mirror of
https://github.com/openbsd/ports.git
synced 2026-06-18 07:24:23 +02:00
tim
95 lines
3.1 KiB
Plaintext
95 lines
3.1 KiB
Plaintext
LibreSSL does not support the OpenSSL 3 EVP_MAC API
|
|
|
|
Partial revert of
|
|
https://github.com/sqlcipher/sqlcipher/commit/801b81a8d0c42c13f66de89805c3bfa0d1d450aa
|
|
|
|
Index: src/crypto_openssl.c
|
|
--- src/crypto_openssl.c.orig
|
|
+++ src/crypto_openssl.c
|
|
@@ -156,6 +156,76 @@ static int sqlcipher_openssl_hmac(
|
|
) {
|
|
int rc = 0;
|
|
|
|
+#if (defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x30000000L)
|
|
+ unsigned int outlen;
|
|
+ HMAC_CTX* hctx = NULL;
|
|
+
|
|
+ if(in == NULL) goto error;
|
|
+
|
|
+ hctx = HMAC_CTX_new();
|
|
+ if(hctx == NULL) {
|
|
+ sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_CTX_new() failed");
|
|
+ sqlcipher_openssl_log_errors();
|
|
+ goto error;
|
|
+ }
|
|
+
|
|
+ switch(algorithm) {
|
|
+ case SQLCIPHER_HMAC_SHA1:
|
|
+ if(!(rc = HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha1(), NULL))) {
|
|
+ sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Init_ex() with key size %d and EVP_sha1() returned %d", key_sz, rc);
|
|
+ sqlcipher_openssl_log_errors();
|
|
+ goto error;
|
|
+ }
|
|
+ break;
|
|
+ case SQLCIPHER_HMAC_SHA256:
|
|
+ if(!(rc = HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha256(), NULL))) {
|
|
+ sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Init_ex() with key size %d and EVP_sha256() returned %d", key_sz, rc);
|
|
+ sqlcipher_openssl_log_errors();
|
|
+ goto error;
|
|
+ }
|
|
+ break;
|
|
+ case SQLCIPHER_HMAC_SHA512:
|
|
+ if(!(rc = HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha512(), NULL))) {
|
|
+ sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Init_ex() with key size %d and EVP_sha512() returned %d", key_sz, rc);
|
|
+ sqlcipher_openssl_log_errors();
|
|
+ goto error;
|
|
+ }
|
|
+ break;
|
|
+ default:
|
|
+ sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: invalid algorithm %d", algorithm);
|
|
+ goto error;
|
|
+ }
|
|
+
|
|
+ if(!(rc = HMAC_Update(hctx, in, in_sz))) {
|
|
+ sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Update() on 1st input buffer of %d bytes using algorithm %d returned %d", in_sz, algorithm, rc);
|
|
+ sqlcipher_openssl_log_errors();
|
|
+ goto error;
|
|
+ }
|
|
+
|
|
+ if(in2 != NULL) {
|
|
+ if(!(rc = HMAC_Update(hctx, in2, in2_sz))) {
|
|
+ sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Update() on 2nd input buffer of %d bytes using algorithm %d returned %d", in2_sz, algorithm, rc);
|
|
+ sqlcipher_openssl_log_errors();
|
|
+ goto error;
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if(!(rc = HMAC_Final(hctx, out, &outlen))) {
|
|
+ sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Final() using algorithm %d returned %d", algorithm, rc);
|
|
+ sqlcipher_openssl_log_errors();
|
|
+ goto error;
|
|
+ }
|
|
+
|
|
+ rc = SQLITE_OK;
|
|
+ goto cleanup;
|
|
+
|
|
+error:
|
|
+ rc = SQLITE_ERROR;
|
|
+
|
|
+cleanup:
|
|
+ if(hctx) HMAC_CTX_free(hctx);
|
|
+
|
|
+#else
|
|
size_t outlen;
|
|
EVP_MAC *mac = NULL;
|
|
EVP_MAC_CTX *hctx = NULL;
|
|
@@ -241,6 +311,8 @@ error:
|
|
cleanup:
|
|
if(hctx) EVP_MAC_CTX_free(hctx);
|
|
if(mac) EVP_MAC_free(mac);
|
|
+
|
|
+#endif
|
|
|
|
return rc;
|
|
}
|