From c3a136dca942c0322d327fda8423312b598b8183 Mon Sep 17 00:00:00 2001
From: "srinivasa.m" <srinivasa.m@samsung.com>
Date: Thu, 22 Aug 2019 13:59:19 +0530
Subject: [PATCH] Migration from openssl-1.0.2 to openssl-1.1.1

Change-Id: Iafc6303f002a8be597fb5396683bd32f76be6819
---
 packaging/liboauth.spec |  2 +-
 src/hash.c              | 61 ++++++++++++++++++++++++++++++++++++++++++++++---
 2 files changed, 59 insertions(+), 4 deletions(-)
 mode change 100755 => 100644 src/hash.c

diff --git a/packaging/liboauth.spec b/packaging/liboauth.spec
index a62cd4a..d621612 100644
--- a/packaging/liboauth.spec
+++ b/packaging/liboauth.spec
@@ -10,7 +10,7 @@ BuildRequires:  pkgconfig(libcurl)
 BuildRequires:  pkgconfig(nss)
 BuildRequires:  pkgconfig(libxml-2.0)
 BuildRequires:  pkgconfig(glib-2.0)
-BuildRequires:  pkgconfig(openssl)
+BuildRequires:  pkgconfig(openssl1.1)
 
 %description
 library implementing the OAuth secure authentication protocol (shared libs)
diff --git a/src/hash.c b/src/hash.c
old mode 100755
new mode 100644
index 17ff5c8..4629d90
--- a/src/hash.c
+++ b/src/hash.c
@@ -386,7 +386,11 @@ char *oauth_sign_rsa_sha1 (const char *m, const char *k) {
   unsigned char *sig = NULL;
   unsigned char *passphrase = NULL;
   unsigned int len=0;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L // OpenSSL 1.0.2
   EVP_MD_CTX md_ctx;
+#else // OpenSSL 1.1.1
+  EVP_MD_CTX *md_ctx;
+#endif
 
   EVP_PKEY *pkey;
   BIO *in;
@@ -402,21 +406,39 @@ char *oauth_sign_rsa_sha1 (const char *m, const char *k) {
   len = EVP_PKEY_size(pkey);
   sig = (unsigned char*)xmalloc((len+1)*sizeof(char));
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L // OpenSSL 1.0.2
   EVP_SignInit(&md_ctx, EVP_sha1());
   EVP_SignUpdate(&md_ctx, m, strlen(m));
   if (EVP_SignFinal (&md_ctx, sig, &len, pkey)) {
+#else
+  EVP_SignInit(md_ctx, EVP_sha1());
+  EVP_SignUpdate(md_ctx, m, strlen(m));
+  if (EVP_SignFinal(md_ctx, sig, &len, pkey)) {
+#endif
     char *tmp;
     sig[len] = '\0';
     tmp = oauth_encode_base64(len,sig);
     OPENSSL_free(sig);
     EVP_PKEY_free(pkey);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L // OpenSSL 1.0.2
+#else // OpenSSL 1.1.1
+    EVP_MD_CTX_free(md_ctx);
+#endif
     return tmp;
   }
+#if OPENSSL_VERSION_NUMBER < 0x10100000L // OpenSSL 1.0.2
+#else // OpenSSL 1.1.1
+    EVP_MD_CTX_free(md_ctx);
+#endif
   return xstrdup("liboauth/OpenSSL: rsa-sha1 signing failed");
 }
 
 int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L // OpenSSL 1.0.2
   EVP_MD_CTX md_ctx;
+#else // OpenSSL 1.1.1
+  EVP_MD_CTX *md_ctx;
+#endif
   EVP_PKEY *pkey;
   BIO *in;
   X509 *cert = NULL;
@@ -439,11 +461,17 @@ int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) {
 
   b64d= (unsigned char*) xmalloc(sizeof(char)*strlen(s));
   slen = oauth_decode_base64(b64d, s);
-
+#if OPENSSL_VERSION_NUMBER < 0x10100000L // OpenSSL 1.0.2
   EVP_VerifyInit(&md_ctx, EVP_sha1());
   EVP_VerifyUpdate(&md_ctx, m, strlen(m));
   err = EVP_VerifyFinal(&md_ctx, b64d, slen, pkey);
   EVP_MD_CTX_cleanup(&md_ctx);
+#else // OpenSSL 1.1.1
+  EVP_VerifyInit(md_ctx, EVP_sha1());
+  EVP_VerifyUpdate(md_ctx, m, strlen(m));
+  err = EVP_VerifyFinal(md_ctx, b64d, slen, pkey);
+  EVP_MD_CTX_free(md_ctx);
+#endif
   EVP_PKEY_free(pkey);
   xfree(b64d);
   return (err);
@@ -455,35 +483,62 @@ int oauth_verify_rsa_sha1 (const char *m, const char *c, const char *s) {
  */
 char *oauth_body_hash_file(char *filename) {
   unsigned char fb[BUFSIZ];
+#if OPENSSL_VERSION_NUMBER < 0x10100000L // OpenSSL 1.0.2
   EVP_MD_CTX ctx;
-  size_t len=0;
+#else // OpenSSL 1.1.1
+  EVP_MD_CTX *ctx;
+#endif
+ size_t len=0;
   unsigned char *md;
   FILE *F= fopen(filename, "r");
   if (!F) return NULL;
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L // OpenSSL 1.0.2
   EVP_MD_CTX_init(&ctx);
   EVP_DigestInit(&ctx,EVP_sha1());
   while (!feof(F) && (len=fread(fb,sizeof(char),BUFSIZ, F))>0) {
     EVP_DigestUpdate(&ctx, fb, len);
   }
+#else // OpenSSL 1.1.1
+  ctx = EVP_MD_CTX_new();
+  EVP_DigestInit(ctx,EVP_sha1());
+  while (!feof(F) && (len=fread(fb,sizeof(char),BUFSIZ, F))>0) {
+    EVP_DigestUpdate(ctx, fb, len);
+  }
+#endif
   fclose(F);
   len=0;
   md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char));
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L // OpenSSL 1.0.2
   EVP_DigestFinal(&ctx, md,(unsigned int*) &len);
   EVP_MD_CTX_cleanup(&ctx);
+#else // OpenSSL 1.1.1
+  EVP_DigestFinal(ctx, md,(unsigned int*) &len);
+  EVP_MD_CTX_free(ctx);
+#endif
   return oauth_body_hash_encode(len, md);
 }
 
 char *oauth_body_hash_data(size_t length, const char *data) {
-  EVP_MD_CTX ctx;
   size_t len=0;
   unsigned char *md;
   md=(unsigned char*) xcalloc(EVP_MD_size(EVP_sha1()),sizeof(unsigned char));
+#if OPENSSL_VERSION_NUMBER < 0x10100000L // OpenSSL 1.0.2
+  EVP_MD_CTX ctx;
   EVP_MD_CTX_init(&ctx);
   EVP_DigestInit(&ctx,EVP_sha1());
   EVP_DigestUpdate(&ctx, data, length);
   EVP_DigestFinal(&ctx, md,(unsigned int*) &len);
   EVP_MD_CTX_cleanup(&ctx);
+#else // OpenSSL 1.1.1
+  EVP_MD_CTX *ctx;
+  ctx = EVP_MD_CTX_new();
+  EVP_DigestInit(ctx,EVP_sha1());
+  EVP_DigestUpdate(ctx, data, length);
+  EVP_DigestFinal(ctx, md,(unsigned int*) &len);
+  EVP_MD_CTX_free(ctx);
+#endif
   return oauth_body_hash_encode(len, md);
 }
 
-- 
2.7.4