// Must be included first before openssl headers.
#include "talk/base/win32.h" // NOLINT
-#include <openssl/ssl.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include "talk/base/checks.h"
#include "talk/base/helpers.h"
#include "talk/base/logging.h"
+#include "talk/base/openssl.h"
#include "talk/base/openssldigest.h"
namespace talk_base {
static EVP_PKEY* MakeKey() {
LOG(LS_INFO) << "Making key pair";
EVP_PKEY* pkey = EVP_PKEY_new();
-#if OPENSSL_VERSION_NUMBER < 0x00908000l
- // Only RSA_generate_key is available. Use that.
- RSA* rsa = RSA_generate_key(KEY_LENGTH, 0x10001, NULL, NULL);
- if (!EVP_PKEY_assign_RSA(pkey, rsa)) {
- EVP_PKEY_free(pkey);
- RSA_free(rsa);
- return NULL;
- }
-#else
// RSA_generate_key is deprecated. Use _ex version.
BIGNUM* exponent = BN_new();
RSA* rsa = RSA_new();
}
// ownership of rsa struct was assigned, don't free it.
BN_free(exponent);
-#endif
LOG(LS_INFO) << "Returning key pair";
return pkey;
}
BIO* bio = BIO_new_mem_buf(const_cast<char*>(pem_string.c_str()), -1);
if (!bio)
return NULL;
- (void)BIO_set_close(bio, BIO_NOCLOSE);
BIO_set_mem_eof_return(bio, 0);
X509 *x509 = PEM_read_bio_X509(bio, NULL, NULL,
const_cast<char*>("\0"));
- BIO_free(bio);
+ BIO_free(bio); // Frees the BIO, but not the pointed-to string.
+
if (!x509)
return NULL;
LOG(LS_ERROR) << "Failed to create a new BIO buffer.";
return NULL;
}
- (void)BIO_set_close(bio, BIO_NOCLOSE);
BIO_set_mem_eof_return(bio, 0);
EVP_PKEY *pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL,
const_cast<char*>("\0"));
- BIO_free(bio);
+ BIO_free(bio); // Frees the BIO, but not the pointed-to string.
if (!pkey) {
LOG(LS_ERROR) << "Failed to create the private key from PEM string.";
} // namespace talk_base
#endif // HAVE_OPENSSL_SSL_H
-
-