VirtualBox

source: vbox/trunk/src/VBox/Runtime/common/crypto/iprt-openssl.cpp@ 86103

Last change on this file since 86103 was 85121, checked in by vboxsync, 5 years ago

iprt/cdefs.h: Refactored the typedef use of DECLCALLBACK as well as DECLCALLBACKMEMBER to wrap the whole expression, similar to the DECLR?CALLBACKMEMBER macros. This allows adding a throw() at the end when compiling with the VC++ compiler to indicate that the callbacks won't throw anything, so we can stop supressing the C5039 warning about passing functions that can potential throw C++ exceptions to extern C code that can't necessarily cope with such (unwind,++). Introduced a few _EX variations that allows specifying different/no calling convention too, as that's handy when dynamically resolving host APIs. Fixed numerous places missing DECLCALLBACK and such. Left two angry @todos regarding use of CreateThread. bugref:9794

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 4.9 KB
Line 
1/* $Id: iprt-openssl.cpp 85121 2020-07-08 19:33:26Z vboxsync $ */
2/** @file
3 * IPRT - Crypto - OpenSSL Helpers.
4 */
5
6/*
7 * Copyright (C) 2006-2020 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 */
26
27
28/*********************************************************************************************************************************
29* Header Files *
30*********************************************************************************************************************************/
31#include "internal/iprt.h"
32
33#ifdef IPRT_WITH_OPENSSL /* Whole file. */
34# include <iprt/err.h>
35# include <iprt/string.h>
36# include <iprt/mem.h>
37# include <iprt/asn1.h>
38# include <iprt/crypto/digest.h>
39
40# include "internal/iprt-openssl.h"
41# include "internal/openssl-pre.h"
42# include <openssl/x509.h>
43# include <openssl/err.h>
44# include "internal/openssl-post.h"
45
46
47DECLHIDDEN(void) rtCrOpenSslInit(void)
48{
49 static bool s_fOssInitalized;
50 if (!s_fOssInitalized)
51 {
52 OpenSSL_add_all_algorithms();
53 ERR_load_ERR_strings();
54 ERR_load_crypto_strings();
55
56 s_fOssInitalized = true;
57 }
58}
59
60
61DECLHIDDEN(int) rtCrOpenSslErrInfoCallback(const char *pach, size_t cch, void *pvUser)
62{
63 PRTERRINFO pErrInfo = (PRTERRINFO)pvUser;
64 size_t cchAlready = pErrInfo->fFlags & RTERRINFO_FLAGS_SET ? strlen(pErrInfo->pszMsg) : 0;
65 if (cchAlready + 1 < pErrInfo->cbMsg)
66 RTStrCopyEx(pErrInfo->pszMsg + cchAlready, pErrInfo->cbMsg - cchAlready, pach, cch);
67 return -1;
68}
69
70
71DECLHIDDEN(int) rtCrOpenSslConvertX509Cert(void **ppvOsslCert, PCRTCRX509CERTIFICATE pCert, PRTERRINFO pErrInfo)
72{
73 const unsigned char *pabEncoded;
74 uint32_t cbEncoded;
75 void *pvFree;
76 int rc = RTAsn1EncodeQueryRawBits(RTCrX509Certificate_GetAsn1Core(pCert),
77 (const uint8_t **)&pabEncoded, &cbEncoded, &pvFree, pErrInfo);
78 if (RT_SUCCESS(rc))
79 {
80 X509 *pOsslCert = NULL;
81 X509 *pOsslCertRet = d2i_X509(&pOsslCert, &pabEncoded, cbEncoded);
82 RTMemTmpFree(pvFree);
83 if (pOsslCertRet == pOsslCert)
84 {
85 *ppvOsslCert = pOsslCert;
86 return VINF_SUCCESS;
87 }
88 rc = RTErrInfoSet(pErrInfo, VERR_CR_X509_OSSL_D2I_FAILED, "d2i_X509");
89
90 }
91 *ppvOsslCert = NULL;
92 return rc;
93}
94
95
96DECLHIDDEN(void) rtCrOpenSslFreeConvertedX509Cert(void *pvOsslCert)
97{
98 X509_free((X509 *)pvOsslCert);
99}
100
101
102DECLHIDDEN(int) rtCrOpenSslAddX509CertToStack(void *pvOsslStack, PCRTCRX509CERTIFICATE pCert, PRTERRINFO pErrInfo)
103{
104 X509 *pOsslCert = NULL;
105 int rc = rtCrOpenSslConvertX509Cert((void **)&pOsslCert, pCert, pErrInfo);
106 if (RT_SUCCESS(rc))
107 {
108 if (sk_X509_push((STACK_OF(X509) *)pvOsslStack, pOsslCert))
109 rc = VINF_SUCCESS;
110 else
111 {
112 rtCrOpenSslFreeConvertedX509Cert(pOsslCert);
113 rc = RTErrInfoSet(pErrInfo, VERR_NO_MEMORY, "sk_X509_push");
114 }
115 }
116 return rc;
117}
118
119
120DECLHIDDEN(const void /*EVP_MD*/ *) rtCrOpenSslConvertDigestType(RTDIGESTTYPE enmDigestType, PRTERRINFO pErrInfo)
121{
122 const char *pszAlgoObjId = RTCrDigestTypeToAlgorithmOid(enmDigestType);
123 AssertReturnStmt(pszAlgoObjId, RTErrInfoSetF(pErrInfo, VERR_INVALID_PARAMETER, "Invalid type: %d", enmDigestType), NULL);
124
125 int iAlgoNid = OBJ_txt2nid(pszAlgoObjId);
126 AssertReturnStmt(iAlgoNid != NID_undef,
127 RTErrInfoSetF(pErrInfo, VERR_CR_DIGEST_OSSL_DIGEST_INIT_ERROR,
128 "OpenSSL does not know: %s (%s)", pszAlgoObjId, RTCrDigestTypeToName(enmDigestType)),
129 NULL);
130
131 const char *pszAlgoSn = OBJ_nid2sn(iAlgoNid);
132 const EVP_MD *pEvpMdType = EVP_get_digestbyname(pszAlgoSn);
133 AssertReturnStmt(pEvpMdType,
134 RTErrInfoSetF(pErrInfo, VERR_CR_DIGEST_OSSL_DIGEST_INIT_ERROR, "OpenSSL/EVP does not know: %d (%s; %s; %s)",
135 iAlgoNid, pszAlgoSn, pszAlgoSn, RTCrDigestTypeToName(enmDigestType)),
136 NULL);
137
138 return pEvpMdType;
139}
140
141#endif /* IPRT_WITH_OPENSSL */
142
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette