From 4f769866d7f286d8c947a75d7f9b2562af468886 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Marc-Andr=C3=A9=20Moreau?= <marcandre.moreau@gmail.com>
Date: Fri, 9 Oct 2015 15:57:41 -0400
Subject: [PATCH] winpr: make clean non-OpenSSL build possible (without
 schannel, makecert)

---
 winpr/include/winpr/crypto.h            |  3 ++-
 winpr/libwinpr/crypto/cipher.c          | 10 +++++-----
 winpr/libwinpr/crypto/rand.c            | 15 +++++++++++++--
 winpr/libwinpr/rpc/rpc.c                |  9 +++------
 winpr/libwinpr/sspi/sspi_winpr.c        |  5 -----
 winpr/libwinpr/sspi/test/CMakeLists.txt |  5 +----
 winpr/libwinpr/utils/ntlm.c             | 27 ++++++++-------------------
 7 files changed, 32 insertions(+), 42 deletions(-)

diff --git a/winpr/include/winpr/crypto.h b/winpr/include/winpr/crypto.h
index 8af3df2..de0b3c7 100644
--- a/winpr/include/winpr/crypto.h
+++ b/winpr/include/winpr/crypto.h
@@ -856,6 +856,7 @@ extern "C" {
 #endif
 
 WINPR_API int winpr_RAND(BYTE* output, size_t len);
+WINPR_API int winpr_RAND_pseudo(BYTE* output, size_t len);
 
 #ifdef __cplusplus
 }
@@ -1022,7 +1023,7 @@ WINPR_API void winpr_Cipher_Final(WINPR_CIPHER_CTX* ctx, BYTE* output, size_t* o
 extern "C" {
 #endif
 
-int winpr_openssl_BytesToKey(int cipher, int md, const BYTE* salt, const BYTE* data, int datal, int count, BYTE* key, BYTE* iv);
+WINPR_API int winpr_openssl_BytesToKey(int cipher, int md, const BYTE* salt, const BYTE* data, int datal, int count, BYTE* key, BYTE* iv);
 
 #ifdef __cplusplus
 }
diff --git a/winpr/libwinpr/crypto/cipher.c b/winpr/libwinpr/crypto/cipher.c
index 3c267d4..8ec4f5e 100644
--- a/winpr/libwinpr/crypto/cipher.c
+++ b/winpr/libwinpr/crypto/cipher.c
@@ -570,7 +570,7 @@ int winpr_openssl_BytesToKey(int cipher, int md, const BYTE* salt, const BYTE* d
 
 		if (addmd++)
 		{
-			if (mbedtls_md_update(&ctx, &(md_buf[0]), mds) != 0)
+			if (mbedtls_md_update(&ctx, md_buf, mds) != 0)
 				goto err;
 		}
 
@@ -583,7 +583,7 @@ int winpr_openssl_BytesToKey(int cipher, int md, const BYTE* salt, const BYTE* d
 				goto err;
 		}
 
-		if (mbedtls_md_finish(&ctx, &(md_buf[0])) != 0)
+		if (mbedtls_md_finish(&ctx, md_buf) != 0)
 			goto err;
 
 		mds = mbedtls_md_get_size(md_info);
@@ -592,9 +592,9 @@ int winpr_openssl_BytesToKey(int cipher, int md, const BYTE* salt, const BYTE* d
 		{
 			if (mbedtls_md_starts(&ctx) != 0)
 				goto err;
-			if (mbedtls_md_update(&ctx, &(md_buf[0]), mds) != 0)
+			if (mbedtls_md_update(&ctx, md_buf, mds) != 0)
 				goto err;
-			if (mbedtls_md_finish(&ctx, &(md_buf[0])) != 0)
+			if (mbedtls_md_finish(&ctx, md_buf) != 0)
 				goto err;
 		}
 
@@ -637,7 +637,7 @@ int winpr_openssl_BytesToKey(int cipher, int md, const BYTE* salt, const BYTE* d
 	rv = cipher_info->key_bitlen / 8;
 err:
 	mbedtls_md_free(&ctx);
-	SecureZeroMemory(&(md_buf[0]), EVP_MAX_MD_SIZE);
+	SecureZeroMemory(md_buf, 64);
 	return rv;
 #endif
 
diff --git a/winpr/libwinpr/crypto/rand.c b/winpr/libwinpr/crypto/rand.c
index 0dc03ed..8b8468b 100644
--- a/winpr/libwinpr/crypto/rand.c
+++ b/winpr/libwinpr/crypto/rand.c
@@ -35,8 +35,6 @@
 #include <mbedtls/hmac_drbg.h>
 #endif
 
-#undef WITH_OPENSSL
-
 int winpr_RAND(BYTE* output, size_t len)
 {
 #if defined(WITH_OPENSSL)
@@ -49,3 +47,16 @@ int winpr_RAND(BYTE* output, size_t len)
 #endif
 	return 0;
 }
+
+int winpr_RAND_pseudo(BYTE* output, size_t len)
+{
+#if defined(WITH_OPENSSL)
+	RAND_pseudo_bytes(output, len);
+#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_HAVEGE_C)
+	mbedtls_havege_state hs;
+	mbedtls_havege_init(&hs);
+	mbedtls_havege_random(&hs, output, len);
+	mbedtls_havege_free(&hs);
+#endif
+	return 0;
+}
diff --git a/winpr/libwinpr/rpc/rpc.c b/winpr/libwinpr/rpc/rpc.c
index 024a622..82da88a 100644
--- a/winpr/libwinpr/rpc/rpc.c
+++ b/winpr/libwinpr/rpc/rpc.c
@@ -21,15 +21,12 @@
 #include "config.h"
 #endif
 
-#include <stdio.h>
-
 #include <winpr/crt.h>
 #include <winpr/rpc.h>
+#include <winpr/crypto.h>
 
 #ifndef _WIN32
 
-#include <openssl/rand.h>
-
 #include "../log.h"
 #define TAG WINPR_TAG("rpc")
 
@@ -658,13 +655,13 @@ static UUID UUID_NIL =
 
 RPC_STATUS UuidCreate(UUID* Uuid)
 {
-	RAND_pseudo_bytes((void*) Uuid, 16);
+	winpr_RAND_pseudo((BYTE*) Uuid, 16);
 	return RPC_S_OK;
 }
 
 RPC_STATUS UuidCreateSequential(UUID* Uuid)
 {
-	RAND_pseudo_bytes((void*) Uuid, 16);
+	winpr_RAND_pseudo((BYTE*) Uuid, 16);
 	return RPC_S_OK;
 }
 
diff --git a/winpr/libwinpr/sspi/sspi_winpr.c b/winpr/libwinpr/sspi/sspi_winpr.c
index 3b36183..212c481 100644
--- a/winpr/libwinpr/sspi/sspi_winpr.c
+++ b/winpr/libwinpr/sspi/sspi_winpr.c
@@ -21,8 +21,6 @@
 #include "config.h"
 #endif
 
-#include <stdlib.h>
-
 #include <winpr/windows.h>
 
 #include <winpr/crt.h>
@@ -30,9 +28,6 @@
 #include <winpr/ssl.h>
 #include <winpr/print.h>
 
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
 #include "sspi.h"
 
 #include "sspi_winpr.h"
diff --git a/winpr/libwinpr/sspi/test/CMakeLists.txt b/winpr/libwinpr/sspi/test/CMakeLists.txt
index 906f9b6..fcb4274 100644
--- a/winpr/libwinpr/sspi/test/CMakeLists.txt
+++ b/winpr/libwinpr/sspi/test/CMakeLists.txt
@@ -17,14 +17,11 @@ create_test_sourcelist(${MODULE_PREFIX}_SRCS
 	${${MODULE_PREFIX}_DRIVER}
 	${${MODULE_PREFIX}_TESTS})
 
-include_directories(${ZLIB_INCLUDE_DIRS})
 include_directories(${OPENSSL_INCLUDE_DIR})
 
 add_executable(${MODULE_NAME} ${${MODULE_PREFIX}_SRCS})
 
-set(${MODULE_PREFIX}_LIBS
-	${ZLIB_LIBRARIES}
-	${OPENSSL_LIBRARIES})
+set(${MODULE_PREFIX}_LIBS ${OPENSSL_LIBRARIES})
 
 if(WIN32)
 	set(${MODULE_PREFIX}_LIBS ${${MODULE_PREFIX}_LIBS} secur32 crypt32)
diff --git a/winpr/libwinpr/utils/ntlm.c b/winpr/libwinpr/utils/ntlm.c
index 1b1994f..709d4d8 100644
--- a/winpr/libwinpr/utils/ntlm.c
+++ b/winpr/libwinpr/utils/ntlm.c
@@ -24,11 +24,7 @@
 #include <winpr/ntlm.h>
 
 #include <winpr/crt.h>
-
-#ifdef WITH_OPENSSL
-#include <openssl/ssl.h>
-#include <openssl/md4.h>
-#endif
+#include <winpr/crypto.h>
 
 /**
  * Define NTOWFv1(Password, User, Domain) as
@@ -38,20 +34,17 @@
 
 BYTE* NTOWFv1W(LPWSTR Password, UINT32 PasswordLength, BYTE* NtHash)
 {
+	WINPR_MD4_CTX md4;
+
 	if (!Password)
 		return NULL;
 
 	if (!NtHash && !(NtHash = malloc(16)))
 		return NULL;
 
-#ifdef WITH_OPENSSL
-	{
-		MD4_CTX md4_ctx;
-		MD4_Init(&md4_ctx);
-		MD4_Update(&md4_ctx, Password, PasswordLength);
-		MD4_Final((void*) NtHash, &md4_ctx);
-	}
-#endif
+	winpr_MD4_Init(&md4);
+	winpr_MD4_Update(&md4, (BYTE*) Password, (size_t) PasswordLength);
+	winpr_MD4_Final(&md4, NtHash);
 
 	return NtHash;
 }
@@ -110,9 +103,7 @@ BYTE* NTOWFv2W(LPWSTR Password, UINT32 PasswordLength, LPWSTR User,
 	CopyMemory(&buffer[UserLength], Domain, DomainLength);
 
 	/* Compute the HMAC-MD5 hash of the above value using the NTLMv1 hash as the key, the result is the NTLMv2 hash */
-#ifdef WITH_OPENSSL
-	HMAC(EVP_md5(), (void*) NtHashV1, 16, buffer, UserLength + DomainLength, (void*) NtHash, NULL);
-#endif
+	winpr_HMAC(WINPR_MD_MD5, NtHashV1, 16, buffer, UserLength + DomainLength, NtHash);
 
 	free(buffer);
 
@@ -174,9 +165,7 @@ BYTE* NTOWFv2FromHashW(BYTE* NtHashV1, LPWSTR User, UINT32 UserLength, LPWSTR Do
 	}
 
 	/* Compute the HMAC-MD5 hash of the above value using the NTLMv1 hash as the key, the result is the NTLMv2 hash */
-#ifdef WITH_OPENSSL
-	HMAC(EVP_md5(), (void*) NtHashV1, 16, buffer, UserLength + DomainLength, (void*) NtHash, NULL);
-#endif
+	winpr_HMAC(WINPR_MD_MD5, NtHashV1, 16, buffer, UserLength + DomainLength, NtHash);
 
 	free(buffer);
 
-- 
2.7.4