diff --git a/include/libgourou_common.h b/include/libgourou_common.h index f876f60..2328208 100644 --- a/include/libgourou_common.h +++ b/include/libgourou_common.h @@ -114,7 +114,8 @@ namespace gourou CLIENT_GENERIC_EXCEPTION, CLIENT_NETWORK_ERROR, CLIENT_INVALID_PKCS8, - CLIENT_FILE_ERROR + CLIENT_FILE_ERROR, + CLIENT_OSSL_ERROR, }; enum DRM_REMOVAL_ERROR { diff --git a/utils/Makefile b/utils/Makefile index 7d7882a..386bd97 100644 --- a/utils/Makefile +++ b/utils/Makefile @@ -3,6 +3,9 @@ TARGETS=acsmdownloader adept_activate adept_remove adept_loan_mgt CXXFLAGS=-Wall -fPIC -I$(ROOT)/include -I$(ROOT)/lib/pugixml/src/ +# OpenSSL 1.1.0 compat +CXXFLAGS += -DOPENSSL_API_COMPAT=0x10100000L + STATIC_DEP= LDFLAGS=-L$(ROOT) -lcrypto -lzip -lz -lcurl diff --git a/utils/drmprocessorclientimpl.cpp b/utils/drmprocessorclientimpl.cpp index 39a7dfa..2edc25f 100644 --- a/utils/drmprocessorclientimpl.cpp +++ b/utils/drmprocessorclientimpl.cpp @@ -35,6 +35,8 @@ #include #include #include +#include +#include #include @@ -45,6 +47,31 @@ #include #include "drmprocessorclientimpl.h" +DRMProcessorClientImpl::DRMProcessorClientImpl(): + legacy(0), deflt(0) +{ +#if OPENSSL_VERSION_MAJOR >= 3 + legacy = OSSL_PROVIDER_load(NULL, "legacy"); + if (!legacy) + EXCEPTION(gourou::CLIENT_OSSL_ERROR, "Error, OpenSSL legacy provider not available"); + + deflt = OSSL_PROVIDER_load(NULL, "default"); + if (!deflt) + EXCEPTION(gourou::CLIENT_OSSL_ERROR, "Error, OpenSSL default provider not available"); +#endif +} + +DRMProcessorClientImpl::~DRMProcessorClientImpl() +{ +#if OPENSSL_VERSION_MAJOR >= 3 + if (legacy) + OSSL_PROVIDER_unload(legacy); + + if (deflt) + OSSL_PROVIDER_unload(deflt); +#endif +} + /* Digest interface */ void* DRMProcessorClientImpl::createDigest(const std::string& digestName) { @@ -289,7 +316,12 @@ void DRMProcessorClientImpl::RSAPrivateEncrypt(const unsigned char* RSAKey, unsi pkcs12 = d2i_PKCS12(NULL, &RSAKey, RSAKeyLength); if (!pkcs12) EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL)); + PKCS12_parse(pkcs12, password.c_str(), &pkey, &cert, &ca); + + if (!pkey) + EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL)); + rsa = EVP_PKEY_get1_RSA(pkey); int ret = RSA_private_encrypt(dataLength, data, res, rsa, RSA_PKCS1_PADDING); @@ -413,6 +445,9 @@ void DRMProcessorClientImpl::extractCertificate(const unsigned char* RSAKey, uns EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL)); PKCS12_parse(pkcs12, password.c_str(), &pkey, &cert, &ca); + if (!cert) + EXCEPTION(gourou::CLIENT_INVALID_PKCS12, ERR_error_string(ERR_get_error(), NULL)); + *certOutLength = i2d_X509(cert, certOut); EVP_PKEY_free(pkey); diff --git a/utils/drmprocessorclientimpl.h b/utils/drmprocessorclientimpl.h index 53a4a03..528cfee 100644 --- a/utils/drmprocessorclientimpl.h +++ b/utils/drmprocessorclientimpl.h @@ -31,11 +31,18 @@ #include +#if OPENSSL_VERSION_MAJOR >= 3 +#include +#endif + #include class DRMProcessorClientImpl : public gourou::DRMProcessorClient { public: + DRMProcessorClientImpl(); + ~DRMProcessorClientImpl(); + /* Digest interface */ virtual void* createDigest(const std::string& digestName); virtual int digestUpdate(void* handler, unsigned char* data, unsigned int length); @@ -118,6 +125,13 @@ public: virtual void deflate(gourou::ByteArray& data, gourou::ByteArray& result, int wbits=-15, int compressionLevel=8); + +private: +#if OPENSSL_VERSION_MAJOR >= 3 + OSSL_PROVIDER *legacy, *deflt; +#else + void *legacy, *deflt; +#endif }; #endif