The original author of Bacula is Kern Sibbald, with contributions
from many others, a complete list can be found in the file AUTHORS.
The original author of Bacula is Kern Sibbald, with contributions
from many others, a complete list can be found in the file AUTHORS.
IMPLEMENT_ASN1_FUNCTIONS(RecipientInfo)
IMPLEMENT_ASN1_FUNCTIONS(SignatureData)
IMPLEMENT_ASN1_FUNCTIONS(CryptoData)
IMPLEMENT_ASN1_FUNCTIONS(RecipientInfo)
IMPLEMENT_ASN1_FUNCTIONS(SignatureData)
IMPLEMENT_ASN1_FUNCTIONS(CryptoData)
#define ASN1_seq_unpack_RecipientInfo(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(RecipientInfo, (buf), (len), (d2i_func), (free_func))
/* End of util/mkstack.pl block */
#define ASN1_seq_unpack_RecipientInfo(buf, len, d2i_func, free_func) \
SKM_ASN1_seq_unpack(RecipientInfo, (buf), (len), (d2i_func), (free_func))
/* End of util/mkstack.pl block */
/* Find the index to the subjectKeyIdentifier extension */
i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
/* Find the index to the subjectKeyIdentifier extension */
i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
- keyid = (ASN1_OCTET_STRING *) ASN1_item_d2i(NULL, &ext_value_data, ext->value->length,
+ keyid = (ASN1_OCTET_STRING *) ASN1_item_d2i(NULL, &ext_value_data, ASN1_STRING_length(asn1_ext_val),
Dmsg1(150, "crypto_digest_new jcr=%p\n", jcr);
/* Initialize the OpenSSL message digest context */
Dmsg1(150, "crypto_digest_new jcr=%p\n", jcr);
/* Initialize the OpenSSL message digest context */
Dmsg0(150, "digest update failed\n");
openssl_post_errors(digest->jcr, M_ERROR, _("OpenSSL digest update failed"));
return false;
Dmsg0(150, "digest update failed\n");
openssl_post_errors(digest->jcr, M_ERROR, _("OpenSSL digest update failed"));
return false;
Dmsg0(150, "digest finalize failed\n");
openssl_post_errors(digest->jcr, M_ERROR, _("OpenSSL digest finalize failed"));
return false;
Dmsg0(150, "digest finalize failed\n");
openssl_post_errors(digest->jcr, M_ERROR, _("OpenSSL digest finalize failed"));
return false;
for (i = 0; i < sk_SignerInfo_num(signers); i++) {
si = sk_SignerInfo_value(signers, i);
for (i = 0; i < sk_SignerInfo_num(signers); i++) {
si = sk_SignerInfo_value(signers, i);
/* Get the digest algorithm and allocate a digest context */
Dmsg1(150, "crypto_sign_get_digest jcr=%p\n", sig->jcr);
switch (OBJ_obj2nid(si->digestAlgorithm)) {
/* Get the digest algorithm and allocate a digest context */
Dmsg1(150, "crypto_sign_get_digest jcr=%p\n", sig->jcr);
switch (OBJ_obj2nid(si->digestAlgorithm)) {
signers = sig->sigData->signerInfo;
/* Find the signer */
for (i = 0; i < sk_SignerInfo_num(signers); i++) {
si = sk_SignerInfo_value(signers, i);
signers = sig->sigData->signerInfo;
/* Find the signer */
for (i = 0; i < sk_SignerInfo_num(signers); i++) {
si = sk_SignerInfo_value(signers, i);
- ok = EVP_VerifyFinal(&digest->ctx, sigData, sigLen, keypair->pubkey);
+ ok = EVP_VerifyFinal(digest->ctx, sigData, sigLen, keypair->pubkey);
- M_ASN1_OCTET_STRING_free(si->subjectKeyIdentifier);
- si->subjectKeyIdentifier = M_ASN1_OCTET_STRING_dup(keypair->keyid);
+ ASN1_OCTET_STRING_free(si->subjectKeyIdentifier);
+ si->subjectKeyIdentifier = ASN1_OCTET_STRING_dup(keypair->keyid);
/* Finalize/Sign our Digest */
len = EVP_PKEY_size(keypair->privkey);
buf = (unsigned char *) malloc(len);
/* Finalize/Sign our Digest */
len = EVP_PKEY_size(keypair->privkey);
buf = (unsigned char *) malloc(len);
- if (!EVP_SignFinal(&digest->ctx, buf, &len, keypair->privkey)) {
+ if (!EVP_SignFinal(digest->ctx, buf, &len, keypair->privkey)) {
openssl_post_errors(M_ERROR, _("Signature creation failed"));
goto err;
}
/* Add the signature to the SignerInfo structure */
openssl_post_errors(M_ERROR, _("Signature creation failed"));
goto err;
}
/* Add the signature to the SignerInfo structure */
ASN1_INTEGER_set(ri->version, BACULA_ASN1_VERSION);
/* Drop the string allocated by OpenSSL, and add our subjectKeyIdentifier */
ASN1_INTEGER_set(ri->version, BACULA_ASN1_VERSION);
/* Drop the string allocated by OpenSSL, and add our subjectKeyIdentifier */
- M_ASN1_OCTET_STRING_free(ri->subjectKeyIdentifier);
- ri->subjectKeyIdentifier = M_ASN1_OCTET_STRING_dup(keypair->keyid);
+ ASN1_OCTET_STRING_free(ri->subjectKeyIdentifier);
+ ri->subjectKeyIdentifier = ASN1_OCTET_STRING_dup(keypair->keyid);
ri = sk_RecipientInfo_value(recipients, i);
/* Match against the subjectKeyIdentifier */
ri = sk_RecipientInfo_value(recipients, i);
/* Match against the subjectKeyIdentifier */
/* If we recieve a RecipientInfo structure that does not use
* RSA, return an error */
/* If we recieve a RecipientInfo structure that does not use
* RSA, return an error */
/* Decrypt the session key */
/* Allocate sufficient space for the largest possible decrypted data */
cs->session_key = (unsigned char *)malloc(EVP_PKEY_size(keypair->privkey));
/* Decrypt the session key */
/* Allocate sufficient space for the largest possible decrypted data */
cs->session_key = (unsigned char *)malloc(EVP_PKEY_size(keypair->privkey));
- cs->session_key_len = EVP_PKEY_decrypt(cs->session_key, M_ASN1_STRING_data(ri->encryptedKey),
- M_ASN1_STRING_length(ri->encryptedKey), keypair->privkey);
+ cs->session_key_len = EVP_PKEY_decrypt(cs->session_key, ASN1_STRING_get0_data(ri->encryptedKey),
+ ASN1_STRING_length(ri->encryptedKey), keypair->privkey);
if (cs->session_key_len <= 0) {
openssl_post_errors(M_ERROR, _("Failure decrypting the session key"));
if (cs->session_key_len <= 0) {
openssl_post_errors(M_ERROR, _("Failure decrypting the session key"));
- if (!EVP_CipherInit_ex(&cipher_ctx->ctx, ec, NULL, NULL, NULL, 1)) {
+ if (!EVP_CipherInit_ex(cipher_ctx->ctx, ec, NULL, NULL, NULL, 1)) {
openssl_post_errors(M_ERROR, _("OpenSSL cipher context initialization failed"));
goto err;
}
} else {
/* Initialize for decryption */
openssl_post_errors(M_ERROR, _("OpenSSL cipher context initialization failed"));
goto err;
}
} else {
/* Initialize for decryption */
- if (!EVP_CipherInit_ex(&cipher_ctx->ctx, ec, NULL, NULL, NULL, 0)) {
+ if (!EVP_CipherInit_ex(cipher_ctx->ctx, ec, NULL, NULL, NULL, 0)) {
openssl_post_errors(M_ERROR, _("Encryption session provided an invalid symmetric key"));
goto err;
}
/* Validate the IV length */
openssl_post_errors(M_ERROR, _("Encryption session provided an invalid symmetric key"));
goto err;
}
/* Validate the IV length */
openssl_post_errors(M_ERROR, _("Encryption session provided an invalid IV"));
goto err;
}
/* Add the key and IV to the cipher context */
openssl_post_errors(M_ERROR, _("Encryption session provided an invalid IV"));
goto err;
}
/* Add the key and IV to the cipher context */
- if (!EVP_CipherInit_ex(&cipher_ctx->ctx, NULL, NULL, cs->session_key, M_ASN1_STRING_data(cs->cryptoData->iv), -1)) {
+ if (!EVP_CipherInit_ex(cipher_ctx->ctx, NULL, NULL, cs->session_key, ASN1_STRING_get0_data(cs->cryptoData->iv), -1)) {
*/
bool crypto_cipher_update(CIPHER_CONTEXT *cipher_ctx, const uint8_t *data, uint32_t length, const uint8_t *dest, uint32_t *written)
{
*/
bool crypto_cipher_update(CIPHER_CONTEXT *cipher_ctx, const uint8_t *data, uint32_t length, const uint8_t *dest, uint32_t *written)
{
- if (!EVP_CipherUpdate(&cipher_ctx->ctx, (unsigned char *)dest, (int *)written, (const unsigned char *)data, length)) {
+ if (!EVP_CipherUpdate(cipher_ctx->ctx, (unsigned char *)dest, (int *)written, (const unsigned char *)data, length)) {