Coverage Report

Created: 2026-04-01 06:41

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/njs/external/njs_openssl.h
Line
Count
Source
1
2
/*
3
 * Copyright (C) Dmitry Volyntsev
4
 * Copyright (C) NGINX, Inc.
5
 */
6
7
8
#ifndef _NJS_EXTERNAL_OPENSSL_H_INCLUDED_
9
#define _NJS_EXTERNAL_OPENSSL_H_INCLUDED_
10
11
12
#define OPENSSL_SUPPRESS_DEPRECATED
13
14
#include <openssl/bn.h>
15
#include <openssl/bio.h>
16
#include <openssl/x509.h>
17
#include <openssl/evp.h>
18
#include <openssl/aes.h>
19
#include <openssl/rsa.h>
20
#include <openssl/err.h>
21
#include <openssl/rand.h>
22
#include <openssl/hmac.h>
23
#include <openssl/crypto.h>
24
25
#ifdef EVP_PKEY_HKDF
26
#include <openssl/kdf.h>
27
#endif
28
29
30
#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
31
#undef OPENSSL_VERSION_NUMBER
32
#if (LIBRESSL_VERSION_NUMBER >= 0x2080000fL)
33
#define OPENSSL_VERSION_NUMBER  0x1010000fL
34
#else
35
#define OPENSSL_VERSION_NUMBER  0x1000107fL
36
#endif
37
#endif
38
39
40
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
41
0
#define njs_evp_md_ctx_new()  EVP_MD_CTX_new()
42
0
#define njs_evp_md_ctx_free(_ctx)  EVP_MD_CTX_free(_ctx)
43
#else
44
#define njs_evp_md_ctx_new()  EVP_MD_CTX_create()
45
#define njs_evp_md_ctx_free(_ctx)  EVP_MD_CTX_destroy(_ctx)
46
#endif
47
48
49
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
50
0
#define njs_hmac_ctx_new()       HMAC_CTX_new()
51
0
#define njs_hmac_ctx_free(_ctx)  HMAC_CTX_free(_ctx)
52
#else
53
54
njs_inline HMAC_CTX *
55
njs_hmac_ctx_new(void)
56
{
57
    HMAC_CTX  *ctx;
58
59
    ctx = OPENSSL_malloc(sizeof(HMAC_CTX));
60
    if (ctx != NULL) {
61
        HMAC_CTX_init(ctx);
62
    }
63
64
    return ctx;
65
}
66
67
68
njs_inline void
69
njs_hmac_ctx_free(HMAC_CTX *ctx)
70
{
71
    if (ctx != NULL) {
72
        HMAC_CTX_cleanup(ctx);
73
        OPENSSL_free(ctx);
74
    }
75
}
76
77
#endif
78
79
80
0
#define njs_bio_new_mem_buf(b, len) BIO_new_mem_buf((void *) b, len)
81
82
83
#if (OPENSSL_VERSION_NUMBER < 0x30000000L && !defined ERR_peek_error_data)
84
0
#define ERR_peek_error_data(d, f)    ERR_peek_error_line_data(NULL, NULL, d, f)
85
#endif
86
87
88
njs_inline int
89
njs_bn_bn2binpad(const BIGNUM *bn, unsigned char *to, int tolen)
90
0
{
91
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
92
0
    return BN_bn2binpad(bn, to, tolen);
93
#else
94
    int  len;
95
96
    len = BN_num_bytes(bn);
97
98
    if (tolen > len) {
99
        memset(to, 0, tolen - len);
100
101
    } else if (tolen < len) {
102
        return -1;
103
    }
104
105
    return BN_bn2bin(bn, &to[tolen - len]);
106
#endif
107
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_bn_bn2binpad
Unexecuted instantiation: njs_webcrypto_module.c:njs_bn_bn2binpad
108
109
110
njs_inline int
111
njs_pkey_up_ref(EVP_PKEY *pkey)
112
0
{
113
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
114
0
    return EVP_PKEY_up_ref(pkey);
115
#else
116
    CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
117
    return 1;
118
#endif
119
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_pkey_up_ref
Unexecuted instantiation: njs_webcrypto_module.c:njs_pkey_up_ref
120
121
122
njs_inline const RSA *
123
njs_pkey_get_rsa_key(EVP_PKEY *pkey)
124
0
{
125
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
126
0
    return EVP_PKEY_get0_RSA(pkey);
127
#else
128
    return EVP_PKEY_get0(pkey);
129
#endif
130
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_pkey_get_rsa_key
Unexecuted instantiation: njs_webcrypto_module.c:njs_pkey_get_rsa_key
131
132
133
njs_inline void
134
njs_rsa_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e,
135
    const BIGNUM **d)
136
0
{
137
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
138
0
    RSA_get0_key(rsa, n, e, d);
139
#else
140
    if (n != NULL) {
141
        *n = rsa->n;
142
    }
143
144
    if (e != NULL) {
145
        *e = rsa->e;
146
    }
147
148
    if (d != NULL) {
149
        *d = rsa->d;
150
    }
151
#endif
152
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_rsa_get0_key
Unexecuted instantiation: njs_webcrypto_module.c:njs_rsa_get0_key
153
154
155
njs_inline void
156
njs_rsa_get0_factors(const RSA *rsa, const BIGNUM **p, const BIGNUM **q)
157
0
{
158
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
159
0
    RSA_get0_factors(rsa, p, q);
160
#else
161
    if (p != NULL) {
162
        *p = rsa->p;
163
    }
164
165
    if (q != NULL) {
166
        *q = rsa->q;
167
    }
168
#endif
169
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_rsa_get0_factors
Unexecuted instantiation: njs_webcrypto_module.c:njs_rsa_get0_factors
170
171
172
173
njs_inline void
174
njs_rsa_get0_ctr_params(const RSA *rsa, const BIGNUM **dp, const BIGNUM **dq,
175
    const BIGNUM **qi)
176
0
{
177
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
178
0
    RSA_get0_crt_params(rsa, dp, dq, qi);
179
#else
180
    if (dp != NULL) {
181
        *dp = rsa->dmp1;
182
    }
183
184
    if (dq != NULL) {
185
        *dq = rsa->dmq1;
186
    }
187
188
    if (qi != NULL) {
189
        *qi = rsa->iqmp;
190
    }
191
#endif
192
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_rsa_get0_ctr_params
Unexecuted instantiation: njs_webcrypto_module.c:njs_rsa_get0_ctr_params
193
194
195
njs_inline int
196
njs_rsa_set0_key(RSA *rsa, BIGNUM *n, BIGNUM *e, BIGNUM *d)
197
0
{
198
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
199
0
    return RSA_set0_key(rsa, n, e, d);
200
#else
201
    if ((rsa->n == NULL && n == NULL) || (rsa->e == NULL && e == NULL)) {
202
        return 0;
203
    }
204
205
    if (n != NULL) {
206
        BN_free(rsa->n);
207
        rsa->n = n;
208
    }
209
210
    if (e != NULL) {
211
        BN_free(rsa->e);
212
        rsa->e = e;
213
    }
214
215
    if (d != NULL) {
216
        BN_clear_free(rsa->d);
217
        rsa->d = d;
218
        BN_set_flags(rsa->d, BN_FLG_CONSTTIME);
219
    }
220
221
    return 1;
222
#endif
223
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_rsa_set0_key
Unexecuted instantiation: njs_webcrypto_module.c:njs_rsa_set0_key
224
225
226
njs_inline int
227
njs_rsa_set0_factors(RSA *rsa, BIGNUM *p, BIGNUM *q)
228
0
{
229
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
230
0
    return RSA_set0_factors(rsa, p, q);
231
#else
232
    if ((rsa->p == NULL && p == NULL) || (rsa->q == NULL && q == NULL)) {
233
        return 0;
234
    }
235
236
    if (p != NULL) {
237
        BN_clear_free(rsa->p);
238
        rsa->p = p;
239
        BN_set_flags(rsa->p, BN_FLG_CONSTTIME);
240
    }
241
242
    if (q != NULL) {
243
        BN_clear_free(rsa->q);
244
        rsa->q = q;
245
        BN_set_flags(rsa->q, BN_FLG_CONSTTIME);
246
    }
247
248
    return 1;
249
#endif
250
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_rsa_set0_factors
Unexecuted instantiation: njs_webcrypto_module.c:njs_rsa_set0_factors
251
252
253
njs_inline int
254
njs_rsa_set0_ctr_params(RSA *rsa, BIGNUM *dp, BIGNUM *dq, BIGNUM *qi)
255
0
{
256
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
257
0
    return RSA_set0_crt_params(rsa, dp, dq, qi);
258
#else
259
    if ((rsa->dmp1 == NULL && dp == NULL)
260
        || (rsa->dmq1 == NULL && dq == NULL)
261
        || (rsa->iqmp == NULL && qi == NULL))
262
    {
263
        return 0;
264
    }
265
266
    if (dp != NULL) {
267
        BN_clear_free(rsa->dmp1);
268
        rsa->dmp1 = dp;
269
        BN_set_flags(rsa->dmp1, BN_FLG_CONSTTIME);
270
    }
271
272
    if (dq != NULL) {
273
        BN_clear_free(rsa->dmq1);
274
        rsa->dmq1 = dq;
275
        BN_set_flags(rsa->dmq1, BN_FLG_CONSTTIME);
276
    }
277
278
    if (qi != NULL) {
279
        BN_clear_free(rsa->iqmp);
280
        rsa->iqmp = qi;
281
        BN_set_flags(rsa->iqmp, BN_FLG_CONSTTIME);
282
    }
283
284
    return 1;
285
#endif
286
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_rsa_set0_ctr_params
Unexecuted instantiation: njs_webcrypto_module.c:njs_rsa_set0_ctr_params
287
288
289
njs_inline const EC_KEY *
290
njs_pkey_get_ec_key(EVP_PKEY *pkey)
291
0
{
292
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
293
0
    return EVP_PKEY_get0_EC_KEY(pkey);
294
#else
295
    if (pkey->type != EVP_PKEY_EC) {
296
        return NULL;
297
    }
298
299
    return pkey->pkey.ec;
300
#endif
301
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_pkey_get_ec_key
Unexecuted instantiation: njs_webcrypto_module.c:njs_pkey_get_ec_key
302
303
304
njs_inline int
305
njs_ec_group_order_bits(const EC_GROUP *group)
306
0
{
307
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
308
0
    return EC_GROUP_order_bits(group);
309
#else
310
    int     bits;
311
    BIGNUM  *order;
312
313
    order = BN_new();
314
    if (order == NULL) {
315
        return 0;
316
    }
317
318
    if (EC_GROUP_get_order(group, order, NULL) == 0) {
319
        return 0;
320
    }
321
322
    bits = BN_num_bits(order);
323
324
    BN_free(order);
325
326
    return bits;
327
#endif
328
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_ec_group_order_bits
Unexecuted instantiation: njs_webcrypto_module.c:njs_ec_group_order_bits
329
330
331
njs_inline int
332
njs_ec_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
333
    BIGNUM *x, BIGNUM *y)
334
0
{
335
0
#if (OPENSSL_VERSION_NUMBER >= 0x10101001L)
336
0
    return EC_POINT_get_affine_coordinates(group, p, x, y, NULL);
337
#else
338
    return EC_POINT_get_affine_coordinates_GFp(group, p, x, y, NULL);
339
#endif
340
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_ec_point_get_affine_coordinates
Unexecuted instantiation: njs_webcrypto_module.c:njs_ec_point_get_affine_coordinates
341
342
343
njs_inline int
344
njs_ecdsa_sig_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
345
0
{
346
0
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
347
0
    return ECDSA_SIG_set0(sig, r, s);
348
#else
349
    if (r == NULL || s == NULL) {
350
        return 0;
351
    }
352
353
    BN_clear_free(sig->r);
354
    BN_clear_free(sig->s);
355
356
    sig->r = r;
357
    sig->s = s;
358
359
    return 1;
360
#endif
361
0
}
Unexecuted instantiation: njs_crypto_module.c:njs_ecdsa_sig_set0
Unexecuted instantiation: njs_webcrypto_module.c:njs_ecdsa_sig_set0
362
363
364
#endif /* _NJS_EXTERNAL_OPENSSL_H_INCLUDED_ */