void/AyuGramDesktop
2
0
Fork 0
mirror of https://github.com/AyuGram/AyuGramDesktop.git synced 2025-04-15 21:57:10 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Get rid of deprecated OpenSSL <1.1 functions

Browse source
This commit is contained in:
Ilya Fedin 2021-12-16 12:40:33 +04:00 committed by John Preston
parent e7e34d50ba
commit b2fb5424ed
2 changed files with 3 additions and 84 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
Telegram/SourceFiles/core/utils.cpp
View file

@ -30,8 +30,6 @@ extern "C" {
#include <time.h>
#endif
#include <QtNetwork/QSslSocket>
uint64 _SharedMemoryLocation[4] = { 0x00, 0x01, 0x02, 0x03 };
// Base types compile-time check
@ -56,15 +54,6 @@ static_assert(sizeof(int) >= 4, "Basic types size check failed");
// Precise timing functions / rand init
struct CRYPTO_dynlock_value {
QMutex mutex;
};
namespace {
bool _sslInited = false;
QMutex *_sslLocks = nullptr;
}
namespace ThirdParty {
void start() {
@ -94,45 +83,11 @@ namespace ThirdParty {
LOG(("MTP Error: Could not init OpenSSL rand, RAND_status() is 0..."));
}
}
// Force OpenSSL loading if it is linked in Qt,
// so that we won't mess with our OpenSSL locking with Qt OpenSSL locking.
auto sslSupported = QSslSocket::supportsSsl();
if (!sslSupported) {
LOG(("Error: current Qt build doesn't support SSL requests."));
}
if (!CRYPTO_get_locking_callback()) {
// Qt didn't initialize OpenSSL, so we will.
auto numLocks = CRYPTO_num_locks();
if (numLocks) {
_sslLocks = new QMutex[numLocks];
CRYPTO_set_locking_callback(_sslLockingCallback);
} else {
LOG(("MTP Error: Could not init OpenSSL threads, CRYPTO_num_locks() returned zero!"));
}
}
if (!CRYPTO_get_dynlock_create_callback()) {
CRYPTO_set_dynlock_create_callback(_sslCreateFunction);
CRYPTO_set_dynlock_lock_callback(_sslLockFunction);
CRYPTO_set_dynlock_destroy_callback(_sslDestroyFunction);
} else if (!CRYPTO_get_dynlock_lock_callback()) {
LOG(("MTP Error: dynlock_create callback is set without dynlock_lock callback!"));
}
_sslInited = true;
}
void finish() {
CRYPTO_cleanup_all_ex_data();
#ifndef LIBRESSL_VERSION_NUMBER
FIPS_mode_set(0);
#endif
ENGINE_cleanup();
CONF_modules_unload(1);
ERR_free_strings();
EVP_cleanup();
delete[] base::take(_sslLocks);
Platform::ThirdParty::finish();
}

42
Telegram/SourceFiles/mtproto/details/mtproto_rsa_public_key.cpp
View file

@ -11,42 +11,6 @@ https://github.com/telegramdesktop/tdesktop/blob/master/LEGAL
namespace MTP::details {
namespace {
#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
// This is a key setter for compatibility with OpenSSL 1.0
int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) {
if ((r->n == nullptr && n == nullptr) || (r->e == nullptr && e == nullptr)) {
return 0;
}
if (n != nullptr) {
BN_free(r->n);
r->n = n;
}
if (e != nullptr) {
BN_free(r->e);
r->e = e;
}
if (d != nullptr) {
BN_free(r->d);
r->d = d;
}
return 1;
}
// This is a key getter for compatibility with OpenSSL 1.0
void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) {
if (n != nullptr) {
*n = r->n;
}
if (e != nullptr) {
*e = r->e;
}
if (d != nullptr) {
*d = r->d;
}
}
#endif
enum class Format {
RSAPublicKey,
@ -168,7 +132,7 @@ bytes::vector RSAPublicKey::Private::encrypt(bytes::const_span data) const {
auto result = bytes::vector(kEncryptSize, gsl::byte{});
auto res = RSA_public_encrypt(kEncryptSize, reinterpret_cast<const unsigned char*>(data.data()), reinterpret_cast<unsigned char*>(result.data()), _rsa, RSA_NO_PADDING);
if (res < 0 || res > kEncryptSize) {
ERR_load_crypto_strings();
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, nullptr);
LOG(("RSA Error: RSA_public_encrypt failed, key fp: %1, result: %2, error: %3").arg(fingerprint()).arg(res).arg(ERR_error_string(ERR_get_error(), 0)));
return {};
} else if (auto zeroBytes = kEncryptSize - res) {
@ -186,7 +150,7 @@ bytes::vector RSAPublicKey::Private::decrypt(bytes::const_span data) const {
auto result = bytes::vector(kDecryptSize, gsl::byte{});
auto res = RSA_public_decrypt(kDecryptSize, reinterpret_cast<const unsigned char*>(data.data()), reinterpret_cast<unsigned char*>(result.data()), _rsa, RSA_NO_PADDING);
if (res < 0 || res > kDecryptSize) {
ERR_load_crypto_strings();
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, nullptr);
LOG(("RSA Error: RSA_public_encrypt failed, key fp: %1, result: %2, error: %3").arg(fingerprint()).arg(res).arg(ERR_error_string(ERR_get_error(), 0)));
return {};
} else if (auto zeroBytes = kDecryptSize - res) {
@ -209,7 +173,7 @@ bytes::vector RSAPublicKey::Private::encryptOAEPpadding(bytes::const_span data)
_rsa,
RSA_PKCS1_OAEP_PADDING);
if (encryptedSize != resultSize) {
ERR_load_crypto_strings();
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, nullptr);
LOG(("RSA Error: RSA_public_encrypt failed, "
"key fp: %1, result: %2, error: %3"
).arg(fingerprint()