(openoffice) branch AOO42X updated: Use OpenSSL ciphers as opaque pointer types, created with EVP_CIPHER_CTX_new() and freed with EVP_CIPHER_CTX_free(), so we are compatible with both OpenSSL 1.0.x and 1.1.x.

Sun, 17 Mar 2024 15:50:27 -0700 

This is an automated email from the ASF dual-hosted git repository.

mseidel pushed a commit to branch AOO42X
in repository https://gitbox.apache.org/repos/asf/openoffice.git


The following commit(s) were added to refs/heads/AOO42X by this push:
     new fc265111d3 Use OpenSSL ciphers as opaque pointer types, created with 
EVP_CIPHER_CTX_new() and freed with EVP_CIPHER_CTX_free(), so we are compatible 
with both OpenSSL 1.0.x and 1.1.x.
fc265111d3 is described below

commit fc265111d3f3e917624d1eb127ac39e26585fb80
Author: Damjan Jovanovic <dam...@apache.org>
AuthorDate: Mon Aug 22 03:51:13 2022 +0200

    Use OpenSSL ciphers as opaque pointer types, created with 
EVP_CIPHER_CTX_new()
    and freed with EVP_CIPHER_CTX_free(), so we are compatible with both 
OpenSSL 1.0.x
    and 1.1.x.
    
    Patch by: me
    
    (cherry picked from commit f884850fece86ece56c7194bb1e746641f77c0a0)
---
 main/oox/source/core/filterdetect.cxx | 42 ++++++++++++++++++++---------------
 1 file changed, 24 insertions(+), 18 deletions(-)

diff --git a/main/oox/source/core/filterdetect.cxx 
b/main/oox/source/core/filterdetect.cxx
index e5b98281e9..f36aea307a 100644
--- a/main/oox/source/core/filterdetect.cxx
+++ b/main/oox/source/core/filterdetect.cxx
@@ -356,25 +356,29 @@ bool lclCheckEncryptionData( const sal_uInt8* pnKey, 
sal_uInt32 nKeySize, const
     if ( nKeySize == 16 && nVerifierSize == 16 && nVerifierHashSize == 32 )
     {
         // check password
-        EVP_CIPHER_CTX aes_ctx;
-        EVP_CIPHER_CTX_init( &aes_ctx );
-        EVP_DecryptInit_ex( &aes_ctx, EVP_aes_128_ecb(), 0, pnKey, 0 );
-        EVP_CIPHER_CTX_set_padding( &aes_ctx, 0 );
+        EVP_CIPHER_CTX *aes_ctx;
+        aes_ctx = EVP_CIPHER_CTX_new();
+        if ( aes_ctx == NULL )
+            return false;
+        EVP_DecryptInit_ex( aes_ctx, EVP_aes_128_ecb(), 0, pnKey, 0 );
+        EVP_CIPHER_CTX_set_padding( aes_ctx, 0 );
         int nOutLen = 0;
         sal_uInt8 pnTmpVerifier[ 16 ];
         (void) memset( pnTmpVerifier, 0, sizeof(pnTmpVerifier) );
 
-        /*int*/ EVP_DecryptUpdate( &aes_ctx, pnTmpVerifier, &nOutLen, 
pnVerifier, nVerifierSize );
-        EVP_CIPHER_CTX_cleanup( &aes_ctx );
+        /*int*/ EVP_DecryptUpdate( aes_ctx, pnTmpVerifier, &nOutLen, 
pnVerifier, nVerifierSize );
+        EVP_CIPHER_CTX_free( aes_ctx );
 
-        EVP_CIPHER_CTX_init( &aes_ctx );
-        EVP_DecryptInit_ex( &aes_ctx, EVP_aes_128_ecb(), 0, pnKey, 0 );
-        EVP_CIPHER_CTX_set_padding( &aes_ctx, 0 );
+        aes_ctx = EVP_CIPHER_CTX_new();
+        if ( aes_ctx == NULL )
+            return false;
+        EVP_DecryptInit_ex( aes_ctx, EVP_aes_128_ecb(), 0, pnKey, 0 );
+        EVP_CIPHER_CTX_set_padding( aes_ctx, 0 );
         sal_uInt8 pnTmpVerifierHash[ 32 ];
         (void) memset( pnTmpVerifierHash, 0, sizeof(pnTmpVerifierHash) );
 
-        /*int*/ EVP_DecryptUpdate( &aes_ctx, pnTmpVerifierHash, &nOutLen, 
pnVerifierHash, nVerifierHashSize );
-        EVP_CIPHER_CTX_cleanup( &aes_ctx );
+        /*int*/ EVP_DecryptUpdate( aes_ctx, pnTmpVerifierHash, &nOutLen, 
pnVerifierHash, nVerifierHashSize );
+        EVP_CIPHER_CTX_free( aes_ctx );
 
         rtlDigest aDigest = rtl_digest_create( rtl_Digest_AlgorithmSHA1 );
         rtlDigestError aError = rtl_digest_update( aDigest, pnTmpVerifier, 
sizeof( pnTmpVerifier ) );
@@ -563,10 +567,12 @@ Reference< XInputStream > 
FilterDetect::extractUnencryptedPackage( MediaDescript
                 BinaryXOutputStream aDecryptedPackage( xDecryptedPackage, true 
);
                 BinaryXInputStream aEncryptedPackage( xEncryptedPackage, true 
);
 
-                EVP_CIPHER_CTX aes_ctx;
-                EVP_CIPHER_CTX_init( &aes_ctx );
-                EVP_DecryptInit_ex( &aes_ctx, EVP_aes_128_ecb(), 0, 
aVerifier.getKey(), 0 );
-                EVP_CIPHER_CTX_set_padding( &aes_ctx, 0 );
+                EVP_CIPHER_CTX *aes_ctx;
+                aes_ctx = EVP_CIPHER_CTX_new();
+                if ( aes_ctx == NULL )
+                    throw Exception();
+                EVP_DecryptInit_ex( aes_ctx, EVP_aes_128_ecb(), 0, 
aVerifier.getKey(), 0 );
+                EVP_CIPHER_CTX_set_padding( aes_ctx, 0 );
 
                 sal_uInt8 pnInBuffer[ 1024 ];
                 sal_uInt8 pnOutBuffer[ 1024 ];
@@ -575,13 +581,13 @@ Reference< XInputStream > 
FilterDetect::extractUnencryptedPackage( MediaDescript
                 aEncryptedPackage.skip( 8 ); // decrypted size
                 while( (nInLen = aEncryptedPackage.readMemory( pnInBuffer, 
sizeof( pnInBuffer ) )) > 0 )
                 {
-                    EVP_DecryptUpdate( &aes_ctx, pnOutBuffer, &nOutLen, 
pnInBuffer, nInLen );
+                    EVP_DecryptUpdate( aes_ctx, pnOutBuffer, &nOutLen, 
pnInBuffer, nInLen );
                     aDecryptedPackage.writeMemory( pnOutBuffer, nOutLen );
                 }
-                EVP_DecryptFinal_ex( &aes_ctx, pnOutBuffer, &nOutLen );
+                EVP_DecryptFinal_ex( aes_ctx, pnOutBuffer, &nOutLen );
                 aDecryptedPackage.writeMemory( pnOutBuffer, nOutLen );
 
-                EVP_CIPHER_CTX_cleanup( &aes_ctx );
+                EVP_CIPHER_CTX_free( aes_ctx );
                 xDecryptedPackage->flush();
                 aDecryptedPackage.seekToStart();

Reply via email to