#include <openssl/bn.h>
#include <openssl/opensslv.h>
#include <openssl/pem.h>
-#include <openssl/md5.h>
+#include <openssl/sha.h>
#include <openssl/x509v3.h>
#ifdef _WIN32
/* https://www.openssl.org/docs/faq.html
*
* Function : host_to_hash
*
- * Description : Creates MD5 hash from host name. Host name is loaded
- * from structure csp and saved again into it.
+ * Description : Creates a sha256 hash from host name. The host name
+ * is taken from the csp structure and stored into it.
*
* Parameters :
* 1 : csp = Current client state (buffers, headers, etc...)
*********************************************************************/
static int host_to_hash(struct client_state *csp)
{
- int ret = 0;
-
- memset(csp->http->hash_of_host, 0, sizeof(csp->http->hash_of_host));
- MD5((unsigned char *)csp->http->host, strlen(csp->http->host),
+ SHA256((unsigned char *)csp->http->host, strlen(csp->http->host),
csp->http->hash_of_host);
- /* Converting hash into string with hex */
- size_t i = 0;
- for (; i < 16; i++)
- {
- if ((ret = sprintf((char *)csp->http->hash_of_host_hex + 2 * i, "%02x",
- csp->http->hash_of_host[i])) < 0)
- {
- log_error(LOG_LEVEL_ERROR, "Sprintf return value: %d", ret);
- return -1;
- }
- }
+ return create_hexadecimal_hash_of_host(csp);
- return 0;
}
if (ret < 0)
{
log_error(LOG_LEVEL_ERROR,
- "generate_host_certificate failed: %d", ret);
+ "generate_host_certificate() failed: %d", ret);
ret = -1;
goto exit;
}
{
int ret = 0;
char* key_file_path;
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
BIGNUM *exp;
RSA *rsa;
+#endif
EVP_PKEY *key;
key_file_path = make_certs_path(csp->config->certificate_directory,
return 0;
}
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
exp = BN_new();
rsa = RSA_new();
key = EVP_PKEY_new();
ret = -1;
goto exit;
}
+#else
+ key = EVP_RSA_gen(RSA_KEYSIZE);
+ if (key == NULL)
+ {
+ log_error(LOG_LEVEL_ERROR, "EVP_RSA_gen() failed");
+ ret = -1;
+ goto exit;
+ }
+#endif
/*
* Exporting private key into file
/*
* Freeing used variables
*/
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L)
if (exp)
{
BN_free(exp);
{
RSA_free(rsa);
}
+#endif
if (key)
{
EVP_PKEY_free(key);