[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r257416402
##
File path:
src/main/native/org/apache/commons/crypto/org_apache_commons_crypto.h
##
@@ -94,11 +94,30 @@ void *do_dlsym(JNIEnv *env, void *handle, const char
*symbol) {
return func_ptr;
}
+static __attribute__ ((unused))
+void *do_version_dlsym(JNIEnv *env, void *handle) {
+ if (!env || !handle) {
+ THROW(env, "java/lang/InternalError", NULL);
+ return NULL;
+ }
+ void *func_ptr = dlsym(handle, "OpenSSL_version_num");
+ if (func_ptr == NULL) {
+ func_ptr = dlsym(handle, "SSLeay");
+ }
+ return func_ptr;
+}
+
/* A helper macro to dlsym the requisite dynamic symbol and bail-out on error.
*/
#define LOAD_DYNAMIC_SYMBOL(func_ptr, env, handle, symbol) \
if ((func_ptr = do_dlsym(env, handle, symbol)) == NULL) { \
return; \
}
+
+/* A macro to dlsym the appropriate OpenSSL version number function. */
+#define LOAD_OPENSSL_VERSION_FUNCTION(func_ptr, env, handle) \
+if ((func_ptr = do_version_dlsym(env, handle)) == NULL) { \
+ THROW(env, "java/lang/Error", NULL); \
Review comment:
and here; also the body of the macro should be indented a bit (see macro
above)
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r257416308
##
File path:
src/main/native/org/apache/commons/crypto/org_apache_commons_crypto.h
##
@@ -94,11 +94,30 @@ void *do_dlsym(JNIEnv *env, void *handle, const char
*symbol) {
return func_ptr;
}
+static __attribute__ ((unused))
+void *do_version_dlsym(JNIEnv *env, void *handle) {
+ if (!env || !handle) {
+ THROW(env, "java/lang/InternalError", NULL);
+ return NULL;
+ }
+ void *func_ptr = dlsym(handle, "OpenSSL_version_num");
+ if (func_ptr == NULL) {
+ func_ptr = dlsym(handle, "SSLeay");
Review comment:
and here
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r257416282
##
File path:
src/main/native/org/apache/commons/crypto/org_apache_commons_crypto.h
##
@@ -94,11 +94,30 @@ void *do_dlsym(JNIEnv *env, void *handle, const char
*symbol) {
return func_ptr;
}
+static __attribute__ ((unused))
+void *do_version_dlsym(JNIEnv *env, void *handle) {
+ if (!env || !handle) {
+ THROW(env, "java/lang/InternalError", NULL);
Review comment:
indentation again
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r257416454
##
File path:
src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
##
@@ -294,49 +280,57 @@ static unsigned long pthreads_thread_id(void)
* If using an Intel chipset with RDRAND, the high-performance hardware
* random number generator will be used.
*/
-static ENGINE * openssl_rand_init(void)
+static ENGINE * openssl_rand_init(JNIEnv *env)
{
- locks_setup();
+ if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
+locks_setup(env);
+ static void (*dlsym_ENGINE_load_rdrand) (void);
Review comment:
again
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r257416150
##
File path: src/main/native/org/apache/commons/crypto/cipher/OpenSslNative.c
##
@@ -716,3 +676,50 @@ JNIEXPORT void JNICALL
Java_org_apache_commons_crypto_cipher_OpenSslNative_clean
EVP_CTX_Wrapper *wrapper = CTX_WRAPPER(ctx);
free_context_wrapper(wrapper);
}
+
+static int check_update_max_output_len(EVP_CTX_Wrapper *wrapper, int
input_len, int max_output_len)
+{
+ if (dlsym_EVP_CIPHER_CTX_test_flags(wrapper->ctx, EVP_CIPH_NO_PADDING) ==
EVP_CIPH_NO_PADDING) {
+ if (max_output_len >= input_len) {
Review comment:
Indentation should be 2 spaces, for consistency.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r257356945
##
File path:
src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
##
@@ -294,49 +280,57 @@ static unsigned long pthreads_thread_id(void)
* If using an Intel chipset with RDRAND, the high-performance hardware
* random number generator will be used.
*/
-static ENGINE * openssl_rand_init(void)
+static ENGINE * openssl_rand_init(JNIEnv *env)
{
- locks_setup();
+ if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
+locks_setup(env);
+ static void (*dlsym_ENGINE_load_rdrand) (void);
+ dlsym_ENGINE_load_rdrand = do_dlsym(env, openssl, "ENGINE_load_rdrand");
+ dlsym_ENGINE_load_rdrand();
+ }
- dlsym_ENGINE_load_rdrand();
ENGINE *eng = dlsym_ENGINE_by_id("rdrand");
- int ret = -1;
- do {
-if (NULL == eng) {
- break;
-}
+int ret = -1;
Review comment:
nit: mind undoing these changes? Previous indentation was correct.
(Then we can see what's actually changing.)
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r257357843
##
File path:
src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
##
@@ -294,49 +280,57 @@ static unsigned long pthreads_thread_id(void)
* If using an Intel chipset with RDRAND, the high-performance hardware
* random number generator will be used.
*/
-static ENGINE * openssl_rand_init(void)
+static ENGINE * openssl_rand_init(JNIEnv *env)
{
- locks_setup();
+ if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
+locks_setup(env);
+ static void (*dlsym_ENGINE_load_rdrand) (void);
+ dlsym_ENGINE_load_rdrand = do_dlsym(env, openssl, "ENGINE_load_rdrand");
+ dlsym_ENGINE_load_rdrand();
+ }
- dlsym_ENGINE_load_rdrand();
ENGINE *eng = dlsym_ENGINE_by_id("rdrand");
- int ret = -1;
- do {
-if (NULL == eng) {
- break;
-}
+int ret = -1;
+do {
+ if (NULL == eng) {
+break;
+ }
-int rc = dlsym_ENGINE_init(eng);
-if (0 == rc) {
- break;
-}
+ int rc = dlsym_ENGINE_init(eng);
+ if (0 == rc) {
+break;
+ }
-rc = dlsym_ENGINE_set_default(eng, ENGINE_METHOD_RAND);
-if (0 == rc) {
- break;
-}
+ rc = dlsym_ENGINE_set_default(eng, ENGINE_METHOD_RAND);
+ if (0 == rc) {
+break;
+ }
-ret = 0;
- } while(0);
+ ret = 0;
+} while(0);
- if (ret == -1) {
-openssl_rand_clean(eng, 0);
- }
+if (ret == -1) {
+ openssl_rand_clean(env, eng, 0);
+}
- return eng;
+return eng;
}
-static void openssl_rand_clean(ENGINE *eng, int clean_locks)
+static void openssl_rand_clean(JNIEnv *env, ENGINE *eng, int clean_locks)
{
if (NULL != eng) {
-dlsym_ENGINE_finish(eng);
-dlsym_ENGINE_free(eng);
+ dlsym_ENGINE_finish(eng);
+ dlsym_ENGINE_free(eng);
}
- dlsym_ENGINE_cleanup();
- if (clean_locks) {
-locks_cleanup();
+ if(dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
+ static void (*dlsym_ENGINE_cleanup) (void);
+ dlsym_ENGINE_cleanup = do_dlsym(env, openssl, "ENGINE_cleanup");
Review comment:
I know this probably will never fail, yet it would be nice to have a null
check here.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r257355590 ## File path: src/main/native/org/apache/commons/crypto/OpenSslInfoNative.c ## @@ -94,30 +76,12 @@ static int load_library(JNIEnv *env) THROW(env, "java/lang/UnsatisfiedLinkError", msg); return 0; } - get_methods(env, openssl); +#ifdef UNIX Review comment: I'm sure we'll want this on Windows too at some point, but right now we need to figure out the Windows build in the first place, so this is ok. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r257357402
##
File path:
src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
##
@@ -294,49 +280,57 @@ static unsigned long pthreads_thread_id(void)
* If using an Intel chipset with RDRAND, the high-performance hardware
* random number generator will be used.
*/
-static ENGINE * openssl_rand_init(void)
+static ENGINE * openssl_rand_init(JNIEnv *env)
{
- locks_setup();
+ if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
+locks_setup(env);
+ static void (*dlsym_ENGINE_load_rdrand) (void);
+ dlsym_ENGINE_load_rdrand = do_dlsym(env, openssl, "ENGINE_load_rdrand");
+ dlsym_ENGINE_load_rdrand();
+ }
- dlsym_ENGINE_load_rdrand();
ENGINE *eng = dlsym_ENGINE_by_id("rdrand");
- int ret = -1;
- do {
-if (NULL == eng) {
- break;
-}
+int ret = -1;
+do {
+ if (NULL == eng) {
+break;
+ }
-int rc = dlsym_ENGINE_init(eng);
-if (0 == rc) {
- break;
-}
+ int rc = dlsym_ENGINE_init(eng);
+ if (0 == rc) {
+break;
+ }
-rc = dlsym_ENGINE_set_default(eng, ENGINE_METHOD_RAND);
-if (0 == rc) {
- break;
-}
+ rc = dlsym_ENGINE_set_default(eng, ENGINE_METHOD_RAND);
+ if (0 == rc) {
+break;
+ }
-ret = 0;
- } while(0);
+ ret = 0;
+} while(0);
- if (ret == -1) {
-openssl_rand_clean(eng, 0);
- }
+if (ret == -1) {
+ openssl_rand_clean(env, eng, 0);
+}
- return eng;
+return eng;
}
-static void openssl_rand_clean(ENGINE *eng, int clean_locks)
+static void openssl_rand_clean(JNIEnv *env, ENGINE *eng, int clean_locks)
{
if (NULL != eng) {
-dlsym_ENGINE_finish(eng);
-dlsym_ENGINE_free(eng);
+ dlsym_ENGINE_finish(eng);
Review comment:
nit: indentation
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r257357499
##
File path:
src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
##
@@ -294,49 +280,57 @@ static unsigned long pthreads_thread_id(void)
* If using an Intel chipset with RDRAND, the high-performance hardware
* random number generator will be used.
*/
-static ENGINE * openssl_rand_init(void)
+static ENGINE * openssl_rand_init(JNIEnv *env)
{
- locks_setup();
+ if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
+locks_setup(env);
+ static void (*dlsym_ENGINE_load_rdrand) (void);
+ dlsym_ENGINE_load_rdrand = do_dlsym(env, openssl, "ENGINE_load_rdrand");
+ dlsym_ENGINE_load_rdrand();
+ }
- dlsym_ENGINE_load_rdrand();
ENGINE *eng = dlsym_ENGINE_by_id("rdrand");
- int ret = -1;
- do {
-if (NULL == eng) {
- break;
-}
+int ret = -1;
+do {
+ if (NULL == eng) {
+break;
+ }
-int rc = dlsym_ENGINE_init(eng);
-if (0 == rc) {
- break;
-}
+ int rc = dlsym_ENGINE_init(eng);
+ if (0 == rc) {
+break;
+ }
-rc = dlsym_ENGINE_set_default(eng, ENGINE_METHOD_RAND);
-if (0 == rc) {
- break;
-}
+ rc = dlsym_ENGINE_set_default(eng, ENGINE_METHOD_RAND);
+ if (0 == rc) {
+break;
+ }
-ret = 0;
- } while(0);
+ ret = 0;
+} while(0);
- if (ret == -1) {
-openssl_rand_clean(eng, 0);
- }
+if (ret == -1) {
+ openssl_rand_clean(env, eng, 0);
+}
- return eng;
+return eng;
}
-static void openssl_rand_clean(ENGINE *eng, int clean_locks)
+static void openssl_rand_clean(JNIEnv *env, ENGINE *eng, int clean_locks)
{
if (NULL != eng) {
-dlsym_ENGINE_finish(eng);
-dlsym_ENGINE_free(eng);
+ dlsym_ENGINE_finish(eng);
+ dlsym_ENGINE_free(eng);
}
- dlsym_ENGINE_cleanup();
- if (clean_locks) {
-locks_cleanup();
+ if(dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
Review comment:
nit: space after `if`
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r257357531
##
File path:
src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
##
@@ -294,49 +280,57 @@ static unsigned long pthreads_thread_id(void)
* If using an Intel chipset with RDRAND, the high-performance hardware
* random number generator will be used.
*/
-static ENGINE * openssl_rand_init(void)
+static ENGINE * openssl_rand_init(JNIEnv *env)
{
- locks_setup();
+ if (dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
+locks_setup(env);
+ static void (*dlsym_ENGINE_load_rdrand) (void);
+ dlsym_ENGINE_load_rdrand = do_dlsym(env, openssl, "ENGINE_load_rdrand");
+ dlsym_ENGINE_load_rdrand();
+ }
- dlsym_ENGINE_load_rdrand();
ENGINE *eng = dlsym_ENGINE_by_id("rdrand");
- int ret = -1;
- do {
-if (NULL == eng) {
- break;
-}
+int ret = -1;
+do {
+ if (NULL == eng) {
+break;
+ }
-int rc = dlsym_ENGINE_init(eng);
-if (0 == rc) {
- break;
-}
+ int rc = dlsym_ENGINE_init(eng);
+ if (0 == rc) {
+break;
+ }
-rc = dlsym_ENGINE_set_default(eng, ENGINE_METHOD_RAND);
-if (0 == rc) {
- break;
-}
+ rc = dlsym_ENGINE_set_default(eng, ENGINE_METHOD_RAND);
+ if (0 == rc) {
+break;
+ }
-ret = 0;
- } while(0);
+ ret = 0;
+} while(0);
- if (ret == -1) {
-openssl_rand_clean(eng, 0);
- }
+if (ret == -1) {
+ openssl_rand_clean(env, eng, 0);
+}
- return eng;
+return eng;
}
-static void openssl_rand_clean(ENGINE *eng, int clean_locks)
+static void openssl_rand_clean(JNIEnv *env, ENGINE *eng, int clean_locks)
{
if (NULL != eng) {
-dlsym_ENGINE_finish(eng);
-dlsym_ENGINE_free(eng);
+ dlsym_ENGINE_finish(eng);
+ dlsym_ENGINE_free(eng);
}
- dlsym_ENGINE_cleanup();
- if (clean_locks) {
-locks_cleanup();
+ if(dlsym_OpenSSL_version_num() < VERSION_1_1_X) {
+ static void (*dlsym_ENGINE_cleanup) (void);
Review comment:
nit: indentation in this whole block is wonky
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r255644566
##
File path: src/main/native/org/apache/commons/crypto/OpenSslInfoNative.c
##
@@ -135,3 +96,35 @@ JNIEXPORT jstring JNICALL
Java_org_apache_commons_crypto_OpenSslInfoNative_Nativ
{
return (*env)->NewStringUTF(env, PROJECT_NAME);
}
+
+JNIEXPORT jlong JNICALL
Java_org_apache_commons_crypto_OpenSslInfoNative_OpenSSL
+ (JNIEnv *env, jclass clazz)
+{
+if (!load_library(env)) {
+return 0;
+}
+if(OPENSSL_VERSION_NUMBER > VERSION_1_1_X){
Review comment:
nit: space after `if` (also in some other places)
Where does `OPENSSL_VERSION_NUMBER` come from? A quick google search seems
to indicate it's a macro in an OpenSSL header. Which makes this a compile time
check, basically.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r255640785 ## File path: Makefile ## @@ -18,7 +18,7 @@ include Makefile.common COMMONS_CRYPTO_OUT:=$(TARGET)/$(commons-crypto)-$(os_arch) -COMMONS_CRYPTO_OBJ:=$(addprefix $(COMMONS_CRYPTO_OUT)/,OpenSslCryptoRandomNative.o OpenSslNative.o OpenSslInfoNative.o) +COMMONS_CRYPTO_OBJ:=$(addprefix $(COMMONS_CRYPTO_OUT)/,OpenSslInfoNative.o OpenSslCryptoRandomNative.o OpenSslNative.o) Review comment: Nothing is changing here, right? If not, undo. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r255646682 ## File path: src/main/native/org/apache/commons/crypto/cipher/OpenSslNative.c ## @@ -716,3 +677,52 @@ JNIEXPORT void JNICALL Java_org_apache_commons_crypto_cipher_OpenSslNative_clean EVP_CTX_Wrapper *wrapper = CTX_WRAPPER(ctx); free_context_wrapper(wrapper); } + +static int check_update_max_output_len(JNIEnv *env, EVP_CIPHER_CTX *context, jlong ctx, int input_len, int max_output_len) Review comment: All these arguments feel a little redundant. e.g. you don't need `context` since you can just use `wrapper->context`. With some small changes you could also just pass the wrapper directly from the callers, instead of passing the jni env + the pointer address. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r255646781
##
File path: src/main/native/org/apache/commons/crypto/cipher/OpenSslNative.c
##
@@ -716,3 +677,52 @@ JNIEXPORT void JNICALL
Java_org_apache_commons_crypto_cipher_OpenSslNative_clean
EVP_CTX_Wrapper *wrapper = CTX_WRAPPER(ctx);
free_context_wrapper(wrapper);
}
+
+static int check_update_max_output_len(JNIEnv *env, EVP_CIPHER_CTX *context,
jlong ctx, int input_len, int max_output_len)
+{
+ EVP_CTX_Wrapper *wrapper = CTX_WRAPPER(ctx);
+ if (dlsym_EVP_CIPHER_CTX_test_flags(context, EVP_CIPH_NO_PADDING) ==
EVP_CIPH_NO_PADDING) {
+ if (max_output_len >= input_len) {
+ return 1;
+ }
+ return 0;
+ } else {
+ int b = dlsym_EVP_CIPHER_CTX_block_size(context);
+ if (wrapper->encrypt) {
+ if (max_output_len >= input_len + b - 1) {
+ return 1;
+ }
+ } else {
+ if (max_output_len >= input_len + b) {
+ return 1;
+ }
+ }
+ return 0;
+ }
+}
+
+static int check_doFinal_max_output_len(JNIEnv *env, EVP_CIPHER_CTX *context,
int max_output_len)
+{
+ if (dlsym_EVP_CIPHER_CTX_test_flags(context, EVP_CIPH_NO_PADDING) ==
EVP_CIPH_NO_PADDING) {
+return 1;
+ } else {
+int b = dlsym_EVP_CIPHER_CTX_block_size(context);
+if (max_output_len >= b) {
+ return 1;
+}
+ return 0;
Review comment:
indentation
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r255647218
##
File path:
src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
##
@@ -294,49 +278,57 @@ static unsigned long pthreads_thread_id(void)
* If using an Intel chipset with RDRAND, the high-performance hardware
* random number generator will be used.
*/
-static ENGINE * openssl_rand_init(void)
+static ENGINE * openssl_rand_init(JNIEnv *env)
{
- locks_setup();
+ if (OPENSSL_VERSION_NUMBER < VERSION_1_1_X) {
Review comment:
Looks like another compile-time check, if `OPENSSL_VERSION_NUMBER` really
comes from the openssl headers.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r255642430
##
File path:
src/main/java/org/apache/commons/crypto/jna/OpenSslJnaCryptoRandom.java
##
@@ -103,10 +103,9 @@ public void nextBytes(byte[] bytes) {
//to support multithreading
https://wiki.openssl.org/index.php/Manual:Threads(3) needs to be done
if(rdrandEnabled &&
OpenSslNativeJna.RAND_get_rand_method().equals(OpenSslNativeJna.RAND_SSLeay()))
{
-close();
Review comment:
Why do you need to remove this?
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r255640544 ## File path: .gitignore ## @@ -1,37 +0,0 @@ -*~ Review comment: Don't delete this file. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r255640619 ## File path: .travis.yml ## @@ -24,7 +24,6 @@ matrix: - "curl -L --cookie 'oraclelicense=accept-securebackup-cookie;' http://download.oracle.com/otn-pub/java/jce/8/jce_policy-8.zip -o /tmp/policy.zip && sudo unzip -j -o /tmp/policy.zip *.jar -d `jdk_switcher home oraclejdk8`/jre/lib/security && rm /tmp/policy.zip" after_success: - mvn clean test jacoco:report coveralls:report - Review comment: Undo. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244820498 ## File path: src/main/native/org/apache/commons/crypto/cipher/OpenSslNative.c ## @@ -716,3 +692,104 @@ JNIEXPORT void JNICALL Java_org_apache_commons_crypto_cipher_OpenSslNative_clean EVP_CTX_Wrapper *wrapper = CTX_WRAPPER(ctx); free_context_wrapper(wrapper); } + +#if OPENSSL_VERSION_NUMBER > VERSION_1_1_x Review comment: Again. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244817336
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSslJna.java
##
@@ -53,4 +53,14 @@ public static Throwable initialisationError() {
return OpenSslNativeJna.INIT_ERROR;
}
+/**
+ * Retrieves version/build information about OpenSSL library.
+ *
+ * @param type type can be OPENSSL_VERSION, OPENSSL_CFLAGS,
OPENSSL_BUILT_ON...
+ * @return A pointer to a constant string describing the version of the
+ * OpenSSL library or giving information about the library build.
+ */
+public static String OpenSSLVersion(int type) {
Review comment:
I'd rather not expose more public methods unless there's a real need for
them.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244812584
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSsl102NativeJna.java
##
@@ -0,0 +1,264 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.crypto.jna;
+
+import java.nio.ByteBuffer;
+
+import com.sun.jna.Native;
+import com.sun.jna.NativeLong;
+import com.sun.jna.ptr.PointerByReference;
+
+/**
+ * @author alex
+ *
+ */
+public class OpenSsl102NativeJna {
+
+static final boolean INIT_OK;
+
+static final Throwable INIT_ERROR;
+
+static {
+boolean ok = false;
+Throwable thrown = null;
+try {
+Native.register("crypto");
+ok = true;
+} catch (Exception e) {
+thrown = e;
+} catch (UnsatisfiedLinkError e) {
+thrown = e;
+} finally {
+INIT_OK = ok;
+INIT_ERROR = thrown;
+}
+}
+
+/**
+ * @return OPENSSL_VERSION_NUMBER which is a numeric release version
+ * * identifier
+ */
+public static native NativeLong SSLeay();
+
+/**
+ * Retrieves version/build information about OpenSSL library.
+ *
+ * @param type type can be SSLEAY_VERSION, SSLEAY_CFLAGS,
SSLEAY_BUILT_ON...
+ * @return A pointer to a constant string describing the version of the
+ * OpenSSL library or giving information about the library build.
+ */
+public static native String SSLeay_version(int type);
+
+/**
+ * Registers the error strings for all libcrypto functions.
+ */
+public static native void ERR_load_crypto_strings();
+
+/**
+ * @return the earliest error code from the thread's error queue without
+ * modifying it.
+ */
+public static native NativeLong ERR_peek_error();
+
+
Review comment:
nit: too many blank lines
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244819457
##
File path: src/main/native/org/apache/commons/crypto/OpenSslInfoNative.c
##
@@ -98,24 +84,26 @@ static int load_library(JNIEnv *env)
return 1;
}
-JNIEXPORT jstring JNICALL
Java_org_apache_commons_crypto_OpenSslInfoNative_SSLeayVersion
-(JNIEnv *env, jclass clazz, jint type)
+#ifdef UNIX
+static void get_methods(JNIEnv *env, void *openssl)
+#endif
+#ifdef WINDOWS
+static void get_methods(JNIEnv *env, HMODULE openssl)
+#endif
{
-if (!load_library(env)) {
-return NULL;
-}
-
-jstring answer = (*env)->NewStringUTF(env,dlsym_SSLeay_version(type));
-return answer;
-}
+#ifdef UNIX
+ dlerror(); // Clear any existing error
+#if OPENSSL_VERSION_NUMBER > VERSION_1_1_x
Review comment:
This prevents the JNI library from working against different versions of
OpenSSL right? This should be a runtime check, not a compile-time check.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244817987
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSslNativeJna.java
##
@@ -20,271 +20,319 @@
import java.nio.ByteBuffer;
-import com.sun.jna.Native;
+import com.sun.jna.Function;
+import com.sun.jna.NativeLibrary;
import com.sun.jna.NativeLong;
import com.sun.jna.ptr.PointerByReference;
class OpenSslNativeJna {
-static final int OPENSSL_INIT_ENGINE_RDRAND = 0x0200;
-
-static final int OOSL_JNA_ENCRYPT_MODE = 1;
-static final int OOSL_JNA_DECRYPT_MODE = 0;
-
-static final boolean INIT_OK;
-
-static final Throwable INIT_ERROR;
-
-static {
-boolean ok = false;
-Throwable thrown = null;
-try {
-Native.register("crypto");
-ERR_load_crypto_strings();
-ok = true;
-} catch (Exception e) {
-thrown = e;
-} catch (UnsatisfiedLinkError e) {
-thrown = e;
-} finally {
-INIT_OK = ok;
-INIT_ERROR = thrown;
-}
+ static final int OPENSSL_INIT_ENGINE_RDRAND = 0x0200;
Review comment:
You're re-indenting this whole file. Please don't do that, both to follow
the existing style, and to make it easy to see what's changing.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244812522
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSsl102NativeJna.java
##
@@ -0,0 +1,264 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.crypto.jna;
+
+import java.nio.ByteBuffer;
+
+import com.sun.jna.Native;
+import com.sun.jna.NativeLong;
+import com.sun.jna.ptr.PointerByReference;
+
+/**
+ * @author alex
+ *
+ */
+public class OpenSsl102NativeJna {
+
+static final boolean INIT_OK;
+
+static final Throwable INIT_ERROR;
+
+static {
+boolean ok = false;
+Throwable thrown = null;
+try {
+Native.register("crypto");
+ok = true;
+} catch (Exception e) {
+thrown = e;
+} catch (UnsatisfiedLinkError e) {
+thrown = e;
+} finally {
+INIT_OK = ok;
+INIT_ERROR = thrown;
+}
+}
+
+/**
+ * @return OPENSSL_VERSION_NUMBER which is a numeric release version
+ * * identifier
Review comment:
extra `*`
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244816990
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSsl110NativeJna.java
##
@@ -0,0 +1,226 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.crypto.jna;
+
+import java.nio.ByteBuffer;
+
+import com.sun.jna.Native;
+import com.sun.jna.NativeLong;
+import com.sun.jna.ptr.PointerByReference;
+
+public class OpenSsl110NativeJna {
+
+static final int OPENSSL_INIT_ENGINE_RDRAND = 0x0200;
Review comment:
Not used.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244817494
##
File path:
src/main/java/org/apache/commons/crypto/jna/OpenSslJnaCryptoRandom.java
##
@@ -100,14 +100,14 @@ public void nextBytes(byte[] bytes) {
synchronized (OpenSslJnaCryptoRandom.class) {
//this method is synchronized for now
-//to support multithreading
https://wiki.openssl.org/index.php/Manual:Threads(3) needs to be done
+//to support multithreading
https://wiki.openssl.org/index.php/Manual:Threads(3) needs to be done
Review comment:
Undo.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244817423
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSslJnaCipher.java
##
@@ -317,7 +317,7 @@ private void throwOnError(int retVal) {
String errdesc = OpenSslNativeJna.ERR_error_string(err, null);
if (context != null) {
-OpenSslNativeJna.EVP_CIPHER_CTX_cleanup(context);
+ OpenSslNativeJna.EVP_CIPHER_CTX_cleanup(context);
Review comment:
Undo.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244820275 ## File path: src/main/native/org/apache/commons/crypto/cipher/OpenSslNative.c ## @@ -30,9 +31,20 @@ #include "OpenSslNative.h" #ifdef UNIX +#if OPENSSL_VERSION_NUMBER > VERSION_1_1_x Review comment: Same thing about runtime vs. compile-time checks. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244817779
##
File path:
src/main/java/org/apache/commons/crypto/jna/OpenSslJnaCryptoRandom.java
##
@@ -100,14 +100,14 @@ public void nextBytes(byte[] bytes) {
synchronized (OpenSslJnaCryptoRandom.class) {
//this method is synchronized for now
-//to support multithreading
https://wiki.openssl.org/index.php/Manual:Threads(3) needs to be done
+//to support multithreading
https://wiki.openssl.org/index.php/Manual:Threads(3) needs to be done
if(rdrandEnabled &&
OpenSslNativeJna.RAND_get_rand_method().equals(OpenSslNativeJna.RAND_SSLeay()))
{
-close();
+//close();
throw new RuntimeException("rdrand should be used but default
is detected");
}
-
-ByteBuffer buf = ByteBuffer.allocateDirect(bytes.length);
+
+ByteBuffer buf = ByteBuffer.allocateDirect(bytes.length);
Review comment:
Undo.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244818064
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSslNativeJna.java
##
@@ -20,271 +20,319 @@
import java.nio.ByteBuffer;
-import com.sun.jna.Native;
+import com.sun.jna.Function;
+import com.sun.jna.NativeLibrary;
import com.sun.jna.NativeLong;
import com.sun.jna.ptr.PointerByReference;
class OpenSslNativeJna {
-static final int OPENSSL_INIT_ENGINE_RDRAND = 0x0200;
-
-static final int OOSL_JNA_ENCRYPT_MODE = 1;
-static final int OOSL_JNA_DECRYPT_MODE = 0;
-
-static final boolean INIT_OK;
-
-static final Throwable INIT_ERROR;
-
-static {
-boolean ok = false;
-Throwable thrown = null;
-try {
-Native.register("crypto");
-ERR_load_crypto_strings();
-ok = true;
-} catch (Exception e) {
-thrown = e;
-} catch (UnsatisfiedLinkError e) {
-thrown = e;
-} finally {
-INIT_OK = ok;
-INIT_ERROR = thrown;
-}
+ static final int OPENSSL_INIT_ENGINE_RDRAND = 0x0200;
+
+ static final int OOSL_JNA_ENCRYPT_MODE = 1;
+ static final int OOSL_JNA_DECRYPT_MODE = 0;
+
+ static final boolean INIT_OK;
+
+ static final Throwable INIT_ERROR;
+
+ public static final long VERSION;
+ public static final long VERSION_1_0_X = 0x1000;
+ public static final long VERSION_1_1_X = 0x1010;
+
+ static {
+NativeLibrary crypto = NativeLibrary.getInstance("crypto");
+Function version = null;
+try {
+ version = crypto.getFunction("SSLeay");
+ } catch (UnsatisfiedLinkError e) {
Review comment:
Indentation is off from here on.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244812371
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSsl102NativeJna.java
##
@@ -0,0 +1,264 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.crypto.jna;
+
+import java.nio.ByteBuffer;
+
+import com.sun.jna.Native;
+import com.sun.jna.NativeLong;
+import com.sun.jna.ptr.PointerByReference;
+
+/**
+ * @author alex
+ *
+ */
+public class OpenSsl102NativeJna {
Review comment:
This class (and the 1.1 version) shouldn't be public.
There also seems to be a lot of duplication between these classes. My gut
tells me there should be an abstract base class with the common stuff and small
specializations for each version. But this should be fine for now since it's
not that much code anyway, and to be fair I'm not familiar with JNA and whether
that would be ok.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244818314
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSslNativeJna.java
##
@@ -20,271 +20,319 @@
import java.nio.ByteBuffer;
-import com.sun.jna.Native;
+import com.sun.jna.Function;
+import com.sun.jna.NativeLibrary;
import com.sun.jna.NativeLong;
import com.sun.jna.ptr.PointerByReference;
class OpenSslNativeJna {
-static final int OPENSSL_INIT_ENGINE_RDRAND = 0x0200;
-
-static final int OOSL_JNA_ENCRYPT_MODE = 1;
-static final int OOSL_JNA_DECRYPT_MODE = 0;
-
-static final boolean INIT_OK;
-
-static final Throwable INIT_ERROR;
-
-static {
-boolean ok = false;
-Throwable thrown = null;
-try {
-Native.register("crypto");
-ERR_load_crypto_strings();
-ok = true;
-} catch (Exception e) {
-thrown = e;
-} catch (UnsatisfiedLinkError e) {
-thrown = e;
-} finally {
-INIT_OK = ok;
-INIT_ERROR = thrown;
-}
+ static final int OPENSSL_INIT_ENGINE_RDRAND = 0x0200;
+
+ static final int OOSL_JNA_ENCRYPT_MODE = 1;
+ static final int OOSL_JNA_DECRYPT_MODE = 0;
+
+ static final boolean INIT_OK;
+
+ static final Throwable INIT_ERROR;
+
+ public static final long VERSION;
+ public static final long VERSION_1_0_X = 0x1000;
+ public static final long VERSION_1_1_X = 0x1010;
+
+ static {
+NativeLibrary crypto = NativeLibrary.getInstance("crypto");
+Function version = null;
+try {
+ version = crypto.getFunction("SSLeay");
+ } catch (UnsatisfiedLinkError e) {
+// Swallow the Error.
+ }
+
+ if (version == null) {
+VERSION = VERSION_1_1_X;
+ } else {
+VERSION = VERSION_1_0_X;
+ }
+
+ if (VERSION == VERSION_1_1_X) {
+INIT_OK = OpenSsl110NativeJna.INIT_OK;
+ } else if (VERSION == VERSION_1_0_X) {
+INIT_OK = OpenSsl102NativeJna.INIT_OK;
+ } else {
+INIT_OK = false;
+ }
+
+ if (INIT_OK) {
+INIT_ERROR = null;
+ } else if (VERSION == VERSION_1_1_X) {
+INIT_ERROR = OpenSsl110NativeJna.INIT_ERROR;
+ } else if (VERSION == VERSION_1_0_X) {
+INIT_ERROR = OpenSsl102NativeJna.INIT_ERROR;
+ } else {
+INIT_ERROR = null;
+ }
}
-//misc
-/**
- * @return OPENSSL_VERSION_NUMBER which is a numeric release version
- * * identifier
- */
-public static native NativeLong SSLeay();
-
-/**
- * Retrieves version/build information about OpenSSL library.
- *
- * @param type type can be SSLEAY_VERSION, SSLEAY_CFLAGS,
SSLEAY_BUILT_ON...
- * @return A pointer to a constant string describing the version of the
- * OpenSSL library or giving information about the library build.
- */
-public static native String SSLeay_version(int type);
-
-/**
- * Registers the error strings for all libcrypto functions.
- */
-public static native void ERR_load_crypto_strings();
-
-/**
- * @return the earliest error code from the thread's error queue without
- * modifying it.
- */
-public static native NativeLong ERR_peek_error();
-
-
-
-/**
- * Generates a human-readable string representing the error code e.
- * @see
https://www.openssl.org/docs/manmaster/crypto/ERR_error_string.html
- *
- * @param err the error code
- * @param null_ buf is NULL, the error string is placed in a static buffer
- * @return the human-readable error messages.
- */
-public static native String ERR_error_string(NativeLong err, char[] null_);
-//String ERR_lib_error_string(NativeLong err);
-//String ERR_func_error_string(NativeLong err);
-
-//en-/decryption
-/**
- * Creates a cipher context.
- *
- * @return a pointer to a newly created EVP_CIPHER_CTX for success and
- * NULL for failure.
- */
-public static native PointerByReference EVP_CIPHER_CTX_new();
-
-
-/**
- * EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset
- * @param p cipher context
- */
-public static native void EVP_CIPHER_CTX_init(PointerByReference p);
-
-/**
- * Enables or disables padding
- * @param c cipher context
- * @param pad If the pad parameter is zero then no padding is performed
- * @return always returns 1
- */
-public static native int EVP_CIPHER_CTX_set_padding(PointerByReference c,
int pad);
-
-/**
- * @return an openssl AES evp cipher instance with a 128-bit key CBC mode
- */
-public static native PointerByReference EVP_aes_128_cbc();
-
-/**
- * @return an openssl AES evp cipher instance with a 128-bit key CTR mode
- */
-public static native PointerByReference
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244817688
##
File path:
src/main/java/org/apache/commons/crypto/jna/OpenSslJnaCryptoRandom.java
##
@@ -100,14 +100,14 @@ public void nextBytes(byte[] bytes) {
synchronized (OpenSslJnaCryptoRandom.class) {
//this method is synchronized for now
-//to support multithreading
https://wiki.openssl.org/index.php/Manual:Threads(3) needs to be done
+//to support multithreading
https://wiki.openssl.org/index.php/Manual:Threads(3) needs to be done
if(rdrandEnabled &&
OpenSslNativeJna.RAND_get_rand_method().equals(OpenSslNativeJna.RAND_SSLeay()))
{
-close();
+//close();
Review comment:
Why? If it's not needed, then just remove it. Otherwise it should be called.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244810727
##
File path: src/main/java/org/apache/commons/crypto/OpenSslInfoNative.java
##
@@ -18,13 +18,16 @@
package org.apache.commons.crypto;
/**
- * JNI interface of {@see CryptoRandom} implementation for OpenSSL.
+ * JNI interface of @see CryptoRandom implementation for OpenSSL.
Review comment:
Since you're touching this, it should be `{@link CryptoRandom}`.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244812689
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSsl102NativeJna.java
##
@@ -0,0 +1,264 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.crypto.jna;
+
+import java.nio.ByteBuffer;
+
+import com.sun.jna.Native;
+import com.sun.jna.NativeLong;
+import com.sun.jna.ptr.PointerByReference;
+
+/**
+ * @author alex
+ *
+ */
+public class OpenSsl102NativeJna {
+
+static final boolean INIT_OK;
+
+static final Throwable INIT_ERROR;
+
+static {
+boolean ok = false;
+Throwable thrown = null;
+try {
+Native.register("crypto");
+ok = true;
+} catch (Exception e) {
+thrown = e;
+} catch (UnsatisfiedLinkError e) {
+thrown = e;
+} finally {
+INIT_OK = ok;
+INIT_ERROR = thrown;
+}
+}
+
+/**
+ * @return OPENSSL_VERSION_NUMBER which is a numeric release version
+ * * identifier
+ */
+public static native NativeLong SSLeay();
+
+/**
+ * Retrieves version/build information about OpenSSL library.
+ *
+ * @param type type can be SSLEAY_VERSION, SSLEAY_CFLAGS,
SSLEAY_BUILT_ON...
+ * @return A pointer to a constant string describing the version of the
+ * OpenSSL library or giving information about the library build.
+ */
+public static native String SSLeay_version(int type);
+
+/**
+ * Registers the error strings for all libcrypto functions.
+ */
+public static native void ERR_load_crypto_strings();
+
+/**
+ * @return the earliest error code from the thread's error queue without
+ * modifying it.
+ */
+public static native NativeLong ERR_peek_error();
+
+
+
+/**
+ * Generates a human-readable string representing the error code e.
+ * @see
https://www.openssl.org/docs/manmaster/crypto/ERR_error_string.html
+ *
+ * @param err the error code
+ * @param null_ buf is NULL, the error string is placed in a static buffer
+ * @return the human-readable error messages.
+ */
+public static native String ERR_error_string(NativeLong err, char[] null_);
+//String ERR_lib_error_string(NativeLong err);
Review comment:
?
(Seems copy & pasted from existing code, but better not to replicate things
that don't make sense.)
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244817093
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSsl110NativeJna.java
##
@@ -0,0 +1,226 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.crypto.jna;
+
+import java.nio.ByteBuffer;
+
+import com.sun.jna.Native;
+import com.sun.jna.NativeLong;
+import com.sun.jna.ptr.PointerByReference;
+
+public class OpenSsl110NativeJna {
+
+static final int OPENSSL_INIT_ENGINE_RDRAND = 0x0200;
+
+static final int OOSL_JNA_ENCRYPT_MODE = 1;
Review comment:
Not used.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244810868
##
File path: src/main/java/org/apache/commons/crypto/OpenSslInfoNative.java
##
@@ -18,13 +18,16 @@
package org.apache.commons.crypto;
/**
- * JNI interface of {@see CryptoRandom} implementation for OpenSSL.
+ * JNI interface of @see CryptoRandom implementation for OpenSSL.
* The native method in this class is defined in
* OpenSslCryptoRandomNative.h (generated at build time by javah)
* and implemented in the file
* src/main/native/org/apache/commons/crypto/random/OpenSslCryptoRandomNative.c
*/
-class OpenSslInfoNative {
+public class OpenSslInfoNative {
Review comment:
Why public? Users of the library should not need to care about this.
It seems you're just calling this from Crypto.java so package private should
be fine.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244810433 ## File path: Makefile.common ## @@ -179,11 +179,11 @@ Mac-x86_LIBNAME := libcommons-crypto.jnilib Mac-x86_COMMONS_CRYPTO_FLAGS := Mac-x86_64_CC:= gcc -arch $(OS_ARCH) -Mac-x86_64_CXX := g++ -arch $(OS_ARCH) +Mac-x86_64_CXX := gcc -arch $(OS_ARCH) Mac-x86_64_STRIP := strip -x -Mac-x86_64_CFLAGS:= -Ilib/inc_mac -I$(JAVA_HOME)/include -O2 -fPIC -mmacosx-version-min=10.5 -fvisibility=hidden -I/usr/local/include -I/usr/local/opt/openssl/include -Mac-x86_64_CXXFLAGS := -Ilib/inc_mac -I$(JAVA_HOME)/include -O2 -fPIC -mmacosx-version-min=10.5 -fvisibility=hidden -I/usr/local/include -I/usr/local/opt/openssl/include -Mac-x86_64_LINKFLAGS := -dynamiclib -L/usr/local/lib +Mac-x86_64_CFLAGS:= -Ilib/inc_mac -I$(JAVA_HOME)/include -O2 -fPIC -mmacosx-version-min=10.7 -fvisibility=hidden -I/usr/local/include -I/usr/local/opt/openssl/include +Mac-x86_64_CXXFLAGS := -Ilib/inc_mac -I$(JAVA_HOME)/include -O2 -fPIC -mmacosx-version-min=10.7 -fvisibility=hidden -I/usr/local/include -I/usr/local/opt/openssl/include +Mac-x86_64_LINKFLAGS := -dynamiclib -L/usr/local/lib Review comment: nit: trailing whitespace This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244810053 ## File path: .gitignore ## @@ -1,37 +0,0 @@ -*~ Review comment: Why delete this file? This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244810551 ## File path: pom.xml ## @@ -1,33 +1,29 @@ - -http://maven.apache.org/POM/4.0.0; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd;> - 4.0.0 - - -org.apache.commons -commons-parent -43 - - - org.apache.commons - commons-crypto - 1.1.0-SNAPSHOT - jar - - Apache Commons Crypto -
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244819798
##
File path: src/main/native/org/apache/commons/crypto/OpenSslInfoNative.c
##
@@ -98,24 +84,26 @@ static int load_library(JNIEnv *env)
return 1;
}
-JNIEXPORT jstring JNICALL
Java_org_apache_commons_crypto_OpenSslInfoNative_SSLeayVersion
-(JNIEnv *env, jclass clazz, jint type)
+#ifdef UNIX
+static void get_methods(JNIEnv *env, void *openssl)
+#endif
+#ifdef WINDOWS
+static void get_methods(JNIEnv *env, HMODULE openssl)
+#endif
{
-if (!load_library(env)) {
-return NULL;
-}
-
-jstring answer = (*env)->NewStringUTF(env,dlsym_SSLeay_version(type));
-return answer;
-}
+#ifdef UNIX
+ dlerror(); // Clear any existing error
+#if OPENSSL_VERSION_NUMBER > VERSION_1_1_x
+ LOAD_DYNAMIC_SYMBOL(dlsym_OpenSSL_version_num, env, openssl,
"OpenSSL_version_num");
Review comment:
You'lll probably need to use `do_dlsym` directly instead of the macro, so
you can do runtime checks.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244818921 ## File path: src/main/native/org/apache/commons/crypto/OpenSslInfoNative.c ## @@ -39,38 +39,24 @@ #include "OpenSslInfoNative.h" #ifdef UNIX -static unsigned long (*dlsym_SSLeay) (void); -static char * (*dlsym_SSLeay_version) (int); +static unsigned long (*dlsym_OpenSSL_version_num) (void); +static char * (*dlsym_OpenSSL_version) (int); Review comment: nit: this function returns `const char *`. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244819839
##
File path: src/main/native/org/apache/commons/crypto/OpenSslInfoNative.c
##
@@ -98,24 +84,26 @@ static int load_library(JNIEnv *env)
return 1;
}
-JNIEXPORT jstring JNICALL
Java_org_apache_commons_crypto_OpenSslInfoNative_SSLeayVersion
-(JNIEnv *env, jclass clazz, jint type)
+#ifdef UNIX
+static void get_methods(JNIEnv *env, void *openssl)
+#endif
+#ifdef WINDOWS
+static void get_methods(JNIEnv *env, HMODULE openssl)
+#endif
{
-if (!load_library(env)) {
-return NULL;
-}
-
-jstring answer = (*env)->NewStringUTF(env,dlsym_SSLeay_version(type));
-return answer;
-}
+#ifdef UNIX
+ dlerror(); // Clear any existing error
+#if OPENSSL_VERSION_NUMBER > VERSION_1_1_x
+ LOAD_DYNAMIC_SYMBOL(dlsym_OpenSSL_version_num, env, openssl,
"OpenSSL_version_num");
+ LOAD_DYNAMIC_SYMBOL(dlsym_OpenSSL_version, env, openssl, "OpenSSL_version");
+#elif OPENSSL_VERSION_NUMBER > VERSION_1_0_x
+ LOAD_DYNAMIC_SYMBOL(dlsym_OpenSSL_version_num, env, openssl, "SSLeay");
+ LOAD_DYNAMIC_SYMBOL(dlsym_OpenSSL_version, env, openssl, "SSLeay_version");
+#endif
+#endif
-JNIEXPORT jlong JNICALL Java_org_apache_commons_crypto_OpenSslInfoNative_SSLeay
-(JNIEnv *env, jobject object)
-{
-if (!load_library(env)) {
-return 0;
-}
-return dlsym_SSLeay();
+#ifdef WINDOWS
Review comment:
?
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1 URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244811499 ## File path: src/main/java/org/apache/commons/crypto/jna/OpenSsl102NativeJna.java ## @@ -0,0 +1,264 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.commons.crypto.jna; + +import java.nio.ByteBuffer; + +import com.sun.jna.Native; +import com.sun.jna.NativeLong; +import com.sun.jna.ptr.PointerByReference; + +/** + * @author alex Review comment: Please remove `@author` tags. If not adding a proper javadoc, please omit the whole thing. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
[GitHub] vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with backward compatibility for OpenSSL 1.0.2 and 1.0.1
vanzin commented on a change in pull request #92: OpenSSL 1.1.0 updates with
backward compatibility for OpenSSL 1.0.2 and 1.0.1
URL: https://github.com/apache/commons-crypto/pull/92#discussion_r244817116
##
File path: src/main/java/org/apache/commons/crypto/jna/OpenSsl110NativeJna.java
##
@@ -0,0 +1,226 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.crypto.jna;
+
+import java.nio.ByteBuffer;
+
+import com.sun.jna.Native;
+import com.sun.jna.NativeLong;
+import com.sun.jna.ptr.PointerByReference;
+
+public class OpenSsl110NativeJna {
+
+static final int OPENSSL_INIT_ENGINE_RDRAND = 0x0200;
+
+static final int OOSL_JNA_ENCRYPT_MODE = 1;
+static final int OOSL_JNA_DECRYPT_MODE = 0;
Review comment:
Not used.
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
