER_CTX_set_padding");
}
OpenSSL_Cipher_Mode::~OpenSSL_Cipher_Mode()
{
- EVP_CIPHER_CTX_cleanup(&m_cipher);
+ EVP_CIPHER_CTX_free(m_cipher);
}
void OpenSSL_Cipher_Mode::start_msg(const uint8_t nonce[], size_t nonce_len)
@@ -77,7 +78,7 @@ void OpenSSL_Cipher_Mode::start_msg(const uint8_t nonce[], size_t nonce_len)
throw Invalid_IV_Length(name(), nonce_len);
if(nonce_len)
{
- if(!EVP_CipherInit_ex(&m_cipher, nullptr, nullptr, nullptr, nonce, -1))
+ if(!EVP_CipherInit_ex(m_cipher, nullptr, nullptr, nullptr, nonce, -1))
throw OpenSSL_Error("EVP_CipherInit_ex nonce");
}
}
@@ -91,7 +92,7 @@ size_t OpenSSL_Cipher_Mode::process(uint8_t msg[], size_t msg_len)
int outl = msg_len;
secure_vector<uint8_t> out(outl);
- if(!EVP_CipherUpdate(&m_cipher, out.data(), &outl, msg, msg_len))
+ if(!EVP_CipherUpdate(m_cipher, out.data(), &outl, msg, msg_len))
throw OpenSSL_Error("EVP_CipherUpdate");
memcpy(msg, out.data(), outl);
return outl;
@@ -108,7 +109,7 @@ void OpenSSL_Cipher_Mode::finish(secure_vector<uint8_t>& buffer,
int outl = buf_size - written;
secure_vector<uint8_t> out(outl);
- if(!EVP_CipherFinal_ex(&m_cipher, out.data(), &outl))
+ if(!EVP_CipherFinal_ex(m_cipher, out.data(), &outl))
throw OpenSSL_Error("EVP_CipherFinal_ex");
memcpy(buf + written, out.data(), outl);
written += outl;
@@ -145,34 +146,34 @@ size_t OpenSSL_Cipher_Mode::output_length(size_t input_length) const
void OpenSSL_Cipher_Mode::clear()
{
- const EVP_CIPHER* algo = EVP_CIPHER_CTX_cipher(&m_cipher);
+ const EVP_CIPHER* algo = EVP_CIPHER_CTX_cipher(m_cipher);
- if(!EVP_CIPHER_CTX_cleanup(&m_cipher))
+ if(!EVP_CIPHER_CTX_cleanup(m_cipher))
throw OpenSSL_Error("EVP_CIPHER_CTX_cleanup");
- EVP_CIPHER_CTX_init(&m_cipher);
- if(!EVP_CipherInit_ex(&m_cipher, algo, nullptr, nullptr, nullptr,
+ EVP_CIPHER_CTX_init(m_cipher);
+ if(!EVP_CipherInit_ex(m_cipher, algo, nullptr, nullptr, nullptr,
m_direction == ENCRYPTION ? 1 : 0))
throw OpenSSL_Error("EVP_CipherInit_ex clear");
- if(!EVP_CIPHER_CTX_set_padding(&m_cipher, 0))
+ if(!EVP_CIPHER_CTX_set_padding(m_cipher, 0))
throw OpenSSL_Error("EVP_CIPHER_CTX_set_padding clear");
}
void OpenSSL_Cipher_Mode::reset()
{
- if(!EVP_CipherInit_ex(&m_cipher, nullptr, nullptr, nullptr, nullptr, -1))
+ if(!EVP_CipherInit_ex(m_cipher, nullptr, nullptr, nullptr, nullptr, -1))
throw OpenSSL_Error("EVP_CipherInit_ex clear");
}
Key_Length_Specification OpenSSL_Cipher_Mode::key_spec() const
{
- return Key_Length_Specification(EVP_CIPHER_CTX_key_length(&m_cipher));
+ return Key_Length_Specification(EVP_CIPHER_CTX_key_length(m_cipher));
}
void OpenSSL_Cipher_Mode::key_schedule(const uint8_t key[], size_t length)
{
- if(!EVP_CIPHER_CTX_set_key_length(&m_cipher, length))
+ if(!EVP_CIPHER_CTX_set_key_length(m_cipher, length))
throw OpenSSL_Error("EVP_CIPHER_CTX_set_key_length");
- if(!EVP_CipherInit_ex(&m_cipher, nullptr, nullptr, key, nullptr, -1))
+ if(!EVP_CipherInit_ex(m_cipher, nullptr, nullptr, key, nullptr, -1))
throw OpenSSL_Error("EVP_CipherInit_ex key");
}
diff --git a/src/lib/prov/openssl/openssl_rsa.cpp b/src/lib/prov/openssl/openssl_rsa.cpp
index 8c25d00ef..f8b2b82d6 100644
--- a/src/lib/prov/openssl/openssl_rsa.cpp
+++ b/src/lib/prov/openssl/openssl_rsa.cpp
@@ -152,7 +152,14 @@ class OpenSSL_RSA_Verification_Operation : public PK_Ops::Verification_with_EMSA
throw OpenSSL_Error("d2i_RSAPublicKey");
}
- size_t max_input_bits() const override { return ::BN_num_bits(m_openssl_rsa->n) - 1; }
+ size_t max_input_bits() const override
+ {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ return ::BN_num_bits(m_openssl_rsa->n) - 1;
+#else
+ return ::RSA_bits(m_openssl_rsa.get()) - 1;
+#endif
+ }
bool with_recovery() const override { return true; }
@@ -215,7 +222,14 @@ class OpenSSL_RSA_Signing_Operation : public PK_Ops::Signature_with_EMSA
return outbuf;
}
- size_t max_input_bits() const override { return ::BN_num_bits(m_openssl_rsa->n) - 1; }
+ size_t max_input_bits() const override
+ {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ return ::BN_num_bits(m_openssl_rsa->n) - 1;
+#else
+ return ::RSA_bits(m_openssl_rsa.get()) - 1;
+#endif
+ }
private:
std::unique_ptr<RSA, std::function<void (RSA*)>> m_openssl_rsa;
@@ -269,10 +283,10 @@ make_openssl_rsa_private_key(RandomNumberGenerator& rng, size_t rsa_bits)
std::unique_ptr<RSA, std::function<void (RSA*)>> rsa(RSA_new(), RSA_free);
if(!rsa)
throw OpenSSL_Error("RSA_new");
- if(!RSA_generate_key_ex(rsa.get(), rsa_bits, bn.get(), NULL))
+ if(!RSA_generate_key_ex(rsa.get(), rsa_bits, bn.get(), nullptr))
throw OpenSSL_Error("RSA_generate_key_ex");
- uint8_t* der = NULL;
+ uint8_t* der = nullptr;
int bytes = i2d_RSAPrivateKey(rsa.get(), &der);
if(bytes < 0)
throw OpenSSL_Error("i2d_RSAPrivateKey");