1 files changed, 67 insertions, 7 deletions

diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 42cf7ac37b..b2f31870b9 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -61,7 +61,6 @@
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
 
-
 /* Helper macro to construct a OPENSSL_VERSION_NUMBER.
  * See openssl/opensslv.h
  */
@@ -72,6 +71,46 @@
     PACKED_OPENSSL_VERSION(MAJ,MIN,FIX,('a'-1))
 
 
+/* LibreSSL was cloned from OpenSSL 1.0.1g and claims to be API and BPI compatible
+ * with 1.0.1.
+ *
+ * LibreSSL has the same names on include files and symbols as OpenSSL, but defines
+ * the OPENSSL_VERSION_NUMBER to be >= 2.0.0
+ *
+ * Therefor works tests like this as intendend:
+ *     OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,0,0)
+ * (The test is for example "2.4.2" >= "1.0.0" although the test 
+ *  with the cloned OpenSSL test would be "1.0.1" >= "1.0.0")
+ *     
+ * But tests like this gives wrong result:
+ *     OPENSSL_VERSION_NUMBER < PACKED_OPENSSL_VERSION_PLAIN(1,1,0)
+ * (The test is false since "2.4.2" < "1.1.0".  It should have been
+ *  true because the LibreSSL API version is "1.0.1")
+ *
+ */
+
+#ifdef LIBRESSL_VERSION_NUMBER
+/* A macro to test on in this file */
+#define HAS_LIBRESSL
+#endif
+
+#ifdef HAS_LIBRESSL
+/* LibreSSL dislikes FIPS */
+# ifdef FIPS_SUPPORT
+#  undef FIPS_SUPPORT
+# endif
+
+/* LibreSSL wants the 1.0.1 API */
+# define NEED_EVP_COMPATIBILITY_FUNCTIONS
+#endif
+
+
+#if OPENSSL_VERSION_NUMBER < PACKED_OPENSSL_VERSION_PLAIN(1,1,0)
+# define NEED_EVP_COMPATIBILITY_FUNCTIONS
+#endif
+
+
+
 #if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,0,0)
 #include <openssl/modes.h>
 #endif
@@ -121,7 +160,9 @@
 #endif
 
 #if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,1,0)
-# define HAVE_CHACHA20_POLY1305
+# ifndef HAS_LIBRESSL
+#  define HAVE_CHACHA20_POLY1305
+# endif
 #endif
 
 #if OPENSSL_VERSION_NUMBER <= PACKED_OPENSSL_VERSION(0,9,8,'l')
@@ -206,8 +247,8 @@ do {							\
     }                                                   \
  } while (0)
 
-#if OPENSSL_VERSION_NUMBER < PACKED_OPENSSL_VERSION_PLAIN(1,1,0)
 
+#ifdef NEED_EVP_COMPATIBILITY_FUNCTIONS
 /*
  * In OpenSSL 1.1.0, most structs are opaque. That means that
  * the structs cannot be allocated as automatic variables on the
@@ -315,6 +356,7 @@ static INLINE int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)
 
 static INLINE int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
 static INLINE int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+static INLINE int DH_set_length(DH *dh, long length);
 static INLINE void DH_get0_pqg(const DH *dh,
 			       const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
 static INLINE void DH_get0_key(const DH *dh,
@@ -335,6 +377,12 @@ static INLINE int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
     return 1;
 }
 
+static INLINE int DH_set_length(DH *dh, long length)
+{
+    dh->length = length;
+    return 1;
+}
+
 static INLINE void
 DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
 {
@@ -467,7 +515,7 @@ static ErlNifFunc nif_funcs[] = {
     {"rsa_generate_key_nif", 2, rsa_generate_key_nif},
     {"dh_generate_parameters_nif", 2, dh_generate_parameters_nif},
     {"dh_check", 1, dh_check},
-    {"dh_generate_key_nif", 3, dh_generate_key_nif},
+    {"dh_generate_key_nif", 4, dh_generate_key_nif},
     {"dh_compute_key_nif", 3, dh_compute_key_nif},
     {"srp_value_B_nif", 5, srp_value_B_nif},
     {"srp_user_secret_nif", 7, srp_user_secret_nif},
@@ -3032,7 +3080,7 @@ static ERL_NIF_TERM dh_check(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]
 }   
 
 static ERL_NIF_TERM dh_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (PrivKey, DHParams=[P,G], Mpint) */
+{/* (PrivKey|undefined, DHParams=[P,G], Mpint, Len|0) */
     DH* dh_params;
     int pub_len, prv_len;
     unsigned char *pub_ptr, *prv_ptr;
@@ -3040,6 +3088,7 @@ static ERL_NIF_TERM dh_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_
     int mpint; /* 0 or 4 */
     BIGNUM *priv_key = NULL;
     BIGNUM *dh_p = NULL, *dh_g = NULL;
+    unsigned long len = 0;
 
     if (!(get_bn_from_bin(env, argv[0], &priv_key)
 	  || argv[0] == atom_undefined)
@@ -3048,8 +3097,10 @@ static ERL_NIF_TERM dh_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_
 	|| !enif_get_list_cell(env, tail, &head, &tail)
 	|| !get_bn_from_bin(env, head, &dh_g)
 	|| !enif_is_empty_list(env, tail)
-	|| !enif_get_int(env, argv[2], &mpint) || (mpint & ~4)) {
-	if (priv_key) BN_free(priv_key);
+	|| !enif_get_int(env, argv[2], &mpint) || (mpint & ~4)
+	|| !enif_get_ulong(env, argv[3], &len)  ) {
+
+        if (priv_key) BN_free(priv_key);
 	if (dh_p) BN_free(dh_p);
 	if (dh_g) BN_free(dh_g);
 	return enif_make_badarg(env);
@@ -3059,6 +3110,15 @@ static ERL_NIF_TERM dh_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_
     DH_set0_key(dh_params, NULL, priv_key);
     DH_set0_pqg(dh_params, dh_p, NULL, dh_g);
 
+    if (len) {
+        if (len < BN_num_bits(dh_p))
+            DH_set_length(dh_params, len);
+        else {
+            DH_free(dh_params);
+            return enif_make_badarg(env);
+        }
+    }
+
     if (DH_generate_key(dh_params)) {
 	const BIGNUM *pub_key, *priv_key;
 	DH_get0_key(dh_params, &pub_key, &priv_key);