1043840dfSDag-Erling Smørgrav /* 2043840dfSDag-Erling Smørgrav * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> 3043840dfSDag-Erling Smørgrav * 4043840dfSDag-Erling Smørgrav * Permission to use, copy, modify, and distribute this software for any 5043840dfSDag-Erling Smørgrav * purpose with or without fee is hereby granted, provided that the above 6043840dfSDag-Erling Smørgrav * copyright notice and this permission notice appear in all copies. 7043840dfSDag-Erling Smørgrav * 8043840dfSDag-Erling Smørgrav * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9043840dfSDag-Erling Smørgrav * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10043840dfSDag-Erling Smørgrav * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11043840dfSDag-Erling Smørgrav * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12043840dfSDag-Erling Smørgrav * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER 13043840dfSDag-Erling Smørgrav * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 14043840dfSDag-Erling Smørgrav * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15043840dfSDag-Erling Smørgrav */ 16043840dfSDag-Erling Smørgrav 17a0ee8cc6SDag-Erling Smørgrav #ifndef _OPENSSL_COMPAT_H 18a0ee8cc6SDag-Erling Smørgrav #define _OPENSSL_COMPAT_H 19a0ee8cc6SDag-Erling Smørgrav 20043840dfSDag-Erling Smørgrav #include "includes.h" 21bc5531deSDag-Erling Smørgrav #ifdef WITH_OPENSSL 22bc5531deSDag-Erling Smørgrav 234a421b63SDag-Erling Smørgrav #include <openssl/opensslv.h> 2419261079SEd Maste #include <openssl/crypto.h> 25043840dfSDag-Erling Smørgrav #include <openssl/evp.h> 26e2f6069cSDag-Erling Smørgrav #include <openssl/rsa.h> 27e2f6069cSDag-Erling Smørgrav #include <openssl/dsa.h> 2819261079SEd Maste #ifdef OPENSSL_HAS_ECC 292a01feabSEd Maste #include <openssl/ecdsa.h> 3019261079SEd Maste #endif 312a01feabSEd Maste #include <openssl/dh.h> 32e2f6069cSDag-Erling Smørgrav 33a0ee8cc6SDag-Erling Smørgrav int ssh_compatible_openssl(long, long); 3419261079SEd Maste void ssh_libcrypto_init(void); 35043840dfSDag-Erling Smørgrav 36*535af610SEd Maste #if (OPENSSL_VERSION_NUMBER < 0x10100000L) 37*535af610SEd Maste # error OpenSSL 1.1.0 or greater is required 3819261079SEd Maste #endif 39*535af610SEd Maste #ifdef LIBRESSL_VERSION_NUMBER 40*535af610SEd Maste # if LIBRESSL_VERSION_NUMBER < 0x3010000fL 41*535af610SEd Maste # error LibreSSL 3.1.0 or greater is required 4219261079SEd Maste # endif 434a421b63SDag-Erling Smørgrav #endif 444a421b63SDag-Erling Smørgrav 45a0ee8cc6SDag-Erling Smørgrav #ifndef OPENSSL_RSA_MAX_MODULUS_BITS 46a0ee8cc6SDag-Erling Smørgrav # define OPENSSL_RSA_MAX_MODULUS_BITS 16384 47021d409fSDag-Erling Smørgrav #endif 48a0ee8cc6SDag-Erling Smørgrav #ifndef OPENSSL_DSA_MAX_MODULUS_BITS 49a0ee8cc6SDag-Erling Smørgrav # define OPENSSL_DSA_MAX_MODULUS_BITS 10000 50043840dfSDag-Erling Smørgrav #endif 51043840dfSDag-Erling Smørgrav 5219261079SEd Maste #ifdef LIBRESSL_VERSION_NUMBER 5319261079SEd Maste # if LIBRESSL_VERSION_NUMBER < 0x3010000fL 5419261079SEd Maste # define HAVE_BROKEN_CHACHA20 5519261079SEd Maste # endif 5619261079SEd Maste #endif 5719261079SEd Maste 58*535af610SEd Maste #ifdef OPENSSL_IS_BORINGSSL 59*535af610SEd Maste /* 60*535af610SEd Maste * BoringSSL (rightly) got rid of the BN_FLG_CONSTTIME flag, along with 61*535af610SEd Maste * the entire BN_set_flags() interface. 62*535af610SEd Maste * https://boringssl.googlesource.com/boringssl/+/0a211dfe9 63*535af610SEd Maste */ 64*535af610SEd Maste # define BN_set_flags(a, b) 65*535af610SEd Maste #endif 662a01feabSEd Maste 672a01feabSEd Maste #ifndef HAVE_EVP_CIPHER_CTX_GET_IV 6819261079SEd Maste # ifdef HAVE_EVP_CIPHER_CTX_GET_UPDATED_IV 6919261079SEd Maste # define EVP_CIPHER_CTX_get_iv EVP_CIPHER_CTX_get_updated_iv 7019261079SEd Maste # else /* HAVE_EVP_CIPHER_CTX_GET_UPDATED_IV */ 712a01feabSEd Maste int EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, 722a01feabSEd Maste unsigned char *iv, size_t len); 7319261079SEd Maste # endif /* HAVE_EVP_CIPHER_CTX_GET_UPDATED_IV */ 742a01feabSEd Maste #endif /* HAVE_EVP_CIPHER_CTX_GET_IV */ 752a01feabSEd Maste 762a01feabSEd Maste #ifndef HAVE_EVP_CIPHER_CTX_SET_IV 772a01feabSEd Maste int EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx, 782a01feabSEd Maste const unsigned char *iv, size_t len); 792a01feabSEd Maste #endif /* HAVE_EVP_CIPHER_CTX_SET_IV */ 802a01feabSEd Maste 81bc5531deSDag-Erling Smørgrav #endif /* WITH_OPENSSL */ 82a0ee8cc6SDag-Erling Smørgrav #endif /* _OPENSSL_COMPAT_H */ 83