Attachment #212783 for bug #245116

View | Details | Raw Unified | Return to bug 245116 | Differences between
Collapse All | Expand All




--- plugins/qca-ossl/qca-ossl.cpp.orig	2020-02-25 09:08:01 UTC
+++ plugins/qca-ossl/qca-ossl.cpp
@@ -43,6 +43,10 @@
 
 #include <openssl/kdf.h>
 
+#ifndef RSA_F_RSA_OSSL_PRIVATE_DECRYPT
+#define RSA_F_RSA_OSSL_PRIVATE_DECRYPT RSA_F_RSA_EAY_PRIVATE_DECRYPT
+#endif
+
 using namespace QCA;
 
 namespace opensslQCAPlugin {
@@ -1272,6 +1276,7 @@ class opensslHkdfContext : public HKDFContext (public)
 						 const InitializationVector &info, unsigned int keyLength) override
 	{
 		SecureArray out(keyLength);
+#ifdef EVP_PKEY_HKDF
 		EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, nullptr);
 		EVP_PKEY_derive_init(pctx);
 		EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256());
@@ -1281,6 +1286,36 @@ class opensslHkdfContext : public HKDFContext (public)
 		size_t outlen = out.size();
 		EVP_PKEY_derive(pctx, reinterpret_cast<unsigned char*>(out.data()), &outlen);
 		EVP_PKEY_CTX_free(pctx);
+#else
+		unsigned char prk[EVP_MAX_MD_SIZE];
+		unsigned char *ret;
+		unsigned int prk_len;
+		HMAC(EVP_sha256(), salt.data(), salt.size(), reinterpret_cast<const unsigned char*>(secret.data()), secret.size(), prk, &prk_len);
+		HMAC_CTX hmac;
+		unsigned char prev[EVP_MAX_MD_SIZE];
+		size_t done_len = 0;
+		size_t dig_len = EVP_MD_size(EVP_sha256());
+		size_t n = out.size() / dig_len;
+		if (out.size() % dig_len) ++n;
+		HMAC_CTX_init(&hmac);
+		HMAC_Init_ex(&hmac, prk, prk_len, EVP_sha256(), nullptr);
+		for (unsigned int i = 1; i <= n; ++i) {
+			const unsigned char ctr = i;
+			if (i > 1) {
+				HMAC_Init_ex(&hmac, nullptr, 0, nullptr, nullptr);
+				HMAC_Update(&hmac, prev, dig_len);
+			}
+			HMAC_Update(&hmac, reinterpret_cast<const unsigned char*>(info.data()), info.size());
+			HMAC_Update(&hmac, &ctr, 1);
+			HMAC_Final(&hmac, prev, nullptr);
+			size_t copy_len = (done_len + dig_len > out.size()) ?
+					out.size() - done_len : dig_len;
+			memcpy(reinterpret_cast<unsigned char *>(out.data()) + done_len, prev, copy_len);
+			done_len += copy_len;
+		}
+		HMAC_CTX_cleanup(&hmac);
+		OPENSSL_cleanse(prk, sizeof prk);
+#endif
 		return out;
 	}
 };

Return to bug 245116

Line 0 Link Here

(-)devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp (+58 lines)
	1	--- plugins/qca-ossl/qca-ossl.cpp.orig 2020-02-25 09:08:01 UTC
	2	+++ plugins/qca-ossl/qca-ossl.cpp
	3	@@ -43,6 +43,10 @@
	4
	5	#include <openssl/kdf.h>
	6
	7	+#ifndef RSA_F_RSA_OSSL_PRIVATE_DECRYPT
	8	+#define RSA_F_RSA_OSSL_PRIVATE_DECRYPT RSA_F_RSA_EAY_PRIVATE_DECRYPT
	9	+#endif
	10	+
	11	using namespace QCA;
	12
	13	namespace opensslQCAPlugin {
	14	@@ -1272,6 +1276,7 @@ class opensslHkdfContext : public HKDFContext (public)
	15	const InitializationVector &info, unsigned int keyLength) override
	16	{
	17	SecureArray out(keyLength);
	18	+#ifdef EVP_PKEY_HKDF
	19	EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, nullptr);
	20	EVP_PKEY_derive_init(pctx);
	21	EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256());
	22	@@ -1281,6 +1286,36 @@ class opensslHkdfContext : public HKDFContext (public)
	23	size_t outlen = out.size();
	24	EVP_PKEY_derive(pctx, reinterpret_cast<unsigned char*>(out.data()), &outlen);
	25	EVP_PKEY_CTX_free(pctx);
	26	+#else
	27	+ unsigned char prk[EVP_MAX_MD_SIZE];
	28	+ unsigned char *ret;
	29	+ unsigned int prk_len;
	30	+ HMAC(EVP_sha256(), salt.data(), salt.size(), reinterpret_cast<const unsigned char*>(secret.data()), secret.size(), prk, &prk_len);
	31	+ HMAC_CTX hmac;
	32	+ unsigned char prev[EVP_MAX_MD_SIZE];
	33	+ size_t done_len = 0;
	34	+ size_t dig_len = EVP_MD_size(EVP_sha256());
	35	+ size_t n = out.size() / dig_len;
	36	+ if (out.size() % dig_len) ++n;
	37	+ HMAC_CTX_init(&hmac);
	38	+ HMAC_Init_ex(&hmac, prk, prk_len, EVP_sha256(), nullptr);
	39	+ for (unsigned int i = 1; i <= n; ++i) {
	40	+ const unsigned char ctr = i;
	41	+ if (i > 1) {
	42	+ HMAC_Init_ex(&hmac, nullptr, 0, nullptr, nullptr);
	43	+ HMAC_Update(&hmac, prev, dig_len);
	44	+ }
	45	+ HMAC_Update(&hmac, reinterpret_cast<const unsigned char*>(info.data()), info.size());
	46	+ HMAC_Update(&hmac, &ctr, 1);
	47	+ HMAC_Final(&hmac, prev, nullptr);
	48	+ size_t copy_len = (done_len + dig_len > out.size()) ?
	49	+ out.size() - done_len : dig_len;
	50	+ memcpy(reinterpret_cast<unsigned char *>(out.data()) + done_len, prev, copy_len);
	51	+ done_len += copy_len;
	52	+ }
	53	+ HMAC_CTX_cleanup(&hmac);
	54	+ OPENSSL_cleanse(prk, sizeof prk);
	55	+#endif
	56	return out;
	57	}
	58	};