Add support for openssl 1.1.0.

Thanks to Eneas U de Queiroz <cote2004-github@yahoo.com>

5 files changed, 38 insertions, 15 deletions

diff --git a/src/auth_algo.c b/src/auth_algo.c
index 38ed4f5..b4afc13 100644
--- a/src/auth_algo.c
+++ b/src/auth_algo.c
@@ -161,14 +161,25 @@ int auth_algo_sha1_init(auth_algo_t* aa)
 
   if(aa->params_)
     free(aa->params_);
-  aa->params_ = malloc(sizeof(auth_algo_sha1_param_t));
+  aa->params_ = calloc(1, sizeof(auth_algo_sha1_param_t));
   if(!aa->params_)
     return -2;
 
 #if defined(USE_SSL_CRYPTO)
   auth_algo_sha1_param_t* params = aa->params_;
-  HMAC_CTX_init(&params->ctx_);
-  HMAC_Init_ex(&params->ctx_, NULL, 0, EVP_sha1(), NULL);
+# if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  if ((params->ctx_ = HMAC_CTX_new()) == NULL) {
+    log_printf(ERROR, "failed to allocate HMAC_CTX");
+    return -2;
+  }
+# else
+  if ((params->ctx_ = calloc(1, sizeof(HMAC_CTX))) == NULL) {
+    log_printf(ERROR, "failed to allocate HMAC_CTX");
+    return -2;
+  }
+  HMAC_CTX_init(params->ctx_);
+# endif
+  HMAC_Init_ex(params->ctx_, NULL, 0, EVP_sha1(), NULL);
 #elif defined(USE_NETTLE)
   // nothing here
 #else  // USE_GCRYPT is the default
@@ -191,7 +202,14 @@ void auth_algo_sha1_close(auth_algo_t* aa)
   if(aa->params_) {
 #if defined(USE_SSL_CRYPTO)
     auth_algo_sha1_param_t* params = aa->params_;
-    HMAC_CTX_cleanup(&params->ctx_);
+    if(params->ctx_) {
+# if OPENSSL_VERSION_NUMBER >= 0x10100000L
+      HMAC_CTX_free(params->ctx_);
+# else
+      HMAC_CTX_cleanup(params->ctx_);
+      free(params->ctx_);
+# endif
+    }
 #elif defined(USE_NETTLE)
     // nothing here
 #else  // USE_GCRYPT is the default
@@ -225,11 +243,11 @@ void auth_algo_sha1_generate(auth_algo_t* aa, key_derivation_t* kd, key_derivati
     return;
 
 #if defined(USE_SSL_CRYPTO)
-  HMAC_Init_ex(&params->ctx_, aa->key_.buf_, aa->key_.length_, EVP_sha1(), NULL);
+  HMAC_Init_ex(params->ctx_, aa->key_.buf_, aa->key_.length_, EVP_sha1(), NULL);
 
   u_int8_t hmac[SHA1_LENGTH];
-  HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
-  HMAC_Final(&params->ctx_, hmac, NULL);
+  HMAC_Update(params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
+  HMAC_Final(params->ctx_, hmac, NULL);
 #elif defined(USE_NETTLE)
   hmac_sha1_set_key(&params->ctx_, aa->key_.length_, aa->key_.buf_);
 
@@ -279,11 +297,11 @@ int auth_algo_sha1_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivati
     return 0;
 
 #if defined(USE_SSL_CRYPTO)
-  HMAC_Init_ex(&params->ctx_, aa->key_.buf_, aa->key_.length_, EVP_sha1(), NULL);
+  HMAC_Init_ex(params->ctx_, aa->key_.buf_, aa->key_.length_, EVP_sha1(), NULL);
 
   u_int8_t hmac[SHA1_LENGTH];
-  HMAC_Update(&params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
-  HMAC_Final(&params->ctx_, hmac, NULL);
+  HMAC_Update(params->ctx_, encrypted_packet_get_auth_portion(packet), encrypted_packet_get_auth_portion_length(packet));
+  HMAC_Final(params->ctx_, hmac, NULL);
 #elif defined(USE_NETTLE)
   hmac_sha1_set_key(&params->ctx_, aa->key_.length_, aa->key_.buf_);
 
diff --git a/src/auth_algo.h b/src/auth_algo.h
index 576d490..fc355ad 100644
--- a/src/auth_algo.h
+++ b/src/auth_algo.h
@@ -82,7 +82,7 @@ int auth_algo_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivation_di
 
 struct auth_algo_sha1_param_struct {
 #if defined(USE_SSL_CRYPTO)
-  HMAC_CTX ctx_;
+  HMAC_CTX *ctx_;
 #elif defined(USE_NETTLE)
   struct hmac_sha1_ctx ctx_;
 #else  // USE_GCRYPT is the default
diff --git a/src/cipher.c b/src/cipher.c
index 8c73a2e..cce4594 100644
--- a/src/cipher.c
+++ b/src/cipher.c
@@ -338,7 +338,8 @@ int32_t cipher_aesctr_crypt(cipher_t* c, key_derivation_t* kd, key_derivation_di
   }
   u_int32_t num = 0;
   memset(params->ecount_buf_, 0, AES_BLOCK_SIZE);
-  AES_ctr128_encrypt(in, out, (ilen < olen) ? ilen : olen, &params->aes_key_, params->ctr_.buf_, params->ecount_buf_, &num);
+  CRYPTO_ctr128_encrypt(in, out, (ilen < olen) ? ilen : olen, &params->aes_key_, params->ctr_.buf_,
+  			params->ecount_buf_, &num, (block128_f)AES_encrypt);
 #elif defined(USE_NETTLE)
   if(C_AESCTR_CTR_LENGTH != AES_BLOCK_SIZE) {
     log_printf(ERROR, "failed to set cipher CTR: size doesn't fit");
diff --git a/src/cipher.h b/src/cipher.h
index 62508e2..1d956bc 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -51,7 +51,9 @@
 
 #ifndef NO_CRYPT
 #if defined(USE_SSL_CRYPTO)
+#include <openssl/crypto.h>
 #include <openssl/aes.h>
+#include <openssl/modes.h>
 #elif defined(USE_NETTLE)
 #include <nettle/aes.h>
 #else  // USE_GCRYPT is the default
diff --git a/src/key_derivation.c b/src/key_derivation.c
index 8f4994e..3e85ce9 100644
--- a/src/key_derivation.c
+++ b/src/key_derivation.c
@@ -51,7 +51,9 @@
 #include "key_derivation.h"
 
 #if defined(USE_SSL_CRYPTO)
+#include <openssl/crypto.h>
 #include <openssl/sha.h>
+#include <openssl/modes.h>
 #elif defined(USE_NETTLE)
 #include <nettle/sha1.h>
 #include <nettle/sha2.h>
@@ -467,13 +469,13 @@ int key_derivation_aesctr_generate(key_derivation_t* kd, key_derivation_dir_t di
 
 #if defined(USE_SSL_CRYPTO)
   if(KD_AESCTR_CTR_LENGTH != AES_BLOCK_SIZE) {
-    log_printf(ERROR, "failed to set key derivation CTR: size don't fits");
+    log_printf(ERROR, "failed to set key derivation CTR: size doesn't fit");
     return -1;
   }
   u_int32_t num = 0;
-  memset(params->ecount_buf_, 0, AES_BLOCK_SIZE);
   memset(key, 0, len);
-  AES_ctr128_encrypt(key, key, len, &params->aes_key_, params->ctr_.buf_, params->ecount_buf_, &num);
+  memset(params->ecount_buf_, 0, AES_BLOCK_SIZE);
+  CRYPTO_ctr128_encrypt(key, key, len, &params->aes_key_, params->ctr_.buf_, params->ecount_buf_, &num, (block128_f)AES_encrypt);
 #elif defined(USE_NETTLE)
   if(KD_AESCTR_CTR_LENGTH != AES_BLOCK_SIZE) {
     log_printf(ERROR, "failed to set cipher CTR: size doesn't fit");