"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "lib/crypto_backend/crypto_openssl.c" between
cryptsetup-2.3.6.tar.xz and cryptsetup-2.4.0.tar.xz

About: cryptsetup is a utility used to conveniently setup disk encryption based on the dm-crypt kernel module. These include plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt compatible format.

crypto_openssl.c  (cryptsetup-2.3.6.tar.xz):crypto_openssl.c  (cryptsetup-2.4.0.tar.xz)
skipping to change at line 31 skipping to change at line 31
* In addition, as a special exception, the copyright holders give * In addition, as a special exception, the copyright holders give
* permission to link the code of portions of this program with the * permission to link the code of portions of this program with the
* OpenSSL library under certain conditions as described in each * OpenSSL library under certain conditions as described in each
* individual source file, and distribute linked combinations * individual source file, and distribute linked combinations
* including the two. * including the two.
* *
* You must obey the GNU Lesser General Public License in all respects * You must obey the GNU Lesser General Public License in all respects
* for all of the code used other than OpenSSL. * for all of the code used other than OpenSSL.
*/ */
/*
* HMAC will be later rewritten to a new API from OpenSSL 3
*/
#define OPENSSL_SUPPRESS_DEPRECATED
#include <string.h> #include <string.h>
#include <errno.h> #include <errno.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/hmac.h> #include <openssl/hmac.h>
#include <openssl/rand.h> #include <openssl/rand.h>
#include "crypto_backend_internal.h" #include "crypto_backend_internal.h"
#if OPENSSL_VERSION_MAJOR >= 3
#include <openssl/provider.h>
static OSSL_PROVIDER *ossl_legacy = NULL;
static OSSL_PROVIDER *ossl_default = NULL;
#endif
#define CONST_CAST(x) (x)(uintptr_t) #define CONST_CAST(x) (x)(uintptr_t)
static int crypto_backend_initialised = 0; static int crypto_backend_initialised = 0;
struct crypt_hash { struct crypt_hash {
EVP_MD_CTX *md; EVP_MD_CTX *md;
const EVP_MD *hash_id; const EVP_MD *hash_id;
int hash_len; int hash_len;
}; };
skipping to change at line 82 skipping to change at line 92
* Compatible wrappers for OpenSSL < 1.1.0 and LibreSSL < 2.7.0 * Compatible wrappers for OpenSSL < 1.1.0 and LibreSSL < 2.7.0
*/ */
#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ #if OPENSSL_VERSION_NUMBER < 0x10100000L || \
(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL) (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
static void openssl_backend_init(void) static void openssl_backend_init(void)
{ {
OpenSSL_add_all_algorithms(); OpenSSL_add_all_algorithms();
} }
static void openssl_backend_exit(void)
{
}
static const char *openssl_backend_version(void) static const char *openssl_backend_version(void)
{ {
return SSLeay_version(SSLEAY_VERSION); return SSLeay_version(SSLEAY_VERSION);
} }
static EVP_MD_CTX *EVP_MD_CTX_new(void) static EVP_MD_CTX *EVP_MD_CTX_new(void)
{ {
EVP_MD_CTX *md = malloc(sizeof(*md)); EVP_MD_CTX *md = malloc(sizeof(*md));
if (md) if (md)
skipping to change at line 121 skipping to change at line 135
} }
static void HMAC_CTX_free(HMAC_CTX *md) static void HMAC_CTX_free(HMAC_CTX *md)
{ {
HMAC_CTX_cleanup(md); HMAC_CTX_cleanup(md);
free(md); free(md);
} }
#else #else
static void openssl_backend_init(void) static void openssl_backend_init(void)
{ {
/*
* OpenSSL >= 3.0.0 provides some algorithms in legacy provider
*/
#if OPENSSL_VERSION_MAJOR >= 3
OPENSSL_init_crypto(OPENSSL_INIT_NO_ATEXIT, NULL);
ossl_legacy = OSSL_PROVIDER_try_load(NULL, "legacy", 0);
ossl_default = OSSL_PROVIDER_try_load(NULL, "default", 0);
#endif
}
static void openssl_backend_exit(void)
{
#if OPENSSL_VERSION_MAJOR >= 3
/*
* If Destructor was already called, we must not call it again
*/
if (OPENSSL_init_crypto(0, NULL) != 0) {
OSSL_PROVIDER_unload(ossl_legacy);
OSSL_PROVIDER_unload(ossl_default);
OPENSSL_cleanup();
}
ossl_legacy = NULL;
ossl_default = NULL;
#endif
} }
static const char *openssl_backend_version(void) static const char *openssl_backend_version(void)
{ {
return OpenSSL_version(OPENSSL_VERSION); return OpenSSL_version(OPENSSL_VERSION);
} }
#endif #endif
int crypt_backend_init(void) int crypt_backend_init(void)
{ {
skipping to change at line 143 skipping to change at line 181
openssl_backend_init(); openssl_backend_init();
crypto_backend_initialised = 1; crypto_backend_initialised = 1;
return 0; return 0;
} }
void crypt_backend_destroy(void) void crypt_backend_destroy(void)
{ {
crypto_backend_initialised = 0; crypto_backend_initialised = 0;
openssl_backend_exit();
} }
uint32_t crypt_backend_flags(void) uint32_t crypt_backend_flags(void)
{ {
return 0; return 0;
} }
const char *crypt_backend_version(void) const char *crypt_backend_version(void)
{ {
return openssl_backend_version(); return openssl_backend_version();
skipping to change at line 344 skipping to change at line 383
} }
void crypt_hmac_destroy(struct crypt_hmac *ctx) void crypt_hmac_destroy(struct crypt_hmac *ctx)
{ {
HMAC_CTX_free(ctx->md); HMAC_CTX_free(ctx->md);
memset(ctx, 0, sizeof(*ctx)); memset(ctx, 0, sizeof(*ctx));
free(ctx); free(ctx);
} }
/* RNG */ /* RNG */
int crypt_backend_rng(char *buffer, size_t length, int quality, int fips) int crypt_backend_rng(char *buffer, size_t length,
int quality __attribute__((unused)), int fips __attribute__((unused)))
{ {
if (RAND_bytes((unsigned char *)buffer, length) != 1) if (RAND_bytes((unsigned char *)buffer, length) != 1)
return -EINVAL; return -EINVAL;
return 0; return 0;
} }
/* PBKDF */ /* PBKDF */
int crypt_pbkdf(const char *kdf, const char *hash, int crypt_pbkdf(const char *kdf, const char *hash,
const char *password, size_t password_length, const char *password, size_t password_length,
skipping to change at line 541 skipping to change at line 581
return _cipher_decrypt(ctx, (const unsigned char*)in, return _cipher_decrypt(ctx, (const unsigned char*)in,
(unsigned char *)out, length, (const unsigned char *)iv, iv_length); (unsigned char *)out, length, (const unsigned char *)iv, iv_length);
} }
bool crypt_cipher_kernel_only(struct crypt_cipher *ctx) bool crypt_cipher_kernel_only(struct crypt_cipher *ctx)
{ {
return ctx->use_kernel; return ctx->use_kernel;
} }
int crypt_bitlk_decrypt_key(const void *key, size_t key_length, int crypt_bitlk_decrypt_key(const void *key, size_t key_length __attribute__((un used)),
const char *in, char *out, size_t length, const char *in, char *out, size_t length,
const char *iv, size_t iv_length, const char *iv, size_t iv_length,
const char *tag, size_t tag_length) const char *tag, size_t tag_length)
{ {
#ifdef EVP_CTRL_CCM_SET_IVLEN #ifdef EVP_CTRL_CCM_SET_IVLEN
EVP_CIPHER_CTX *ctx; EVP_CIPHER_CTX *ctx;
int len = 0, r = -EINVAL; int len = 0, r = -EINVAL;
ctx = EVP_CIPHER_CTX_new(); ctx = EVP_CIPHER_CTX_new();
if (!ctx) if (!ctx)
 End of changes. 7 change blocks. 
2 lines changed or deleted 42 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)