diff options
| author | Daniel Lowrey <rdlowrey@php.net> | 2015-02-28 15:23:59 -0500 |
|---|---|---|
| committer | Daniel Lowrey <rdlowrey@php.net> | 2015-02-28 17:41:29 -0500 |
| commit | 3ff36c265fce0ec5375e1917764db4fca88eb1ae (patch) | |
| tree | 3a1430948cc114e70ea3f7237f649666fb060112 /ext/openssl/openssl.c | |
| parent | 54e2020ee3e6142a86db03f1a9d47bc763334dbb (diff) | |
| download | php-git-3ff36c265fce0ec5375e1917764db4fca88eb1ae.tar.gz | |
Update for OpenSSL 1.0.2 compatibility
Diffstat (limited to 'ext/openssl/openssl.c')
| -rw-r--r-- | ext/openssl/openssl.c | 62 |
1 files changed, 47 insertions, 15 deletions
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 1cb69585ae..2c7aecf433 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -42,6 +42,10 @@ /* OpenSSL includes */ #include <openssl/evp.h> +#include <openssl/bn.h> +#include <openssl/rsa.h> +#include <openssl/dsa.h> +#include <openssl/dh.h> #include <openssl/x509.h> #include <openssl/x509v3.h> #include <openssl/crypto.h> @@ -3350,22 +3354,46 @@ static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req if ((req->priv_key = EVP_PKEY_new()) != NULL) { switch(req->priv_key_type) { case OPENSSL_KEYTYPE_RSA: - if (EVP_PKEY_assign_RSA(req->priv_key, RSA_generate_key(req->priv_key_bits, 0x10001, NULL, NULL))) { - return_val = req->priv_key; + { + RSA* rsaparam; +#if OPENSSL_VERSION_NUMBER < 0x10002000L + /* OpenSSL 1.0.2 deprecates RSA_generate_key */ + rsaparam = (RSA*)RSA_generate_key(req->priv_key_bits, RSA_F4, NULL, NULL); +#else + { + BIGNUM *bne = (BIGNUM *)BN_new(); + if (BN_set_word(bne, RSA_F4) != 1) { + BN_free(bne); + php_error_docref(NULL, E_WARNING, "failed setting exponent"); + return NULL; + } + rsaparam = RSA_new(); + RSA_generate_key_ex(rsaparam, req->priv_key_bits, bne, NULL); + BN_free(bne); + } +#endif + if (rsaparam && EVP_PKEY_assign_RSA(req->priv_key, rsaparam)) { + return_val = req->priv_key; + } } break; #if !defined(NO_DSA) && defined(HAVE_DSA_DEFAULT_METHOD) case OPENSSL_KEYTYPE_DSA: { - DSA *dsapar = DSA_generate_parameters(req->priv_key_bits, NULL, 0, NULL, NULL, NULL, NULL); - if (dsapar) { - DSA_set_method(dsapar, DSA_get_default_method()); - if (DSA_generate_key(dsapar)) { - if (EVP_PKEY_assign_DSA(req->priv_key, dsapar)) { + DSA* dsaparam; +#if OPENSSL_VERSION_NUMBER < 0x10002000L + dsaparam = DSA_generate_parameters(req->priv_key_bits, NULL, 0, NULL, NULL, NULL, NULL); +#else + DSA_generate_parameters_ex(dsaparam, req->priv_key_bits, NULL, 0, NULL, NULL, NULL); +#endif + if (dsaparam) { + DSA_set_method(dsaparam, DSA_get_default_method()); + if (DSA_generate_key(dsaparam)) { + if (EVP_PKEY_assign_DSA(req->priv_key, dsaparam)) { return_val = req->priv_key; } } else { - DSA_free(dsapar); + DSA_free(dsaparam); } } } @@ -3374,17 +3402,21 @@ static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req #if !defined(NO_DH) case OPENSSL_KEYTYPE_DH: { - DH *dhpar = DH_generate_parameters(req->priv_key_bits, 2, NULL, NULL); int codes = 0; - - if (dhpar) { - DH_set_method(dhpar, DH_get_default_method()); - if (DH_check(dhpar, &codes) && codes == 0 && DH_generate_key(dhpar)) { - if (EVP_PKEY_assign_DH(req->priv_key, dhpar)) { + DH *dhparam; +#if OPENSSL_VERSION_NUMBER < 0x10002000L + dhparam = DH_generate_parameters(req->priv_key_bits, 2, NULL, NULL); +#else + DH_generate_parameters_ex(dhparam, req->priv_key_bits, 2, NULL); +#endif + if (dhparam) { + DH_set_method(dhparam, DH_get_default_method()); + if (DH_check(dhparam, &codes) && codes == 0 && DH_generate_key(dhparam)) { + if (EVP_PKEY_assign_DH(req->priv_key, dhparam)) { return_val = req->priv_key; } } else { - DH_free(dhpar); + DH_free(dhparam); } } } |