summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--appveyor.yml2
-rw-r--r--debian/changelog7
-rw-r--r--debian/control2
-rw-r--r--debian/patches/01-revert_to_openssl_1.0.diff604
-rw-r--r--debian/patches/series1
-rw-r--r--infrastructure/cmake/CMakeLists.txt21
-rw-r--r--infrastructure/cmake/windows/CMakeLists.txt18
-rwxr-xr-xinfrastructure/travis-build.sh19
-rw-r--r--lib/common/Guards.h5
-rw-r--r--lib/crypto/CipherBlowfish.h2
-rw-r--r--lib/crypto/CipherContext.cpp126
-rw-r--r--lib/crypto/CipherContext.h22
-rw-r--r--lib/crypto/CipherException.txt1
-rw-r--r--lib/server/TLSContext.cpp13
-rw-r--r--test/backupstore/testbackupstore.cpp152
-rw-r--r--test/backupstore/testfiles/encrypted.dirbin0 -> 160 bytes
-rw-r--r--test/crypto/testcrypto.cpp76
-rw-r--r--test/crypto/testfiles/bbackupd.keysbin0 -> 1024 bytes
-rwxr-xr-xtest/crypto/testfiles/bfdlink.h555
-rw-r--r--test/crypto/testfiles/bfdlink.h.encbin0 -> 22592 bytes
20 files changed, 866 insertions, 760 deletions
diff --git a/appveyor.yml b/appveyor.yml
index 093113f7..d75eff77 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -18,7 +18,7 @@ configuration:
environment:
VisualStudioVersion: 11.0
Generator_Base: Visual Studio 11 2012
- OPENSSL_VERSION: 1.0.2f
+ OPENSSL_VERSION: 1.1.0f
PCRE_VERSION: 8.38
CMAKE_UNIBUILD_DIR: '%APPVEYOR_BUILD_FOLDER%\..\cmake'
BOXBACKUP_VERSION_BASE: 0.12
diff --git a/debian/changelog b/debian/changelog
index 821428d5..a181428e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+boxbackup (0.13~~git20180303.g6178fd34-1) unstable; urgency=medium
+
+ * New upstream pre-release (requested by upstream)
+ * Compile against libssl 1.1 (again) (Closes: #870775)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 03 Mar 2018 14:08:09 -0500
+
boxbackup (0.13~~git20180102.g6d7e9562-2) unstable; urgency=medium
* Revert to libssl 1.1 on upstream's request. This will be reverted as
diff --git a/debian/control b/debian/control
index 66bc198e..59f211a7 100644
--- a/debian/control
+++ b/debian/control
@@ -11,7 +11,7 @@ Build-Depends:
docbook-xsl,
libdb-dev (>= 4.7),
libedit-dev,
- libssl1.0-dev,
+ libssl-dev,
libtest-lwp-useragent-perl,
xsltproc,
zlib1g-dev
diff --git a/debian/patches/01-revert_to_openssl_1.0.diff b/debian/patches/01-revert_to_openssl_1.0.diff
deleted file mode 100644
index ff90ba0a..00000000
--- a/debian/patches/01-revert_to_openssl_1.0.diff
+++ /dev/null
@@ -1,604 +0,0 @@
-commit bc48bec97b65534966da74a07ed3edb3f13f6263 (github/revert_openssl_1_1)
-Author: Chris Wilson <chris+github@qwirx.com>
-Date: Sun Feb 25 08:18:34 2018 +0000
-
- Revert "Add support for OpenSSL 1.1 and replace deprecated function calls"
-
- Until shown to be safe. See message from Johann Glaser to the mailing list.
-
- This reverts commit 85e7efc3fa0477f60318d2cd2144503a9ea8feb9.
-
-diff --git a/appveyor.yml b/appveyor.yml
-index d75eff77..093113f7 100644
---- a/appveyor.yml
-+++ b/appveyor.yml
-@@ -18,7 +18,7 @@ configuration:
- environment:
- VisualStudioVersion: 11.0
- Generator_Base: Visual Studio 11 2012
-- OPENSSL_VERSION: 1.1.0f
-+ OPENSSL_VERSION: 1.0.2f
- PCRE_VERSION: 8.38
- CMAKE_UNIBUILD_DIR: '%APPVEYOR_BUILD_FOLDER%\..\cmake'
- BOXBACKUP_VERSION_BASE: 0.12
-diff --git a/infrastructure/cmake/CMakeLists.txt b/infrastructure/cmake/CMakeLists.txt
-index 65f59eb8..25015452 100644
---- a/infrastructure/cmake/CMakeLists.txt
-+++ b/infrastructure/cmake/CMakeLists.txt
-@@ -407,26 +407,7 @@ else()
- endif()
-
- # Link to OpenSSL
--# Workaround for incorrect library suffixes searched by FindOpenSSL:
--# https://gitlab.kitware.com/cmake/cmake/issues/17604
--if(WIN32 AND MSVC)
-- find_package(OpenSSL)
-- set(OPENSSL_SSL_LIBRARY ${SSL_EAY_RELEASE})
-- set(OPENSSL_CRYPTO_LIBRARY ${LIB_EAY_RELEASE})
-- set(OPENSSL_LIBRARIES ${OPENSSL_SSL_LIBRARY} ${OPENSSL_CRYPTO_LIBRARY} crypt32)
-- find_package_handle_standard_args(OpenSSL
-- REQUIRED_VARS
-- OPENSSL_SSL_LIBRARY
-- OPENSSL_CRYPTO_LIBRARY
-- OPENSSL_INCLUDE_DIR
-- VERSION_VAR
-- OPENSSL_VERSION
-- FAIL_MESSAGE
-- "Could NOT find OpenSSL, try to set the path to OpenSSL root folder in the system variable OPENSSL_ROOT_DIR"
-- )
--else()
-- find_package(OpenSSL REQUIRED)
--endif()
-+find_package(OpenSSL REQUIRED)
- include_directories(${OPENSSL_INCLUDE_DIR})
- target_link_libraries(lib_crypto PUBLIC ${OPENSSL_LIBRARIES})
-
-diff --git a/infrastructure/cmake/windows/CMakeLists.txt b/infrastructure/cmake/windows/CMakeLists.txt
-index 49a1ea4d..0fbe35e3 100644
---- a/infrastructure/cmake/windows/CMakeLists.txt
-+++ b/infrastructure/cmake/windows/CMakeLists.txt
-@@ -15,9 +15,9 @@ set(ZLIB_VERSION 1.2.11)
- set(ZLIB_HASH SHA256=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1)
-
- # Version of OpenSSL to download, build, and compile Box Backup against:
--set(OPENSSL_VERSION 1.1.0g)
-+set(OPENSSL_VERSION 1.0.2j)
- # Hash of openssl-${OPENSSL_VERSION}.tar.gz, to be verified after download:
--set(OPENSSL_HASH SHA256=de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af)
-+set(OPENSSL_HASH SHA256=e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431)
-
- # Version of PCRE to download, build, and compile Box Backup against:
- set(PCRE_VERSION 8.39)
-@@ -49,21 +49,15 @@ if(WIN32)
- URL "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz"
- URL_HASH ${OPENSSL_HASH}
- DOWNLOAD_NO_PROGRESS 1
-- CONFIGURE_COMMAND perl Configure debug-VC-WIN32 no-asm no-shared
-- --prefix=${install_dir}
-- --openssldir=etc
-- # Run tests before install, but don't make the main target depend on them, so that
-- # we don't have to run them whenever we build manually on Windows.
-- TEST_BEFORE_INSTALL 1
-- TEST_EXCLUDE_FROM_MAIN 1
-+ CONFIGURE_COMMAND perl Configure debug-VC-WIN32 no-asm --prefix=${install_dir}
-+ COMMAND cmd /c ms\\do_ms.bat
- # You would expect us to use nt.mak to compile a static library here, but mk1mf.pl uses the /MT[d]
- # CRT in that case, which is incompatible with our dynamic runtime, /MD[d]. It seems that the libs
- # built by ntdll.mak, which are compiled with /MD[d], are full libraries and not import libs,
- # so we can link statically against them and still get a dynamic runtime.
- BUILD_IN_SOURCE 1
-- BUILD_COMMAND nmake /s
-- TEST_COMMAND nmake /s test
-- INSTALL_COMMAND nmake /s install
-+ BUILD_COMMAND nmake /s /f ms\\nt.mak
-+ INSTALL_COMMAND nmake /s /f ms\\nt.mak install
- )
- elseif(${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
- ExternalProject_Add(openssl
-diff --git a/lib/crypto/CipherBlowfish.cpp b/lib/crypto/CipherBlowfish.cpp
-index 4c75b1de..e16cc6ed 100644
---- a/lib/crypto/CipherBlowfish.cpp
-+++ b/lib/crypto/CipherBlowfish.cpp
-@@ -206,7 +206,7 @@ void CipherBlowfish::SetupParameters(EVP_CIPHER_CTX *pCipherContext) const
- }
- // Set key
- #ifndef HAVE_OLD_SSL
-- if(EVP_CipherInit_ex(pCipherContext, GetCipher(), NULL, (unsigned char*)mpKey, (unsigned char*)mpInitialisationVector, -1) != 1)
-+ if(EVP_CipherInit_ex(pCipherContext, NULL, NULL, (unsigned char*)mpKey, (unsigned char*)mpInitialisationVector, -1) != 1)
- #else
- if(EVP_CipherInit(pCipherContext, NULL, (unsigned char*)mKey.c_str(), (unsigned char*)mInitialisationVector, -1) != 1)
- #endif
-diff --git a/lib/crypto/CipherContext.cpp b/lib/crypto/CipherContext.cpp
-index 3de88c64..fd149395 100644
---- a/lib/crypto/CipherContext.cpp
-+++ b/lib/crypto/CipherContext.cpp
-@@ -2,7 +2,7 @@
- //
- // File
- // Name: CipherContext.cpp
--// Purpose: Context for symmetric encryption / decryption
-+// Purpose: Context for symmetric encryption / descryption
- // Created: 1/12/03
- //
- // --------------------------------------------------------------------------
-@@ -50,7 +50,7 @@ CipherContext::~CipherContext()
- if(mInitialised)
- {
- // Clean up
-- BOX_OPENSSL_CLEANUP_CTX(ctx);
-+ EVP_CIPHER_CTX_cleanup(&ctx);
- mInitialised = false;
- }
- #ifdef HAVE_OLD_SSL
-@@ -98,7 +98,7 @@ void CipherContext::Init(CipherContext::CipherFunction Function, const CipherDes
- // Check for bad usage
- if(mInitialised)
- {
-- THROW_EXCEPTION(CipherException, AlreadyInitialised);
-+ THROW_EXCEPTION(CipherException, AlreadyInitialised)
- }
- if(Function != Decrypt && Function != Encrypt)
- {
-@@ -109,45 +109,43 @@ void CipherContext::Init(CipherContext::CipherFunction Function, const CipherDes
- mFunction = Function;
-
- // Initialise the cipher
--#ifdef HAVE_OLD_SSL
-- // Use old version of init call
-- if(EVP_CipherInit(&ctx, rDescription.GetCipher(), NULL, NULL,
-+#ifndef HAVE_OLD_SSL
-+ EVP_CIPHER_CTX_init(&ctx); // no error return code, even though the docs says it does
-+
-+ if(EVP_CipherInit_ex(&ctx, rDescription.GetCipher(), NULL, NULL, NULL,
- (mFunction == Encrypt) ? 1 : 0) != 1)
- #else
-- BOX_OPENSSL_INIT_CTX(ctx);
--
-- // Don't set key or IV yet, because we will modify the parameters:
-- if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), rDescription.GetCipher(), NULL, NULL, NULL,
-+ // Use old version of init call
-+ if(EVP_CipherInit(&ctx, rDescription.GetCipher(), NULL, NULL,
- (mFunction == Encrypt) ? 1 : 0) != 1)
- #endif
- {
- THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure,
- "Failed to initialise " << rDescription.GetFullName()
-- << ": " << LogError("initialising cipher"));
-+ << "cipher: " << LogError("initialising cipher"));
- }
-- UsePadding(mPaddingOn);
-
- try
- {
- mCipherName = rDescription.GetFullName();
- #ifndef HAVE_OLD_SSL
- // Let the description set up everything else
-- mpDescription = &rDescription;
-+ rDescription.SetupParameters(&ctx);
- #else
- // With the old version, a copy needs to be taken first.
- mpDescription = rDescription.Clone();
- // Mark it as not a leak, otherwise static cipher contexts
- // cause spurious memory leaks to be reported
- MEMLEAKFINDER_NOT_A_LEAK(mpDescription);
-+ mpDescription->SetupParameters(&ctx);
- #endif
-- mpDescription->SetupParameters(BOX_OPENSSL_CTX(ctx));
- }
- catch(...)
- {
- THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure,
-- "Failed to configure " << mCipherName << ": " <<
-+ "Failed to configure " << mCipherName << " cipher: " <<
- LogError("configuring cipher"));
-- BOX_OPENSSL_CLEANUP_CTX(ctx);
-+ EVP_CIPHER_CTX_cleanup(&ctx);
- throw;
- }
-
-@@ -168,7 +166,7 @@ void CipherContext::Reset()
- if(mInitialised)
- {
- // Clean up
-- EVP_CIPHER_CTX_cleanup(BOX_OPENSSL_CTX(ctx));
-+ EVP_CIPHER_CTX_cleanup(&ctx);
- mInitialised = false;
- }
- #ifdef HAVE_OLD_SSL
-@@ -179,7 +177,6 @@ void CipherContext::Reset()
- }
- #endif
- mWithinTransform = false;
-- mIV.clear();
- }
-
-
-@@ -195,22 +192,24 @@ void CipherContext::Begin()
- {
- if(!mInitialised)
- {
-- THROW_EXCEPTION(CipherException, NotInitialised);
-+ THROW_EXCEPTION(CipherException, NotInitialised)
- }
-
-+ // Warn if in a transformation (not an error, because a context might not have been finalised if an exception occured)
- if(mWithinTransform)
- {
-- THROW_EXCEPTION(CipherException, AlreadyInTransform);
-+ BOX_WARNING("CipherContext::Begin called when context "
-+ "flagged as within a transform");
- }
-
-- if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), NULL, NULL, NULL,
-- (const unsigned char *)(mIV.size() > 0 ? mIV.c_str() : NULL),
-- -1) != 1)
-+ // Initialise the cipher context again
-+ if(EVP_CipherInit(&ctx, NULL, NULL, NULL, -1) != 1)
- {
- THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure,
-- "Failed to set IV for " << mCipherName << ": " << LogError(GetFunction()));
-+ "Failed to reset " << mCipherName << " cipher: " <<
-+ LogError("resetting cipher"));
- }
--
-+
- // Mark as being within a transform
- mWithinTransform = true;
- }
-@@ -252,18 +251,18 @@ int CipherContext::Transform(void *pOutBuffer, int OutLength, const void *pInBuf
- }
-
- // Check output buffer size
-- if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx))))
-+ if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(&ctx)))
- {
- THROW_EXCEPTION(CipherException, OutputBufferTooSmall);
- }
-
- // Do the transform
- int outLength = OutLength;
-- if(EVP_CipherUpdate(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &outLength,
-- (unsigned char*)pInBuffer, InLength) != 1)
-+ if(EVP_CipherUpdate(&ctx, (unsigned char*)pOutBuffer, &outLength, (unsigned char*)pInBuffer, InLength) != 1)
- {
- THROW_EXCEPTION_MESSAGE(CipherException, EVPUpdateFailure,
-- "Failed to update " << mCipherName << ": " << LogError(GetFunction()));
-+ "Failed to " << GetFunction() << " (update) " <<
-+ mCipherName << " cipher: " << LogError(GetFunction()));
- }
-
- return outLength;
-@@ -301,7 +300,7 @@ int CipherContext::Final(void *pOutBuffer, int OutLength)
- }
-
- // Check output buffer size
-- if(OutLength < (2 * EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx))))
-+ if(OutLength < (2 * EVP_CIPHER_CTX_block_size(&ctx)))
- {
- THROW_EXCEPTION(CipherException, OutputBufferTooSmall);
- }
-@@ -309,11 +308,12 @@ int CipherContext::Final(void *pOutBuffer, int OutLength)
- // Do the transform
- int outLength = OutLength;
- #ifndef HAVE_OLD_SSL
-- if(EVP_CipherFinal(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &outLength) != 1)
-+ if(EVP_CipherFinal(&ctx, (unsigned char*)pOutBuffer, &outLength) != 1)
- {
- mWithinTransform = false;
- THROW_EXCEPTION_MESSAGE(CipherException, EVPFinalFailure,
-- "Failed to finalise " << mCipherName << ": " << LogError(GetFunction()));
-+ "Failed to " << GetFunction() << " (final) " <<
-+ mCipherName << " cipher: " << LogError(GetFunction()));
- }
- #else
- OldOpenSSLFinal((unsigned char*)pOutBuffer, outLength);
-@@ -340,11 +340,11 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut)
- // Old version needs to use a different form, and then set up the cipher again for next time around
- int outLength = rOutLengthOut;
- // Have to emulate padding off...
-- int blockSize = EVP_CIPHER_CTX_block_size(ctx);
-+ int blockSize = EVP_CIPHER_CTX_block_size(&ctx);
- if(mPaddingOn)
- {
- // Just use normal final call
-- if(EVP_CipherFinal(ctx, Buffer, &outLength) != 1)
-+ if(EVP_CipherFinal(&ctx, Buffer, &outLength) != 1)
- {
- THROW_EXCEPTION(CipherException, EVPFinalFailure)
- }
-@@ -357,13 +357,13 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut)
- {
- // NASTY -- fiddling around with internals like this is bad.
- // But only way to get this working on old versions of OpenSSL.
-- if(!EVP_EncryptUpdate(ctx,Buffer,&outLength,ctx.buf,0)
-+ if(!EVP_EncryptUpdate(&ctx,Buffer,&outLength,ctx.buf,0)
- || outLength != blockSize)
- {
- THROW_EXCEPTION(CipherException, EVPFinalFailure)
- }
- // Clean up
-- EVP_CIPHER_CTX_free(ctx);
-+ EVP_CIPHER_CTX_cleanup(&ctx);
- }
- else
- {
-@@ -391,14 +391,12 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut)
- }
- }
- // Reinitialise the cipher for the next time around
-- if(EVP_CipherInit_ex(&ctx, mpDescription->GetCipher(), NULL, NULL,
-- (const unsigned char *)(mIV.size() > 0 ? mIV.c_str() : NULL),
-+ if(EVP_CipherInit(&ctx, mpDescription->GetCipher(), NULL, NULL,
- (mFunction == Encrypt) ? 1 : 0) != 1)
- {
- THROW_EXCEPTION(CipherException, EVPInitFailure)
- }
- mpDescription->SetupParameters(&ctx);
-- UsePadding(mPaddingOn);
-
- // Update length for caller
- rOutLengthOut = outLength;
-@@ -423,7 +421,7 @@ int CipherContext::InSizeForOutBufferSize(int OutLength)
-
- // Strictly speaking, the *2 is unnecessary. However...
- // Final() is paranoid, and requires two input blocks of space to work.
-- return OutLength - (EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)) * 2);
-+ return OutLength - (EVP_CIPHER_CTX_block_size(&ctx) * 2);
- }
-
- // --------------------------------------------------------------------------
-@@ -444,7 +442,7 @@ int CipherContext::MaxOutSizeForInBufferSize(int InLength)
-
- // Final() is paranoid, and requires two input blocks of space to work, and so we need to add
- // three blocks on to be absolutely sure.
-- return InLength + (EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)) * 3);
-+ return InLength + (EVP_CIPHER_CTX_block_size(&ctx) * 3);
- }
-
-
-@@ -458,8 +456,20 @@ int CipherContext::MaxOutSizeForInBufferSize(int InLength)
- // --------------------------------------------------------------------------
- int CipherContext::TransformBlock(void *pOutBuffer, int OutLength, const void *pInBuffer, int InLength)
- {
-+ if(!mInitialised)
-+ {
-+ THROW_EXCEPTION(CipherException, NotInitialised)
-+ }
-+
-+ // Warn if in a transformation
-+ if(mWithinTransform)
-+ {
-+ BOX_WARNING("CipherContext::TransformBlock called when "
-+ "context flagged as within a transform");
-+ }
-+
- // Check output buffer size
-- if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx))))
-+ if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(&ctx)))
- {
- // Check if padding is off, in which case the buffer can be smaller
- if(!mPaddingOn && OutLength <= InLength)
-@@ -471,36 +481,40 @@ int CipherContext::TransformBlock(void *pOutBuffer, int OutLength, const void *p
- THROW_EXCEPTION(CipherException, OutputBufferTooSmall);
- }
- }
--
-- Begin();
-+
-+ // Initialise the cipher context again
-+ if(EVP_CipherInit(&ctx, NULL, NULL, NULL, -1) != 1)
-+ {
-+ THROW_EXCEPTION(CipherException, EVPInitFailure)
-+ }
-
- // Do the entire block
-- int output_space_used = OutLength;
-+ int outLength = 0;
-
- // Update
-- if(EVP_CipherUpdate(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &output_space_used,
-- (unsigned char*)pInBuffer, InLength) != 1)
-+ outLength = OutLength;
-+ if(EVP_CipherUpdate(&ctx, (unsigned char*)pOutBuffer, &outLength, (unsigned char*)pInBuffer, InLength) != 1)
- {
- THROW_EXCEPTION_MESSAGE(CipherException, EVPUpdateFailure,
-- "Failed to update " << mCipherName << ": " << LogError(GetFunction()));
-+ "Failed to " << GetFunction() << " (update) " <<
-+ mCipherName << " cipher: " << LogError(GetFunction()));
- }
-
- // Finalise
-- int output_space_remain = OutLength - output_space_used;
--
--#ifdef HAVE_OLD_SSL
-- OldOpenSSLFinal(((unsigned char*)pOutBuffer) + output_space_used, output_space_remain);
--#else
-- if(EVP_CipherFinal(BOX_OPENSSL_CTX(ctx), ((unsigned char*)pOutBuffer) + output_space_used,
-- &output_space_remain) != 1)
-+ int outLength2 = OutLength - outLength;
-+#ifndef HAVE_OLD_SSL
-+ if(EVP_CipherFinal(&ctx, ((unsigned char*)pOutBuffer) + outLength, &outLength2) != 1)
- {
- THROW_EXCEPTION_MESSAGE(CipherException, EVPFinalFailure,
-- "Failed to finalise " << mCipherName << ": " << LogError(GetFunction()));
-+ "Failed to " << GetFunction() << " (final) " <<
-+ mCipherName << " cipher: " << LogError(GetFunction()));
- }
-+#else
-+ OldOpenSSLFinal(((unsigned char*)pOutBuffer) + outLength, outLength2);
- #endif
-+ outLength += outLength2;
-
-- mWithinTransform = false;
-- return output_space_used + output_space_remain;
-+ return outLength;
- }
-
-
-@@ -519,7 +533,7 @@ int CipherContext::GetIVLength()
- THROW_EXCEPTION(CipherException, NotInitialised)
- }
-
-- return EVP_CIPHER_CTX_iv_length(BOX_OPENSSL_CTX(ctx));
-+ return EVP_CIPHER_CTX_iv_length(&ctx);
- }
-
-
-@@ -545,14 +559,12 @@ void CipherContext::SetIV(const void *pIV)
- "flagged as within a transform");
- }
-
-- mIV = std::string((const char *)pIV, GetIVLength());
--
- // Set IV
-- if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), NULL, NULL, NULL,
-- (const unsigned char *)mIV.c_str(), -1) != 1)
-+ if(EVP_CipherInit(&ctx, NULL, NULL, (unsigned char *)pIV, -1) != 1)
- {
- THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure,
-- "Failed to set IV for " << mCipherName << ": " << LogError(GetFunction()));
-+ "Failed to " << GetFunction() << " (set IV) " <<
-+ mCipherName << " cipher: " << LogError(GetFunction()));
- }
-
- #ifdef HAVE_OLD_SSL
-@@ -589,20 +601,19 @@ const void *CipherContext::SetRandomIV(int &rLengthOut)
- }
-
- // Get length of IV
-- uint8_t generated_iv[CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH];
-- unsigned int ivLen = EVP_CIPHER_CTX_iv_length(BOX_OPENSSL_CTX(ctx));
-- if(ivLen > sizeof(generated_iv))
-+ unsigned int ivLen = EVP_CIPHER_CTX_iv_length(&ctx);
-+ if(ivLen > sizeof(mGeneratedIV))
- {
- THROW_EXCEPTION(CipherException, IVSizeImplementationLimitExceeded)
- }
-
- // Generate some random data
-- Random::Generate(generated_iv, ivLen);
-- SetIV(generated_iv);
-+ Random::Generate(mGeneratedIV, ivLen);
-+ SetIV(mGeneratedIV);
-
- // Return the IV and it's length
- rLengthOut = ivLen;
-- return mIV.c_str();
-+ return mGeneratedIV;
- }
-
-
-@@ -617,11 +628,9 @@ const void *CipherContext::SetRandomIV(int &rLengthOut)
- void CipherContext::UsePadding(bool Padding)
- {
- #ifndef HAVE_OLD_SSL
-- if(EVP_CIPHER_CTX_set_padding(BOX_OPENSSL_CTX(ctx), Padding) != 1)
-+ if(EVP_CIPHER_CTX_set_padding(&ctx, Padding) != 1)
- {
-- THROW_EXCEPTION_MESSAGE(CipherException, EVPSetPaddingFailure,
-- "Failed to set padding for " << mCipherName << ": " <<
-- LogError(GetFunction()));
-+ THROW_EXCEPTION(CipherException, EVPSetPaddingFailure)
- }
- #endif
- mPaddingOn = Padding;
-diff --git a/lib/crypto/CipherContext.h b/lib/crypto/CipherContext.h
-index b6e97b4e..93c889d6 100644
---- a/lib/crypto/CipherContext.h
-+++ b/lib/crypto/CipherContext.h
-@@ -19,22 +19,6 @@ class CipherDescription;
-
- #define CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH 32
-
--// Macros to allow compatibility with OpenSSL 1.0 and 1.1 APIs. See
--// https://github.com/charybdis-ircd/charybdis/blob/release/3.5/libratbox/src/openssl_ratbox.h
--// for the gory details.
--#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER >= 0x10100000L) // OpenSSL >= 1.1
--# define BOX_OPENSSL_INIT_CTX(ctx) ctx = EVP_CIPHER_CTX_new();
--# define BOX_OPENSSL_CTX(ctx) ctx
--# define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_free(ctx)
--typedef EVP_CIPHER_CTX* BOX_EVP_CIPHER_CTX;
--#else // OpenSSL < 1.1
--# define BOX_OPENSSL_INIT_CTX(ctx) EVP_CIPHER_CTX_init(&ctx); // no error return code, even though the docs says it does
--# define BOX_OPENSSL_CTX(ctx) &ctx
--# define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_cleanup(&ctx)
--typedef EVP_CIPHER_CTX BOX_EVP_CIPHER_CTX;
--#endif
--
--
- // --------------------------------------------------------------------------
- //
- // Class
-@@ -90,14 +74,16 @@ public:
- #endif
-
- private:
-- BOX_EVP_CIPHER_CTX ctx;
-+ EVP_CIPHER_CTX ctx;
- bool mInitialised;
- bool mWithinTransform;
- bool mPaddingOn;
-+ uint8_t mGeneratedIV[CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH];
- CipherFunction mFunction;
- std::string mCipherName;
-- const CipherDescription *mpDescription;
-- std::string mIV;
-+#ifdef HAVE_OLD_SSL
-+ CipherDescription *mpDescription;
-+#endif
- };
-
-
-diff --git a/lib/crypto/CipherException.txt b/lib/crypto/CipherException.txt
-index 494ed3cc..abdbac87 100644
---- a/lib/crypto/CipherException.txt
-+++ b/lib/crypto/CipherException.txt
-@@ -16,4 +16,3 @@ PseudoRandNotAvailable 12
- EVPSetPaddingFailure 13
- RandomInitFailed 14 Failed to read from random device
- LengthRequestedTooLongForRandomHex 15
--AlreadyInTransform 16 Tried to initialise crypto when already in a transform
-diff --git a/lib/server/TLSContext.cpp b/lib/server/TLSContext.cpp
-index 1a6d4a53..35e254fd 100644
---- a/lib/server/TLSContext.cpp
-+++ b/lib/server/TLSContext.cpp
-@@ -23,17 +23,6 @@
- #define MAX_VERIFICATION_DEPTH 2
- #define CIPHER_LIST "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"
-
--// Macros to allow compatibility with OpenSSL 1.0 and 1.1 APIs. See
--// https://github.com/charybdis-ircd/charybdis/blob/release/3.5/libratbox/src/openssl_ratbox.h
--// for the gory details.
--#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER >= 0x10100000L) // OpenSSL >= 1.1
--# define BOX_TLS_SERVER_METHOD TLS_server_method
--# define BOX_TLS_CLIENT_METHOD TLS_client_method
--#else // OpenSSL < 1.1
--# define BOX_TLS_SERVER_METHOD TLSv1_server_method
--# define BOX_TLS_CLIENT_METHOD TLSv1_client_method
--#endif
--
- // --------------------------------------------------------------------------
- //
- // Function
-@@ -78,7 +67,7 @@ void TLSContext::Initialise(bool AsServer, const char *CertificatesFile, const c
- ::SSL_CTX_free(mpContext);
- }
-
-- mpContext = ::SSL_CTX_new(AsServer ? BOX_TLS_SERVER_METHOD() : BOX_TLS_CLIENT_METHOD());
-+ mpContext = ::SSL_CTX_new(AsServer?TLSv1_server_method():TLSv1_client_method());
- if(mpContext == NULL)
- {
- THROW_EXCEPTION(ServerException, TLSAllocationFailed)
-diff --git a/test/crypto/testcrypto.cpp b/test/crypto/testcrypto.cpp
-index 32d2efb8..4e623cc2 100644
---- a/test/crypto/testcrypto.cpp
-+++ b/test/crypto/testcrypto.cpp
-@@ -266,7 +266,7 @@ int test(int argc, const char *argv[])
- // Check rolling checksums
- uint8_t *checkdata_blk = (uint8_t *)malloc(CHECKSUM_DATA_SIZE);
- uint8_t *checkdata = checkdata_blk;
-- RAND_bytes(checkdata, CHECKSUM_DATA_SIZE);
-+ RAND_pseudo_bytes(checkdata, CHECKSUM_DATA_SIZE);
- for(int size = CHECKSUM_BLOCK_SIZE_BASE; size <= CHECKSUM_BLOCK_SIZE_LAST; ++size)
- {
- // Test skip-roll code
diff --git a/debian/patches/series b/debian/patches/series
index dd9b249c..f52e7b08 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,2 @@
-01-revert_to_openssl_1.0.diff
03-adjust-syslog-facility.diff
05-dont_use_net_for_docs.diff
diff --git a/infrastructure/cmake/CMakeLists.txt b/infrastructure/cmake/CMakeLists.txt
index 25015452..65f59eb8 100644
--- a/infrastructure/cmake/CMakeLists.txt
+++ b/infrastructure/cmake/CMakeLists.txt
@@ -407,7 +407,26 @@ else()
endif()
# Link to OpenSSL
-find_package(OpenSSL REQUIRED)
+# Workaround for incorrect library suffixes searched by FindOpenSSL:
+# https://gitlab.kitware.com/cmake/cmake/issues/17604
+if(WIN32 AND MSVC)
+ find_package(OpenSSL)
+ set(OPENSSL_SSL_LIBRARY ${SSL_EAY_RELEASE})
+ set(OPENSSL_CRYPTO_LIBRARY ${LIB_EAY_RELEASE})
+ set(OPENSSL_LIBRARIES ${OPENSSL_SSL_LIBRARY} ${OPENSSL_CRYPTO_LIBRARY} crypt32)
+ find_package_handle_standard_args(OpenSSL
+ REQUIRED_VARS
+ OPENSSL_SSL_LIBRARY
+ OPENSSL_CRYPTO_LIBRARY
+ OPENSSL_INCLUDE_DIR
+ VERSION_VAR
+ OPENSSL_VERSION
+ FAIL_MESSAGE
+ "Could NOT find OpenSSL, try to set the path to OpenSSL root folder in the system variable OPENSSL_ROOT_DIR"
+ )
+else()
+ find_package(OpenSSL REQUIRED)
+endif()
include_directories(${OPENSSL_INCLUDE_DIR})
target_link_libraries(lib_crypto PUBLIC ${OPENSSL_LIBRARIES})
diff --git a/infrastructure/cmake/windows/CMakeLists.txt b/infrastructure/cmake/windows/CMakeLists.txt
index 0fbe35e3..49a1ea4d 100644
--- a/infrastructure/cmake/windows/CMakeLists.txt
+++ b/infrastructure/cmake/windows/CMakeLists.txt
@@ -15,9 +15,9 @@ set(ZLIB_VERSION 1.2.11)
set(ZLIB_HASH SHA256=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1)
# Version of OpenSSL to download, build, and compile Box Backup against:
-set(OPENSSL_VERSION 1.0.2j)
+set(OPENSSL_VERSION 1.1.0g)
# Hash of openssl-${OPENSSL_VERSION}.tar.gz, to be verified after download:
-set(OPENSSL_HASH SHA256=e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431)
+set(OPENSSL_HASH SHA256=de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af)
# Version of PCRE to download, build, and compile Box Backup against:
set(PCRE_VERSION 8.39)
@@ -49,15 +49,21 @@ if(WIN32)
URL "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz"
URL_HASH ${OPENSSL_HASH}
DOWNLOAD_NO_PROGRESS 1
- CONFIGURE_COMMAND perl Configure debug-VC-WIN32 no-asm --prefix=${install_dir}
- COMMAND cmd /c ms\\do_ms.bat
+ CONFIGURE_COMMAND perl Configure debug-VC-WIN32 no-asm no-shared
+ --prefix=${install_dir}
+ --openssldir=etc
+ # Run tests before install, but don't make the main target depend on them, so that
+ # we don't have to run them whenever we build manually on Windows.
+ TEST_BEFORE_INSTALL 1
+ TEST_EXCLUDE_FROM_MAIN 1
# You would expect us to use nt.mak to compile a static library here, but mk1mf.pl uses the /MT[d]
# CRT in that case, which is incompatible with our dynamic runtime, /MD[d]. It seems that the libs
# built by ntdll.mak, which are compiled with /MD[d], are full libraries and not import libs,
# so we can link statically against them and still get a dynamic runtime.
BUILD_IN_SOURCE 1
- BUILD_COMMAND nmake /s /f ms\\nt.mak
- INSTALL_COMMAND nmake /s /f ms\\nt.mak install
+ BUILD_COMMAND nmake /s
+ TEST_COMMAND nmake /s test
+ INSTALL_COMMAND nmake /s install
)
elseif(${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
ExternalProject_Add(openssl
diff --git a/infrastructure/travis-build.sh b/infrastructure/travis-build.sh
index 74b58a3d..9ee3569e 100755
--- a/infrastructure/travis-build.sh
+++ b/infrastructure/travis-build.sh
@@ -4,11 +4,15 @@ set -e
set -x
if [ "$TRAVIS_OS_NAME" = "osx" ]; then
- brew update
+ # No need to "brew update" first: https://docs.travis-ci.com/user/reference/osx/#Homebrew
+ # brew update
+
# Travis appears to have Boost and OpenSSL installed already:
# brew install boost ccache openssl
- ls /usr/local /usr/local/opt /usr/local/opt/openssl
- brew install ccache
+ ls /usr/local /usr/local/opt /usr/local/opt/openssl /usr/local/opt/openssl@1.1
+
+ # Use OSX builds to test OpenSSL 1.1 compatibility as well:
+ brew install ccache openssl@1.1
fi
ccache -s
@@ -20,7 +24,9 @@ if [ "$BUILD" = 'cmake' ]; then
fi
if [ "$TRAVIS_OS_NAME" = "osx" ]; then
- EXTRA_ARGS="-DOPENSSL_ROOT_DIR=/usr/local/opt/openssl -DBOOST_ROOT=/usr/local/opt/boost"
+ EXTRA_ARGS="
+ -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@1.1
+ -DBOOST_ROOT=/usr/local/opt/boost"
fi
cd `dirname $0`
@@ -33,7 +39,10 @@ if [ "$BUILD" = 'cmake' ]; then
[ "$TEST" = "n" ] || ctest -C $TEST_TARGET -V
else
if [ "$TRAVIS_OS_NAME" = "osx" ]; then
- EXTRA_ARGS="--with-ssl-lib=/usr/local/opt/openssl/lib --with-ssl-headers=/usr/local/opt/openssl/include --with-boost=/usr/local/opt/boost"
+ EXTRA_ARGS="
+ --with-ssl-lib=/usr/local/opt/openssl@1.1/lib
+ --with-ssl-headers=/usr/local/opt/openssl@1.1/include
+ --with-boost=/usr/local/opt/boost"
fi
cd `dirname $0`/..
diff --git a/lib/common/Guards.h b/lib/common/Guards.h
index 46b6d2bd..3637b261 100644
--- a/lib/common/Guards.h
+++ b/lib/common/Guards.h
@@ -110,6 +110,11 @@ public:
return (type)mpBlock;
}
+ int GetSize() const
+ {
+ return mBlockSize;
+ }
+
void Resize(int NewSize)
{
void *ptrn = ::realloc(mpBlock, NewSize);
diff --git a/lib/crypto/CipherBlowfish.h b/lib/crypto/CipherBlowfish.h
index 152a265c..1894e2ac 100644
--- a/lib/crypto/CipherBlowfish.h
+++ b/lib/crypto/CipherBlowfish.h
@@ -41,7 +41,7 @@ public:
virtual std::string GetCipherName() const
{
std::ostringstream out;
- out << "AES";
+ out << "Blowfish";
out << mKeyLength;
return out.str();
}
diff --git a/lib/crypto/CipherContext.cpp b/lib/crypto/CipherContext.cpp
index fd149395..3f9a08b7 100644
--- a/lib/crypto/CipherContext.cpp
+++ b/lib/crypto/CipherContext.cpp
@@ -2,7 +2,7 @@
//
// File
// Name: CipherContext.cpp
-// Purpose: Context for symmetric encryption / descryption
+// Purpose: Context for symmetric encryption / decryption
// Created: 1/12/03
//
// --------------------------------------------------------------------------
@@ -50,7 +50,7 @@ CipherContext::~CipherContext()
if(mInitialised)
{
// Clean up
- EVP_CIPHER_CTX_cleanup(&ctx);
+ BOX_OPENSSL_CLEANUP_CTX(ctx);
mInitialised = false;
}
#ifdef HAVE_OLD_SSL
@@ -98,7 +98,7 @@ void CipherContext::Init(CipherContext::CipherFunction Function, const CipherDes
// Check for bad usage
if(mInitialised)
{
- THROW_EXCEPTION(CipherException, AlreadyInitialised)
+ THROW_EXCEPTION(CipherException, AlreadyInitialised);
}
if(Function != Decrypt && Function != Encrypt)
{
@@ -109,20 +109,21 @@ void CipherContext::Init(CipherContext::CipherFunction Function, const CipherDes
mFunction = Function;
// Initialise the cipher
-#ifndef HAVE_OLD_SSL
- EVP_CIPHER_CTX_init(&ctx); // no error return code, even though the docs says it does
-
- if(EVP_CipherInit_ex(&ctx, rDescription.GetCipher(), NULL, NULL, NULL,
- (mFunction == Encrypt) ? 1 : 0) != 1)
-#else
+#ifdef HAVE_OLD_SSL
// Use old version of init call
if(EVP_CipherInit(&ctx, rDescription.GetCipher(), NULL, NULL,
(mFunction == Encrypt) ? 1 : 0) != 1)
+#else
+ BOX_OPENSSL_INIT_CTX(ctx);
+
+ // Don't set key or IV yet, because we will modify the parameters:
+ if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), rDescription.GetCipher(), NULL, NULL, NULL,
+ (mFunction == Encrypt) ? 1 : 0) != 1)
#endif
{
THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure,
"Failed to initialise " << rDescription.GetFullName()
- << "cipher: " << LogError("initialising cipher"));
+ << ": " << LogError("initialising cipher"));
}
try
@@ -130,22 +131,22 @@ void CipherContext::Init(CipherContext::CipherFunction Function, const CipherDes
mCipherName = rDescription.GetFullName();
#ifndef HAVE_OLD_SSL
// Let the description set up everything else
- rDescription.SetupParameters(&ctx);
+ mpDescription = &rDescription;
#else
// With the old version, a copy needs to be taken first.
mpDescription = rDescription.Clone();
// Mark it as not a leak, otherwise static cipher contexts
// cause spurious memory leaks to be reported
MEMLEAKFINDER_NOT_A_LEAK(mpDescription);
- mpDescription->SetupParameters(&ctx);
#endif
+ mpDescription->SetupParameters(BOX_OPENSSL_CTX(ctx));
}
catch(...)
{
THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure,
- "Failed to configure " << mCipherName << " cipher: " <<
+ "Failed to configure " << mCipherName << ": " <<
LogError("configuring cipher"));
- EVP_CIPHER_CTX_cleanup(&ctx);
+ BOX_OPENSSL_CLEANUP_CTX(ctx);
throw;
}
@@ -166,7 +167,7 @@ void CipherContext::Reset()
if(mInitialised)
{
// Clean up
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_cleanup(BOX_OPENSSL_CTX(ctx));
mInitialised = false;
}
#ifdef HAVE_OLD_SSL
@@ -192,24 +193,21 @@ void CipherContext::Begin()
{
if(!mInitialised)
{
- THROW_EXCEPTION(CipherException, NotInitialised)
+ THROW_EXCEPTION(CipherException, NotInitialised);
}
- // Warn if in a transformation (not an error, because a context might not have been finalised if an exception occured)
if(mWithinTransform)
{
- BOX_WARNING("CipherContext::Begin called when context "
- "flagged as within a transform");
+ THROW_EXCEPTION(CipherException, AlreadyInTransform);
}
- // Initialise the cipher context again
- if(EVP_CipherInit(&ctx, NULL, NULL, NULL, -1) != 1)
+ if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), NULL, NULL, NULL, NULL,
+ -1) != 1)
{
THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure,
- "Failed to reset " << mCipherName << " cipher: " <<
- LogError("resetting cipher"));
+ "Failed to set IV for " << mCipherName << ": " << LogError(GetFunction()));
}
-
+
// Mark as being within a transform
mWithinTransform = true;
}
@@ -251,18 +249,18 @@ int CipherContext::Transform(void *pOutBuffer, int OutLength, const void *pInBuf
}
// Check output buffer size
- if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(&ctx)))
+ if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx))))
{
THROW_EXCEPTION(CipherException, OutputBufferTooSmall);
}
// Do the transform
int outLength = OutLength;
- if(EVP_CipherUpdate(&ctx, (unsigned char*)pOutBuffer, &outLength, (unsigned char*)pInBuffer, InLength) != 1)
+ if(EVP_CipherUpdate(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &outLength,
+ (unsigned char*)pInBuffer, InLength) != 1)
{
THROW_EXCEPTION_MESSAGE(CipherException, EVPUpdateFailure,
- "Failed to " << GetFunction() << " (update) " <<
- mCipherName << " cipher: " << LogError(GetFunction()));
+ "Failed to update " << mCipherName << ": " << LogError(GetFunction()));
}
return outLength;
@@ -300,7 +298,7 @@ int CipherContext::Final(void *pOutBuffer, int OutLength)
}
// Check output buffer size
- if(OutLength < (2 * EVP_CIPHER_CTX_block_size(&ctx)))
+ if(OutLength < (2 * EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx))))
{
THROW_EXCEPTION(CipherException, OutputBufferTooSmall);
}
@@ -308,12 +306,11 @@ int CipherContext::Final(void *pOutBuffer, int OutLength)
// Do the transform
int outLength = OutLength;
#ifndef HAVE_OLD_SSL
- if(EVP_CipherFinal(&ctx, (unsigned char*)pOutBuffer, &outLength) != 1)
+ if(EVP_CipherFinal(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &outLength) != 1)
{
mWithinTransform = false;
THROW_EXCEPTION_MESSAGE(CipherException, EVPFinalFailure,
- "Failed to " << GetFunction() << " (final) " <<
- mCipherName << " cipher: " << LogError(GetFunction()));
+ "Failed to finalise " << mCipherName << ": " << LogError(GetFunction()));
}
#else
OldOpenSSLFinal((unsigned char*)pOutBuffer, outLength);
@@ -340,11 +337,11 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut)
// Old version needs to use a different form, and then set up the cipher again for next time around
int outLength = rOutLengthOut;
// Have to emulate padding off...
- int blockSize = EVP_CIPHER_CTX_block_size(&ctx);
+ int blockSize = EVP_CIPHER_CTX_block_size(ctx);
if(mPaddingOn)
{
// Just use normal final call
- if(EVP_CipherFinal(&ctx, Buffer, &outLength) != 1)
+ if(EVP_CipherFinal(ctx, Buffer, &outLength) != 1)
{
THROW_EXCEPTION(CipherException, EVPFinalFailure)
}
@@ -357,13 +354,13 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut)
{
// NASTY -- fiddling around with internals like this is bad.
// But only way to get this working on old versions of OpenSSL.
- if(!EVP_EncryptUpdate(&ctx,Buffer,&outLength,ctx.buf,0)
+ if(!EVP_EncryptUpdate(ctx,Buffer,&outLength,ctx.buf,0)
|| outLength != blockSize)
{
THROW_EXCEPTION(CipherException, EVPFinalFailure)
}
// Clean up
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_free(ctx);
}
else
{
@@ -391,7 +388,7 @@ void CipherContext::OldOpenSSLFinal(unsigned char *Buffer, int &rOutLengthOut)
}
}
// Reinitialise the cipher for the next time around
- if(EVP_CipherInit(&ctx, mpDescription->GetCipher(), NULL, NULL,
+ if(EVP_CipherInit_ex(&ctx, mpDescription->GetCipher(), NULL, NULL, NULL,
(mFunction == Encrypt) ? 1 : 0) != 1)
{
THROW_EXCEPTION(CipherException, EVPInitFailure)
@@ -421,7 +418,7 @@ int CipherContext::InSizeForOutBufferSize(int OutLength)
// Strictly speaking, the *2 is unnecessary. However...
// Final() is paranoid, and requires two input blocks of space to work.
- return OutLength - (EVP_CIPHER_CTX_block_size(&ctx) * 2);
+ return OutLength - (EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)) * 2);
}
// --------------------------------------------------------------------------
@@ -442,7 +439,7 @@ int CipherContext::MaxOutSizeForInBufferSize(int InLength)
// Final() is paranoid, and requires two input blocks of space to work, and so we need to add
// three blocks on to be absolutely sure.
- return InLength + (EVP_CIPHER_CTX_block_size(&ctx) * 3);
+ return InLength + (EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx)) * 3);
}
@@ -460,7 +457,7 @@ int CipherContext::TransformBlock(void *pOutBuffer, int OutLength, const void *p
{
THROW_EXCEPTION(CipherException, NotInitialised)
}
-
+
// Warn if in a transformation
if(mWithinTransform)
{
@@ -469,7 +466,7 @@ int CipherContext::TransformBlock(void *pOutBuffer, int OutLength, const void *p
}
// Check output buffer size
- if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(&ctx)))
+ if(OutLength < (InLength + EVP_CIPHER_CTX_block_size(BOX_OPENSSL_CTX(ctx))))
{
// Check if padding is off, in which case the buffer can be smaller
if(!mPaddingOn && OutLength <= InLength)
@@ -481,40 +478,40 @@ int CipherContext::TransformBlock(void *pOutBuffer, int OutLength, const void *p
THROW_EXCEPTION(CipherException, OutputBufferTooSmall);
}
}
-
+
// Initialise the cipher context again
- if(EVP_CipherInit(&ctx, NULL, NULL, NULL, -1) != 1)
+ if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), NULL, NULL, NULL, NULL, -1) != 1)
{
THROW_EXCEPTION(CipherException, EVPInitFailure)
}
// Do the entire block
- int outLength = 0;
+ int output_space_used = OutLength;
// Update
- outLength = OutLength;
- if(EVP_CipherUpdate(&ctx, (unsigned char*)pOutBuffer, &outLength, (unsigned char*)pInBuffer, InLength) != 1)
+ if(EVP_CipherUpdate(BOX_OPENSSL_CTX(ctx), (unsigned char*)pOutBuffer, &output_space_used,
+ (unsigned char*)pInBuffer, InLength) != 1)
{
THROW_EXCEPTION_MESSAGE(CipherException, EVPUpdateFailure,
- "Failed to " << GetFunction() << " (update) " <<
- mCipherName << " cipher: " << LogError(GetFunction()));
+ "Failed to update " << mCipherName << ": " << LogError(GetFunction()));
}
// Finalise
- int outLength2 = OutLength - outLength;
-#ifndef HAVE_OLD_SSL
- if(EVP_CipherFinal(&ctx, ((unsigned char*)pOutBuffer) + outLength, &outLength2) != 1)
+ int output_space_remain = OutLength - output_space_used;
+
+#ifdef HAVE_OLD_SSL
+ OldOpenSSLFinal(((unsigned char*)pOutBuffer) + output_space_used, output_space_remain);
+#else
+ if(EVP_CipherFinal(BOX_OPENSSL_CTX(ctx), ((unsigned char*)pOutBuffer) + output_space_used,
+ &output_space_remain) != 1)
{
THROW_EXCEPTION_MESSAGE(CipherException, EVPFinalFailure,
- "Failed to " << GetFunction() << " (final) " <<
- mCipherName << " cipher: " << LogError(GetFunction()));
+ "Failed to finalise " << mCipherName << ": " << LogError(GetFunction()));
}
-#else
- OldOpenSSLFinal(((unsigned char*)pOutBuffer) + outLength, outLength2);
#endif
- outLength += outLength2;
- return outLength;
+ mWithinTransform = false;
+ return output_space_used + output_space_remain;
}
@@ -533,7 +530,7 @@ int CipherContext::GetIVLength()
THROW_EXCEPTION(CipherException, NotInitialised)
}
- return EVP_CIPHER_CTX_iv_length(&ctx);
+ return EVP_CIPHER_CTX_iv_length(BOX_OPENSSL_CTX(ctx));
}
@@ -560,11 +557,10 @@ void CipherContext::SetIV(const void *pIV)
}
// Set IV
- if(EVP_CipherInit(&ctx, NULL, NULL, (unsigned char *)pIV, -1) != 1)
+ if(EVP_CipherInit_ex(BOX_OPENSSL_CTX(ctx), NULL, NULL, NULL, (unsigned char *)pIV, -1) != 1)
{
THROW_EXCEPTION_MESSAGE(CipherException, EVPInitFailure,
- "Failed to " << GetFunction() << " (set IV) " <<
- mCipherName << " cipher: " << LogError(GetFunction()));
+ "Failed to set IV for " << mCipherName << ": " << LogError(GetFunction()));
}
#ifdef HAVE_OLD_SSL
@@ -601,7 +597,7 @@ const void *CipherContext::SetRandomIV(int &rLengthOut)
}
// Get length of IV
- unsigned int ivLen = EVP_CIPHER_CTX_iv_length(&ctx);
+ unsigned int ivLen = EVP_CIPHER_CTX_iv_length(BOX_OPENSSL_CTX(ctx));
if(ivLen > sizeof(mGeneratedIV))
{
THROW_EXCEPTION(CipherException, IVSizeImplementationLimitExceeded)
@@ -628,9 +624,11 @@ const void *CipherContext::SetRandomIV(int &rLengthOut)
void CipherContext::UsePadding(bool Padding)
{
#ifndef HAVE_OLD_SSL
- if(EVP_CIPHER_CTX_set_padding(&ctx, Padding) != 1)
+ if(EVP_CIPHER_CTX_set_padding(BOX_OPENSSL_CTX(ctx), Padding) != 1)
{
- THROW_EXCEPTION(CipherException, EVPSetPaddingFailure)
+ THROW_EXCEPTION_MESSAGE(CipherException, EVPSetPaddingFailure,
+ "Failed to set padding for " << mCipherName << ": " <<
+ LogError(GetFunction()));
}
#endif
mPaddingOn = Padding;
diff --git a/lib/crypto/CipherContext.h b/lib/crypto/CipherContext.h
index 93c889d6..a0e45266 100644
--- a/lib/crypto/CipherContext.h
+++ b/lib/crypto/CipherContext.h
@@ -19,6 +19,22 @@ class CipherDescription;
#define CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH 32
+// Macros to allow compatibility with OpenSSL 1.0 and 1.1 APIs. See
+// https://github.com/charybdis-ircd/charybdis/blob/release/3.5/libratbox/src/openssl_ratbox.h
+// for the gory details.
+#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER >= 0x10100000L) // OpenSSL >= 1.1
+# define BOX_OPENSSL_INIT_CTX(ctx) ctx = EVP_CIPHER_CTX_new();
+# define BOX_OPENSSL_CTX(ctx) ctx
+# define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_free(ctx)
+typedef EVP_CIPHER_CTX* BOX_EVP_CIPHER_CTX;
+#else // OpenSSL < 1.1
+# define BOX_OPENSSL_INIT_CTX(ctx) EVP_CIPHER_CTX_init(&ctx); // no error return code, even though the docs says it does
+# define BOX_OPENSSL_CTX(ctx) &ctx
+# define BOX_OPENSSL_CLEANUP_CTX(ctx) EVP_CIPHER_CTX_cleanup(&ctx)
+typedef EVP_CIPHER_CTX BOX_EVP_CIPHER_CTX;
+#endif
+
+
// --------------------------------------------------------------------------
//
// Class
@@ -74,16 +90,14 @@ public:
#endif
private:
- EVP_CIPHER_CTX ctx;
+ BOX_EVP_CIPHER_CTX ctx;
bool mInitialised;
bool mWithinTransform;
bool mPaddingOn;
uint8_t mGeneratedIV[CIPHERCONTEXT_MAX_GENERATED_IV_LENGTH];
CipherFunction mFunction;
std::string mCipherName;
-#ifdef HAVE_OLD_SSL
- CipherDescription *mpDescription;
-#endif
+ const CipherDescription *mpDescription;
};
diff --git a/lib/crypto/CipherException.txt b/lib/crypto/CipherException.txt
index abdbac87..494ed3cc 100644
--- a/lib/crypto/CipherException.txt
+++ b/lib/crypto/CipherException.txt
@@ -16,3 +16,4 @@ PseudoRandNotAvailable 12
EVPSetPaddingFailure 13
RandomInitFailed 14 Failed to read from random device
LengthRequestedTooLongForRandomHex 15
+AlreadyInTransform 16 Tried to initialise crypto when already in a transform
diff --git a/lib/server/TLSContext.cpp b/lib/server/TLSContext.cpp
index 35e254fd..1a6d4a53 100644
--- a/lib/server/TLSContext.cpp
+++ b/lib/server/TLSContext.cpp
@@ -23,6 +23,17 @@
#define MAX_VERIFICATION_DEPTH 2
#define CIPHER_LIST "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"
+// Macros to allow compatibility with OpenSSL 1.0 and 1.1 APIs. See
+// https://github.com/charybdis-ircd/charybdis/blob/release/3.5/libratbox/src/openssl_ratbox.h
+// for the gory details.
+#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER >= 0x10100000L) // OpenSSL >= 1.1
+# define BOX_TLS_SERVER_METHOD TLS_server_method
+# define BOX_TLS_CLIENT_METHOD TLS_client_method
+#else // OpenSSL < 1.1
+# define BOX_TLS_SERVER_METHOD TLSv1_server_method
+# define BOX_TLS_CLIENT_METHOD TLSv1_client_method
+#endif
+
// --------------------------------------------------------------------------
//
// Function
@@ -67,7 +78,7 @@ void TLSContext::Initialise(bool AsServer, const char *CertificatesFile, const c
::SSL_CTX_free(mpContext);
}
- mpContext = ::SSL_CTX_new(AsServer?TLSv1_server_method():TLSv1_client_method());
+ mpContext = ::SSL_CTX_new(AsServer ? BOX_TLS_SERVER_METHOD() : BOX_TLS_CLIENT_METHOD());
if(mpContext == NULL)
{
THROW_EXCEPTION(ServerException, TLSAllocationFailed)
diff --git a/test/backupstore/testbackupstore.cpp b/test/backupstore/testbackupstore.cpp
index 6441d66c..891d1461 100644
--- a/test/backupstore/testbackupstore.cpp
+++ b/test/backupstore/testbackupstore.cpp
@@ -274,81 +274,95 @@ bool test_filename_encoding()
SETUP_TEST_BACKUPSTORE();
// test some basics -- encoding and decoding filenames
+
+ // Make some filenames in various ways
+ BackupStoreFilenameClear fn1;
+ fn1.SetClearFilename(std::string("filenameXYZ"));
+ BackupStoreFilenameClear fn2(std::string("filenameXYZ"));
+ BackupStoreFilenameClear fn3(fn1);
+ TEST_THAT(fn1 == fn2);
+ TEST_THAT(fn1 == fn3);
+
+ // Check that it's been encrypted
+ std::string name(fn2.GetEncodedFilename());
+ TEST_THAT(name.find("name") == name.npos);
+
+ // Bung it in a stream, get it out in a Clear filename
{
- // Make some filenames in various ways
- BackupStoreFilenameClear fn1;
- fn1.SetClearFilename(std::string("filenameXYZ"));
- BackupStoreFilenameClear fn2(std::string("filenameXYZ"));
- BackupStoreFilenameClear fn3(fn1);
- TEST_THAT(fn1 == fn2);
- TEST_THAT(fn1 == fn3);
+ CollectInBufferStream stream;
+ fn1.WriteToStream(stream);
+ stream.SetForReading();
+ BackupStoreFilenameClear fn4;
+ fn4.ReadFromStream(stream, IOStream::TimeOutInfinite);
+ TEST_THAT(fn4.GetClearFilename() == "filenameXYZ");
+ TEST_THAT(fn4 == fn1);
+ }
- // Check that it's been encrypted
- std::string name(fn2.GetEncodedFilename());
- TEST_THAT(name.find("name") == name.npos);
+ // Bung it in a stream, get it out in a server non-Clear filename (two of them into the same var)
+ {
+ BackupStoreFilenameClear fno("pinglet dksfnsf jksjdf ");
+ CollectInBufferStream stream;
+ fn1.WriteToStream(stream);
+ fno.WriteToStream(stream);
+ stream.SetForReading();
+ BackupStoreFilename fn5;
+ fn5.ReadFromStream(stream, IOStream::TimeOutInfinite);
+ TEST_THAT(fn5 == fn1);
+ fn5.ReadFromStream(stream, IOStream::TimeOutInfinite);
+ TEST_THAT(fn5 == fno);
+ }
- // Bung it in a stream, get it out in a Clear filename
- {
- CollectInBufferStream stream;
- fn1.WriteToStream(stream);
- stream.SetForReading();
- BackupStoreFilenameClear fn4;
- fn4.ReadFromStream(stream, IOStream::TimeOutInfinite);
- TEST_THAT(fn4.GetClearFilename() == "filenameXYZ");
- TEST_THAT(fn4 == fn1);
- }
+ // Same again with clear strings
+ {
+ BackupStoreFilenameClear fno("pinglet dksfnsf jksjdf ");
+ CollectInBufferStream stream;
+ fn1.WriteToStream(stream);
+ fno.WriteToStream(stream);
+ stream.SetForReading();
+ BackupStoreFilenameClear fn5;
+ fn5.ReadFromStream(stream, IOStream::TimeOutInfinite);
+ TEST_THAT(fn5.GetClearFilename() == "filenameXYZ");
+ fn5.ReadFromStream(stream, IOStream::TimeOutInfinite);
+ TEST_THAT(fn5.GetClearFilename() == "pinglet dksfnsf jksjdf ");
+ }
- // Bung it in a stream, get it out in a server non-Clear filename (two of them into the same var)
- {
- BackupStoreFilenameClear fno("pinglet dksfnsf jksjdf ");
- CollectInBufferStream stream;
- fn1.WriteToStream(stream);
- fno.WriteToStream(stream);
- stream.SetForReading();
- BackupStoreFilename fn5;
- fn5.ReadFromStream(stream, IOStream::TimeOutInfinite);
- TEST_THAT(fn5 == fn1);
- fn5.ReadFromStream(stream, IOStream::TimeOutInfinite);
- TEST_THAT(fn5 == fno);
- }
+ // Test a very big filename
+ {
+ const char *fnr = "01234567890123456789012345678901234567890123456789"
+ "01234567890123456789012345678901234567890123456789"
+ "01234567890123456789012345678901234567890123456789"
+ "01234567890123456789012345678901234567890123456789"
+ "01234567890123456789012345678901234567890123456789"
+ "01234567890123456789012345678901234567890123456789"
+ "01234567890123456789012345678901234567890123456789"
+ "01234567890123456789012345678901234567890123456789";
+ BackupStoreFilenameClear fnLong(fnr);
+ CollectInBufferStream stream;
+ fnLong.WriteToStream(stream);
+ stream.SetForReading();
+ BackupStoreFilenameClear fn9;
+ fn9.ReadFromStream(stream, IOStream::TimeOutInfinite);
+ TEST_THAT(fn9.GetClearFilename() == fnr);
+ TEST_THAT(fn9 == fnLong);
+ }
- // Same again with clear strings
- {
- BackupStoreFilenameClear fno("pinglet dksfnsf jksjdf ");
- CollectInBufferStream stream;
- fn1.WriteToStream(stream);
- fno.WriteToStream(stream);
- stream.SetForReading();
- BackupStoreFilenameClear fn5;
- fn5.ReadFromStream(stream, IOStream::TimeOutInfinite);
- TEST_THAT(fn5.GetClearFilename() == "filenameXYZ");
- fn5.ReadFromStream(stream, IOStream::TimeOutInfinite);
- TEST_THAT(fn5.GetClearFilename() == "pinglet dksfnsf jksjdf ");
- }
-
- // Test a very big filename
- {
- const char *fnr = "01234567890123456789012345678901234567890123456789"
- "01234567890123456789012345678901234567890123456789"
- "01234567890123456789012345678901234567890123456789"
- "01234567890123456789012345678901234567890123456789"
- "01234567890123456789012345678901234567890123456789"
- "01234567890123456789012345678901234567890123456789"
- "01234567890123456789012345678901234567890123456789"
- "01234567890123456789012345678901234567890123456789";
- BackupStoreFilenameClear fnLong(fnr);
- CollectInBufferStream stream;
- fnLong.WriteToStream(stream);
- stream.SetForReading();
- BackupStoreFilenameClear fn9;
- fn9.ReadFromStream(stream, IOStream::TimeOutInfinite);
- TEST_THAT(fn9.GetClearFilename() == fnr);
- TEST_THAT(fn9 == fnLong);
- }
+ // Test a filename which went wrong once
+ {
+ BackupStoreFilenameClear dodgy("content-negotiation.html");
+ }
- // Test a filename which went wrong once
- {
- BackupStoreFilenameClear dodgy("content-negotiation.html");
+ // Test that we can decrypt filenames in a previously-encrypted directory, to detect
+ // regressions of the encryption setup:
+ {
+ FileStream dir_file("testfiles/encrypted.dir");
+ BackupStoreDirectory dir(dir_file);
+ TEST_EQUAL(2, dir.GetNumberOfEntries());
+ BackupStoreDirectory::Entry* en = dir.FindEntryByID(0x2);
+ TEST_THAT(en != NULL);
+ if(en)
+ {
+ BackupStoreFilenameClear clear(en->GetName());
+ TEST_EQUAL("lovely_directory", clear.GetClearFilename());
}
}
diff --git a/test/backupstore/testfiles/encrypted.dir b/test/backupstore/testfiles/encrypted.dir
new file mode 100644
index 00000000..db46feca
--- /dev/null
+++ b/test/backupstore/testfiles/encrypted.dir
Binary files differ
diff --git a/test/crypto/testcrypto.cpp b/test/crypto/testcrypto.cpp
index 4e623cc2..200bdd0f 100644
--- a/test/crypto/testcrypto.cpp
+++ b/test/crypto/testcrypto.cpp
@@ -12,13 +12,15 @@
#include <string.h>
#include <openssl/rand.h>
-#include "Test.h"
#include "CipherContext.h"
#include "CipherBlowfish.h"
#include "CipherAES.h"
#include "CipherException.h"
+#include "CollectInBufferStream.h"
+#include "Guards.h"
#include "RollingChecksum.h"
#include "Random.h"
+#include "Test.h"
#include "MemLeakFindOn.h"
@@ -33,6 +35,12 @@
#define CHECKSUM_BLOCK_SIZE_LAST (CHECKSUM_BLOCK_SIZE_BASE + 64)
#define CHECKSUM_ROLLS 16
+// Copied from BackupClientCryptoKeys.h
+#define BACKUPCRYPTOKEYS_FILENAME_KEY_START 0
+#define BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH 56
+#define BACKUPCRYPTOKEYS_FILENAME_IV_START (0 + BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH)
+#define BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH 8
+
void check_random_int(uint32_t max)
{
for(int c = 0; c < 1024; ++c)
@@ -262,11 +270,75 @@ int test(int argc, const char *argv[])
::printf("Skipping AES -- not supported by version of OpenSSL in use.\n");
#endif
+ // Test with known plaintext and ciphertext (correct algorithm used, etc)
+ {
+ FileStream keyfile("testfiles/bbackupd.keys");
+ // Ideally we would use a 448 bit (56 byte) key here, since that's what we do in
+ // real life, but unfortunately the OpenSSL command-line tool only supports 128-bit
+ // Blowfish keys, so it's hard to generate a reference ciphertext unless we restrict
+ // ourselves to what OpenSSL can support too.
+ // https://security.stackexchange.com/questions/25393/openssl-blowfish-key-limited-to-256-bits
+ char key[16], iv[BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH];
+
+ if(!keyfile.ReadFullBuffer(key, sizeof(key), 0))
+ {
+ TEST_FAIL_WITH_MESSAGE("Failed to read full key length from file");
+ }
+
+ keyfile.Seek(BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH, IOStream::SeekType_Absolute);
+ if(!keyfile.ReadFullBuffer(iv, sizeof(iv), 0))
+ {
+ TEST_FAIL_WITH_MESSAGE("Failed to read full IV length from file");
+ }
+
+ CipherContext encryptor;
+ CipherContext decryptor;
+
+ encryptor.Reset();
+ encryptor.Init(CipherContext::Encrypt, CipherBlowfish(CipherDescription::Mode_CBC, key, sizeof(key)));
+ ASSERT(encryptor.GetIVLength() == sizeof(iv));
+ encryptor.SetIV(iv);
+
+ decryptor.Reset();
+ decryptor.Init(CipherContext::Decrypt, CipherBlowfish(CipherDescription::Mode_CBC, key, sizeof(key)));
+ ASSERT(decryptor.GetIVLength() == sizeof(iv));
+ decryptor.SetIV(iv);
+
+ // The encrypted file bfdlink.h.enc was generated with the following command:
+ // key=`dd if=bbackupd.keys bs=1 count=16 | hexdump -e '/1 "%02x"'`
+ // iv=`dd if=bbackupd.keys bs=1 skip=56 count=8 | hexdump -e '/1 "%02x"'`
+ // openssl enc -bf -in bfdlink.h -K $key -iv $iv
+ // And has MD5 checksum 586b65fdd07474bc139c0795d344d8ad
+ FileStream plaintext_file("testfiles/bfdlink.h", O_RDONLY);
+ FileStream ciphertext_file("testfiles/bfdlink.h.enc", O_RDONLY);
+
+ CollectInBufferStream plaintext, ciphertext;
+ plaintext_file.CopyStreamTo(plaintext);
+ ciphertext_file.CopyStreamTo(ciphertext);
+ plaintext.SetForReading();
+ ciphertext.SetForReading();
+
+ MemoryBlockGuard<void *> encrypted(
+ encryptor.MaxOutSizeForInBufferSize(ciphertext.GetSize()));
+
+ int encrypted_size = encryptor.TransformBlock(encrypted.GetPtr(),
+ encrypted.GetSize(), plaintext.GetBuffer(), plaintext.GetSize());
+ TEST_EQUAL(ciphertext.GetSize(), encrypted_size);
+ TEST_EQUAL(0, memcmp(encrypted.GetPtr(), ciphertext.GetBuffer(), encrypted_size));
+
+ MemoryBlockGuard<void *> decrypted(ciphertext.GetSize() + 16);
+
+ int decrypted_size = decryptor.TransformBlock(decrypted.GetPtr(),
+ decrypted.GetSize(), encrypted.GetPtr(), encrypted_size);
+ TEST_EQUAL(plaintext.GetSize(), decrypted_size);
+ TEST_EQUAL(0, memcmp(decrypted.GetPtr(), plaintext.GetBuffer(), decrypted_size));
+ }
+
::printf("Misc...\n");
// Check rolling checksums
uint8_t *checkdata_blk = (uint8_t *)malloc(CHECKSUM_DATA_SIZE);
uint8_t *checkdata = checkdata_blk;
- RAND_pseudo_bytes(checkdata, CHECKSUM_DATA_SIZE);
+ RAND_bytes(checkdata, CHECKSUM_DATA_SIZE);
for(int size = CHECKSUM_BLOCK_SIZE_BASE; size <= CHECKSUM_BLOCK_SIZE_LAST; ++size)
{
// Test skip-roll code
diff --git a/test/crypto/testfiles/bbackupd.keys b/test/crypto/testfiles/bbackupd.keys
new file mode 100644
index 00000000..4c58fc22
--- /dev/null
+++ b/test/crypto/testfiles/bbackupd.keys
Binary files differ
diff --git a/test/crypto/testfiles/bfdlink.h b/test/crypto/testfiles/bfdlink.h
new file mode 100755
index 00000000..29eeb661
--- /dev/null
+++ b/test/crypto/testfiles/bfdlink.h
@@ -0,0 +1,555 @@
+/* bfdlink.h -- header file for BFD link routines
+ Copyright 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000
+ Free Software Foundation, Inc.
+ Written by Steve Chamberlain and Ian Lance Taylor, Cygnus Support.
+
+This file is part of BFD, the Binary File Descriptor library.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
+
+#ifndef BFDLINK_H
+#define BFDLINK_H
+
+/* Which symbols to strip during a link. */
+enum bfd_link_strip
+{
+ strip_none, /* Don't strip any symbols. */
+ strip_debugger, /* Strip debugging symbols. */
+ strip_some, /* keep_hash is the list of symbols to keep. */
+ strip_all /* Strip all symbols. */
+};
+
+/* Which local symbols to discard during a link. This is irrelevant
+ if strip_all is used. */
+enum bfd_link_discard
+{
+ discard_none, /* Don't discard any locals. */
+ discard_l, /* Discard local temporary symbols. */
+ discard_all /* Discard all locals. */
+};
+
+/* These are the possible types of an entry in the BFD link hash
+ table. */
+
+enum bfd_link_hash_type
+{
+ bfd_link_hash_new, /* Symbol is new. */
+ bfd_link_hash_undefined, /* Symbol seen before, but undefined. */
+ bfd_link_hash_undefweak, /* Symbol is weak and undefined. */
+ bfd_link_hash_defined, /* Symbol is defined. */
+ bfd_link_hash_defweak, /* Symbol is weak and defined. */
+ bfd_link_hash_common, /* Symbol is common. */
+ bfd_link_hash_indirect, /* Symbol is an indirect link. */
+ bfd_link_hash_warning /* Like indirect, but warn if referenced. */
+};
+
+/* The linking routines use a hash table which uses this structure for
+ its elements. */
+
+struct bfd_link_hash_entry
+{
+ /* Base hash table entry structure. */
+ struct bfd_hash_entry root;
+ /* Type of this entry. */
+ enum bfd_link_hash_type type;
+
+ /* Undefined and common symbols are kept in a linked list through
+ this field. This field is not in the union because that would
+ force us to remove entries from the list when we changed their
+ type, which would force the list to be doubly linked, which would
+ waste more memory. When an undefined or common symbol is
+ created, it should be added to this list, the head of which is in
+ the link hash table itself. As symbols are defined, they need
+ not be removed from the list; anything which reads the list must
+ doublecheck the symbol type.
+
+ Weak symbols are not kept on this list.
+
+ Defined and defweak symbols use this field as a reference marker.
+ If the field is not NULL, or this structure is the tail of the
+ undefined symbol list, the symbol has been referenced. If the
+ symbol is undefined and becomes defined, this field will
+ automatically be non-NULL since the symbol will have been on the
+ undefined symbol list. */
+ struct bfd_link_hash_entry *next;
+ /* A union of information depending upon the type. */
+ union
+ {
+ /* Nothing is kept for bfd_hash_new. */
+ /* bfd_link_hash_undefined, bfd_link_hash_undefweak. */
+ struct
+ {
+ bfd *abfd; /* BFD symbol was found in. */
+ } undef;
+ /* bfd_link_hash_defined, bfd_link_hash_defweak. */
+ struct
+ {
+ bfd_vma value; /* Symbol value. */
+ asection *section; /* Symbol section. */
+ } def;
+ /* bfd_link_hash_indirect, bfd_link_hash_warning. */
+ struct
+ {
+ struct bfd_link_hash_entry *link; /* Real symbol. */
+ const char *warning; /* Warning (bfd_link_hash_warning only). */
+ } i;
+ /* bfd_link_hash_common. */
+ struct
+ {
+ /* The linker needs to know three things about common
+ symbols: the size, the alignment, and the section in
+ which the symbol should be placed. We store the size
+ here, and we allocate a small structure to hold the
+ section and the alignment. The alignment is stored as a
+ power of two. We don't store all the information
+ directly because we don't want to increase the size of
+ the union; this structure is a major space user in the
+ linker. */
+ bfd_size_type size; /* Common symbol size. */
+ struct bfd_link_hash_common_entry
+ {
+ unsigned int alignment_power; /* Alignment. */
+ asection *section; /* Symbol section. */
+ } *p;
+ } c;
+ } u;
+};
+
+/* This is the link hash table. It is a derived class of
+ bfd_hash_table. */
+
+struct bfd_link_hash_table
+{
+ /* The hash table itself. */
+ struct bfd_hash_table table;
+ /* The back end which created this hash table. This indicates the
+ type of the entries in the hash table, which is sometimes
+ important information when linking object files of different
+ types together. */
+ const bfd_target *creator;
+ /* A linked list of undefined and common symbols, linked through the
+ next field in the bfd_link_hash_entry structure. */
+ struct bfd_link_hash_entry *undefs;
+ /* Entries are added to the tail of the undefs list. */
+ struct bfd_link_hash_entry *undefs_tail;
+};
+
+/* Look up an entry in a link hash table. If FOLLOW is true, this
+ follows bfd_link_hash_indirect and bfd_link_hash_warning links to
+ the real symbol. */
+extern struct bfd_link_hash_entry *bfd_link_hash_lookup
+ PARAMS ((struct bfd_link_hash_table *, const char *, boolean create,
+ boolean copy, boolean follow));
+
+/* Look up an entry in the main linker hash table if the symbol might
+ be wrapped. This should only be used for references to an
+ undefined symbol, not for definitions of a symbol. */
+
+extern struct bfd_link_hash_entry *bfd_wrapped_link_hash_lookup
+ PARAMS ((bfd *, struct bfd_link_info *, const char *, boolean, boolean,
+ boolean));
+
+/* Traverse a link hash table. */
+extern void bfd_link_hash_traverse
+ PARAMS ((struct bfd_link_hash_table *,
+ boolean (*) (struct bfd_link_hash_entry *, PTR),
+ PTR));
+
+/* Add an entry to the undefs list. */
+extern void bfd_link_add_undef
+ PARAMS ((struct bfd_link_hash_table *, struct bfd_link_hash_entry *));
+
+/* This structure holds all the information needed to communicate
+ between BFD and the linker when doing a link. */
+
+struct bfd_link_info
+{
+ /* Function callbacks. */
+ const struct bfd_link_callbacks *callbacks;
+ /* true if BFD should generate a relocateable object file. */
+ boolean relocateable;
+ /* true if BFD should generate relocation information in the final executable. */
+ boolean emitrelocations;
+ /* true if BFD should generate a "task linked" object file,
+ similar to relocatable but also with globals converted to statics. */
+ boolean task_link;
+ /* true if BFD should generate a shared object. */
+ boolean shared;
+ /* true if BFD should pre-bind symbols in a shared object. */
+ boolean symbolic;
+ /* true if shared objects should be linked directly, not shared. */
+ boolean static_link;
+ /* true if the output file should be in a traditional format. This
+ is equivalent to the setting of the BFD_TRADITIONAL_FORMAT flag
+ on the output file, but may be checked when reading the input
+ files. */
+ boolean traditional_format;
+ /* true if we want to produced optimized output files. This might
+ need much more time and therefore must be explicitly selected. */
+ boolean optimize;
+ /* true if BFD should generate errors for undefined symbols
+ even if generating a shared object. */
+ boolean no_undefined;
+ /* true if BFD should allow undefined symbols in shared objects even
+ when no_undefined is set to disallow undefined symbols. The net
+ result will be that undefined symbols in regular objects will
+ still trigger an error, but undefined symbols in shared objects
+ will be ignored. The implementation of no_undefined makes the
+ assumption that the runtime linker will choke on undefined
+ symbols. However there is at least one system (BeOS) where
+ undefined symbols in shared libraries is normal since the kernel
+ patches them at load time to select which function is most
+ appropriate for the current architecture. I.E. dynamically
+ select an appropriate memset function. Apparently it is also
+ normal for HPPA shared libraries to have undefined symbols. */
+ boolean allow_shlib_undefined;
+ /* Which symbols to strip. */
+ enum bfd_link_strip strip;
+ /* Which local symbols to discard. */
+ enum bfd_link_discard discard;
+ /* true if symbols should be retained in memory, false if they
+ should be freed and reread. */
+ boolean keep_memory;
+ /* The list of input BFD's involved in the link. These are chained
+ together via the link_next field. */
+ bfd *input_bfds;
+ /* If a symbol should be created for each input BFD, this is section
+ where those symbols should be placed. It must be a section in
+ the output BFD. It may be NULL, in which case no such symbols
+ will be created. This is to support CREATE_OBJECT_SYMBOLS in the
+ linker command language. */
+ asection *create_object_symbols_section;
+ /* Hash table handled by BFD. */
+ struct bfd_link_hash_table *hash;
+ /* Hash table of symbols to keep. This is NULL unless strip is
+ strip_some. */
+ struct bfd_hash_table *keep_hash;
+ /* true if every symbol should be reported back via the notice
+ callback. */
+ boolean notice_all;
+ /* Hash table of symbols to report back via the notice callback. If
+ this is NULL, and notice_all is false, then no symbols are
+ reported back. */
+ struct bfd_hash_table *notice_hash;
+ /* Hash table of symbols which are being wrapped (the --wrap linker
+ option). If this is NULL, no symbols are being wrapped. */
+ struct bfd_hash_table *wrap_hash;
+ /* If a base output file is wanted, then this points to it */
+ PTR base_file;
+
+ /* If non-zero, specifies that branches which are problematic for the
+ MPC860 C0 (or earlier) should be checked for and modified. It gives the
+ number of bytes that should be checked at the end of each text page. */
+ int mpc860c0;
+
+ /* The function to call when the executable or shared object is
+ loaded. */
+ const char *init_function;
+ /* The function to call when the executable or shared object is
+ unloaded. */
+ const char *fini_function;
+
+ /* true if the new ELF dynamic tags are enabled. */
+ boolean new_dtags;
+
+ /* May be used to set DT_FLAGS for ELF. */
+ bfd_vma flags;
+
+ /* May be used to set DT_FLAGS_1 for ELF. */
+ bfd_vma flags_1;
+};
+
+/* This structures holds a set of callback functions. These are
+ called by the BFD linker routines. The first argument to each
+ callback function is the bfd_link_info structure being used. Each
+ function returns a boolean value. If the function returns false,
+ then the BFD function which called it will return with a failure
+ indication. */
+
+struct bfd_link_callbacks
+{
+ /* A function which is called when an object is added from an
+ archive. ABFD is the archive element being added. NAME is the
+ name of the symbol which caused the archive element to be pulled
+ in. */
+ boolean (*add_archive_element) PARAMS ((struct bfd_link_info *,
+ bfd *abfd,
+ const char *name));
+ /* A function which is called when a symbol is found with multiple
+ definitions. NAME is the symbol which is defined multiple times.
+ OBFD is the old BFD, OSEC is the old section, OVAL is the old
+ value, NBFD is the new BFD, NSEC is the new section, and NVAL is
+ the new value. OBFD may be NULL. OSEC and NSEC may be
+ bfd_com_section or bfd_ind_section. */
+ boolean (*multiple_definition) PARAMS ((struct bfd_link_info *,
+ const char *name,
+ bfd *obfd,
+ asection *osec,
+ bfd_vma oval,
+ bfd *nbfd,
+ asection *nsec,
+ bfd_vma nval));
+ /* A function which is called when a common symbol is defined
+ multiple times. NAME is the symbol appearing multiple times.
+ OBFD is the BFD of the existing symbol; it may be NULL if this is
+ not known. OTYPE is the type of the existing symbol, which may
+ be bfd_link_hash_defined, bfd_link_hash_defweak,
+ bfd_link_hash_common, or bfd_link_hash_indirect. If OTYPE is
+ bfd_link_hash_common, OSIZE is the size of the existing symbol.
+ NBFD is the BFD of the new symbol. NTYPE is the type of the new
+ symbol, one of bfd_link_hash_defined, bfd_link_hash_common, or
+ bfd_link_hash_indirect. If NTYPE is bfd_link_hash_common, NSIZE
+ is the size of the new symbol. */
+ boolean (*multiple_common) PARAMS ((struct bfd_link_info *,
+ const char *name,
+ bfd *obfd,
+ enum bfd_link_hash_type otype,
+ bfd_vma osize,
+ bfd *nbfd,
+ enum bfd_link_hash_type ntype,
+ bfd_vma nsize));
+ /* A function which is called to add a symbol to a set. ENTRY is
+ the link hash table entry for the set itself (e.g.,
+ __CTOR_LIST__). RELOC is the relocation to use for an entry in
+ the set when generating a relocateable file, and is also used to
+ get the size of the entry when generating an executable file.
+ ABFD, SEC and VALUE identify the value to add to the set. */
+ boolean (*add_to_set) PARAMS ((struct bfd_link_info *,
+ struct bfd_link_hash_entry *entry,
+ bfd_reloc_code_real_type reloc,
+ bfd *abfd, asection *sec, bfd_vma value));
+ /* A function which is called when the name of a g++ constructor or
+ destructor is found. This is only called by some object file
+ formats. CONSTRUCTOR is true for a constructor, false for a
+ destructor. This will use BFD_RELOC_CTOR when generating a
+ relocateable file. NAME is the name of the symbol found. ABFD,
+ SECTION and VALUE are the value of the symbol. */
+ boolean (*constructor) PARAMS ((struct bfd_link_info *,
+ boolean constructor,
+ const char *name, bfd *abfd, asection *sec,
+ bfd_vma value));
+ /* A function which is called to issue a linker warning. For
+ example, this is called when there is a reference to a warning
+ symbol. WARNING is the warning to be issued. SYMBOL is the name
+ of the symbol which triggered the warning; it may be NULL if
+ there is none. ABFD, SECTION and ADDRESS identify the location
+ which trigerred the warning; either ABFD or SECTION or both may
+ be NULL if the location is not known. */
+ boolean (*warning) PARAMS ((struct bfd_link_info *,
+ const char *warning, const char *symbol,
+ bfd *abfd, asection *section,
+ bfd_vma address));
+ /* A function which is called when a relocation is attempted against
+ an undefined symbol. NAME is the symbol which is undefined.
+ ABFD, SECTION and ADDRESS identify the location from which the
+ reference is made. FATAL indicates whether an undefined symbol is
+ a fatal error or not. In some cases SECTION may be NULL. */
+ boolean (*undefined_symbol) PARAMS ((struct bfd_link_info *,
+ const char *name, bfd *abfd,
+ asection *section,
+ bfd_vma address,
+ boolean fatal));
+ /* A function which is called when a reloc overflow occurs. NAME is
+ the name of the symbol or section the reloc is against,
+ RELOC_NAME is the name of the relocation, and ADDEND is any
+ addend that is used. ABFD, SECTION and ADDRESS identify the
+ location at which the overflow occurs; if this is the result of a
+ bfd_section_reloc_link_order or bfd_symbol_reloc_link_order, then
+ ABFD will be NULL. */
+ boolean (*reloc_overflow) PARAMS ((struct bfd_link_info *,
+ const char *name,
+ const char *reloc_name, bfd_vma addend,
+ bfd *abfd, asection *section,
+ bfd_vma address));
+ /* A function which is called when a dangerous reloc is performed.
+ The canonical example is an a29k IHCONST reloc which does not
+ follow an IHIHALF reloc. MESSAGE is an appropriate message.
+ ABFD, SECTION and ADDRESS identify the location at which the
+ problem occurred; if this is the result of a
+ bfd_section_reloc_link_order or bfd_symbol_reloc_link_order, then
+ ABFD will be NULL. */
+ boolean (*reloc_dangerous) PARAMS ((struct bfd_link_info *,
+ const char *message,
+ bfd *abfd, asection *section,
+ bfd_vma address));
+ /* A function which is called when a reloc is found to be attached
+ to a symbol which is not being written out. NAME is the name of
+ the symbol. ABFD, SECTION and ADDRESS identify the location of
+ the reloc; if this is the result of a
+ bfd_section_reloc_link_order or bfd_symbol_reloc_link_order, then
+ ABFD will be NULL. */
+ boolean (*unattached_reloc) PARAMS ((struct bfd_link_info *,
+ const char *name,
+ bfd *abfd, asection *section,
+ bfd_vma address));
+ /* A function which is called when a symbol in notice_hash is
+ defined or referenced. NAME is the symbol. ABFD, SECTION and
+ ADDRESS are the value of the symbol. If SECTION is
+ bfd_und_section, this is a reference. */
+ boolean (*notice) PARAMS ((struct bfd_link_info *, const char *name,
+ bfd *abfd, asection *section, bfd_vma address));
+};
+
+/* The linker builds link_order structures which tell the code how to
+ include input data in the output file. */
+
+/* These are the types of link_order structures. */
+
+enum bfd_link_order_type
+{
+ bfd_undefined_link_order, /* Undefined. */
+ bfd_indirect_link_order, /* Built from a section. */
+ bfd_fill_link_order, /* Fill with a 16 bit constant. */
+ bfd_data_link_order, /* Set to explicit data. */
+ bfd_section_reloc_link_order, /* Relocate against a section. */
+ bfd_symbol_reloc_link_order /* Relocate against a symbol. */
+};
+
+/* This is the link_order structure itself. These form a chain
+ attached to the section whose contents they are describing. */
+
+struct bfd_link_order
+{
+ /* Next link_order in chain. */
+ struct bfd_link_order *next;
+ /* Type of link_order. */
+ enum bfd_link_order_type type;
+ /* Offset within output section. */
+ bfd_vma offset;
+ /* Size within output section. */
+ bfd_size_type size;
+ /* Type specific information. */
+ union
+ {
+ struct
+ {
+ /* Section to include. If this is used, then
+ section->output_section must be the section the
+ link_order is attached to, section->output_offset must
+ equal the link_order offset field, and section->_raw_size
+ must equal the link_order size field. Maybe these
+ restrictions should be relaxed someday. */
+ asection *section;
+ } indirect;
+ struct
+ {
+ /* Value to fill with. */
+ unsigned int value;
+ } fill;
+ struct
+ {
+ /* Data to put into file. The size field gives the number
+ of bytes which this field points to. */
+ bfd_byte *contents;
+ } data;
+ struct
+ {
+ /* Description of reloc to generate. Used for
+ bfd_section_reloc_link_order and
+ bfd_symbol_reloc_link_order. */
+ struct bfd_link_order_reloc *p;
+ } reloc;
+ } u;
+};
+
+/* A linker order of type bfd_section_reloc_link_order or
+ bfd_symbol_reloc_link_order means to create a reloc against a
+ section or symbol, respectively. This is used to implement -Ur to
+ generate relocs for the constructor tables. The
+ bfd_link_order_reloc structure describes the reloc that BFD should
+ create. It is similar to a arelent, but I didn't use arelent
+ because the linker does not know anything about most symbols, and
+ any asymbol structure it creates will be partially meaningless.
+ This information could logically be in the bfd_link_order struct,
+ but I didn't want to waste the space since these types of relocs
+ are relatively rare. */
+
+struct bfd_link_order_reloc
+{
+ /* Reloc type. */
+ bfd_reloc_code_real_type reloc;
+
+ union
+ {
+ /* For type bfd_section_reloc_link_order, this is the section
+ the reloc should be against. This must be a section in the
+ output BFD, not any of the input BFDs. */
+ asection *section;
+ /* For type bfd_symbol_reloc_link_order, this is the name of the
+ symbol the reloc should be against. */
+ const char *name;
+ } u;
+
+ /* Addend to use. The object file should contain zero. The BFD
+ backend is responsible for filling in the contents of the object
+ file correctly. For some object file formats (e.g., COFF) the
+ addend must be stored into in the object file, and for some
+ (e.g., SPARC a.out) it is kept in the reloc. */
+ bfd_vma addend;
+};
+
+/* Allocate a new link_order for a section. */
+extern struct bfd_link_order *bfd_new_link_order PARAMS ((bfd *, asection *));
+
+/* These structures are used to describe version information for the
+ ELF linker. These structures could be manipulated entirely inside
+ BFD, but it would be a pain. Instead, the regular linker sets up
+ these structures, and then passes them into BFD. */
+
+/* Regular expressions for a version. */
+
+struct bfd_elf_version_expr
+{
+ /* Next regular expression for this version. */
+ struct bfd_elf_version_expr *next;
+ /* Regular expression. */
+ const char *pattern;
+ /* Matching function. */
+ int (*match) PARAMS((struct bfd_elf_version_expr *, const char *));
+};
+
+/* Version dependencies. */
+
+struct bfd_elf_version_deps
+{
+ /* Next dependency for this version. */
+ struct bfd_elf_version_deps *next;
+ /* The version which this version depends upon. */
+ struct bfd_elf_version_tree *version_needed;
+};
+
+/* A node in the version tree. */
+
+struct bfd_elf_version_tree
+{
+ /* Next version. */
+ struct bfd_elf_version_tree *next;
+ /* Name of this version. */
+ const char *name;
+ /* Version number. */
+ unsigned int vernum;
+ /* Regular expressions for global symbols in this version. */
+ struct bfd_elf_version_expr *globals;
+ /* Regular expressions for local symbols in this version. */
+ struct bfd_elf_version_expr *locals;
+ /* List of versions which this version depends upon. */
+ struct bfd_elf_version_deps *deps;
+ /* Index of the version name. This is used within BFD. */
+ unsigned int name_indx;
+ /* Whether this version tree was used. This is used within BFD. */
+ int used;
+};
+
+#endif
diff --git a/test/crypto/testfiles/bfdlink.h.enc b/test/crypto/testfiles/bfdlink.h.enc
new file mode 100644
index 00000000..ddc7b01e
--- /dev/null
+++ b/test/crypto/testfiles/bfdlink.h.enc
Binary files differ
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-23 06:58:23 +0000