boringssl: deal with loss of EVP_PKEY_new_mac_key

Rewrite HMAC stuff to use HMAC_ apis instead of EVP

Bit trickly since modern OpenSSL has opaque HMAC_CTX and older
OpenSSL does not have any apis to allocate and free it.

Add another cmake check for the allocation api to decide
what to do.

CMakeLists.txt

@@ -1827,6 +1827,7 @@ CHECK_FUNCTION_EXISTS(SSL_set_info_callback LWS_HAVE_SSL_SET_INFO_CALLBACK)
 CHECK_FUNCTION_EXISTS(X509_VERIFY_PARAM_set1_host LWS_HAVE_X509_VERIFY_PARAM_set1_host)
 CHECK_FUNCTION_EXISTS(RSA_set0_key LWS_HAVE_RSA_SET0_KEY)
 CHECK_FUNCTION_EXISTS(X509_get_key_usage LWS_HAVE_X509_get_key_usage)
+CHECK_FUNCTION_EXISTS(EVP_PKEY_new_raw_private_key LWS_HAVE_SSL_CTX_EVP_PKEY_new_raw_private_key)
 CHECK_FUNCTION_EXISTS(SSL_CTX_get0_certificate LWS_HAVE_SSL_CTX_get0_certificate)
 CHECK_FUNCTION_EXISTS(SSL_get0_alpn_selected LWS_HAVE_SSL_get0_alpn_selected)
 CHECK_FUNCTION_EXISTS(SSL_set_alpn_protos LWS_HAVE_SSL_set_alpn_protos)
@@ -1837,6 +1838,8 @@ CHECK_FUNCTION_EXISTS(EVP_aes_192_cfb128 LWS_HAVE_EVP_aes_192_cfb128)
 CHECK_FUNCTION_EXISTS(EVP_aes_256_cfb8 LWS_HAVE_EVP_aes_256_cfb8)
 CHECK_FUNCTION_EXISTS(EVP_aes_256_cfb128 LWS_HAVE_EVP_aes_256_cfb128)
 CHECK_FUNCTION_EXISTS(EVP_aes_128_xts LWS_HAVE_EVP_aes_128_xts)
+CHECK_FUNCTION_EXISTS(RSA_verify_pss_mgf1 LWS_HAVE_RSA_verify_pss_mgf1)
+CHECK_FUNCTION_EXISTS(HMAC_CTX_new LWS_HAVE_HMAC_CTX_new)
 CHECK_FUNCTION_EXISTS(SSL_CTX_set_ciphersuites LWS_HAVE_SSL_CTX_set_ciphersuites)
 if (LWS_WITH_SSL AND NOT LWS_WITH_MBEDTLS)
  if (UNIX)

cmake/lws_config.h.in

@@ -37,6 +37,7 @@
 #cmakedefine LWS_HAVE_EVP_aes_256_cfb128
 #cmakedefine LWS_HAVE_EVP_aes_128_xts
 #cmakedefine LWS_HAVE_LIBCAP
+#cmakedefine LWS_HAVE_HMAC_CTX_new
 #cmakedefine LWS_HAVE_MALLOC_H
 #cmakedefine LWS_HAVE_MALLOC_TRIM
 #cmakedefine LWS_HAVE_MALLOC_USABLE_SIZE
@@ -52,11 +53,13 @@
 #cmakedefine LWS_HAVE_PIPE2
 #cmakedefine LWS_HAVE_PTHREAD_H
 #cmakedefine LWS_HAVE_RSA_SET0_KEY
+#cmakedefine LWS_HAVE_RSA_verify_pss_mgf1
 #cmakedefine LWS_HAVE_SSL_CTX_get0_certificate
 #cmakedefine LWS_HAVE_SSL_CTX_set1_param
 #cmakedefine LWS_HAVE_SSL_CTX_set_ciphersuites
 #cmakedefine LWS_HAVE_SSL_EXTRA_CHAIN_CERTS
 #cmakedefine LWS_HAVE_SSL_get0_alpn_selected
+#cmakedefine LWS_HAVE_SSL_CTX_EVP_PKEY_new_raw_private_key
 #cmakedefine LWS_HAVE_SSL_set_alpn_protos
 #cmakedefine LWS_HAVE_SSL_SET_INFO_CALLBACK
 #cmakedefine LWS_HAVE__STAT32I64

include/libwebsockets/lws-genhash.h

@@ -70,8 +70,12 @@ struct lws_genhmac_ctx {
 	const mbedtls_md_info_t *hmac;
 	mbedtls_md_context_t ctx;
 #else
-        const EVP_MD *evp_type;
-        EVP_MD_CTX *ctx;
+	const EVP_MD *evp_type;
+#if defined(LWS_HAVE_HMAC_CTX_new)
+        HMAC_CTX *ctx;
+#else
+        HMAC_CTX ctx;
+#endif
 #endif
 };
 

lib/tls/openssl/lws-genhash.c

@@ -87,13 +87,18 @@ lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result)
 	return ret;
 }
 
+
 int
 lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type,
 		 const uint8_t *key, size_t key_len)
 {
-	EVP_PKEY *pkey;
-
-	ctx->type = type;
+#if defined(LWS_HAVE_HMAC_CTX_new)
+	ctx->ctx = HMAC_CTX_new();
+	if (!ctx->ctx)
+		return -1;
+#else
+	HMAC_CTX_init(&ctx->ctx);
+#endif
 
 	switch (type) {
 	case LWS_GENHMAC_TYPE_SHA256:
@@ -107,30 +112,34 @@ lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type,
 		break;
 	default:
 		lwsl_err("%s: unknown HMAC type %d\n", __func__, type);
-		return -1;
+		goto bail;
 	}
 
-        ctx->ctx = EVP_MD_CTX_create();
-        if (!ctx->ctx)
-		return -1;
-
-        if (EVP_DigestInit_ex(ctx->ctx, ctx->evp_type, NULL) != 1)
-		return -1;
-
-        pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, key, (int)key_len);
-
-        if (EVP_DigestSignInit(ctx->ctx, NULL, ctx->evp_type, NULL, pkey) != 1)
-		return -1;
-
-        EVP_PKEY_free(pkey);
+#if defined(LWS_HAVE_HMAC_CTX_new)
+        if (HMAC_Init_ex(ctx->ctx, key, key_len, ctx->evp_type, NULL) != 1)
+#else
+        if (HMAC_Init_ex(&ctx->ctx, key, key_len, ctx->evp_type, NULL) != 1)
+#endif
+        	goto bail;
 
 	return 0;
+
+bail:
+#if defined(LWS_HAVE_HMAC_CTX_new)
+	HMAC_CTX_free(ctx->ctx);
+#endif
+
+	return -1;
 }
 
 int
 lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len)
 {
-	 if (EVP_DigestSignUpdate(ctx->ctx, in, len) != 1)
+#if defined(LWS_HAVE_HMAC_CTX_new)
+	if (HMAC_Update(ctx->ctx, in, len) != 1)
+#else
+	if (HMAC_Update(&ctx->ctx, in, len) != 1)
+#endif
 		return -1;
 
 	return 0;
@@ -139,12 +148,18 @@ lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len)
 int
 lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result)
 {
-	size_t size = lws_genhmac_size(ctx->type);
-	int n = EVP_DigestSignFinal(ctx->ctx, result, &size);
+	unsigned int size = lws_genhmac_size(ctx->type);
+#if defined(LWS_HAVE_HMAC_CTX_new)
+	int n = HMAC_Final(ctx->ctx, result, &size);
+
+	HMAC_CTX_free(ctx->ctx);
+#else
+	int n = HMAC_Final(&ctx->ctx, result, &size);
+#endif
 
-	EVP_MD_CTX_destroy(ctx->ctx);
 	if (n != 1)
 		return -1;
 
 	return 0;
 }
+

lib/tls/openssl/lws-genrsa.c

@@ -297,7 +297,12 @@ lws_genrsa_hash_sig_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in,
 		if (!md)
 			return -1;
 
+#if defined(LWS_HAVE_RSA_verify_pss_mgf1)
+		n = RSA_verify_pss_mgf1(ctx->rsa, in, h, md, NULL, -1,
+					(uint8_t *)sig,
+#else
 		n = RSA_verify_PKCS1_PSS(ctx->rsa, in, md, (uint8_t *)sig,
+#endif
 					 (int)sig_len);
 		break;
 	default: