1 /* $OpenBSD: dsa_lib.c,v 1.29 2018/04/14 07:09:21 tb Exp $ */
2 /* $OpenBSD: rsa_lib.c,v 1.37 2018/04/14 07:09:21 tb Exp $ */
3 /* $OpenBSD: evp_lib.c,v 1.17 2018/09/12 06:35:38 djm Exp $ */
4 /* $OpenBSD: dh_lib.c,v 1.32 2018/05/02 15:48:38 tb Exp $ */
5 /* $OpenBSD: p_lib.c,v 1.24 2018/05/30 15:40:50 tb Exp $ */
6 /* $OpenBSD: digest.c,v 1.30 2018/04/14 07:09:21 tb Exp $ */
7 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
8  * All rights reserved.
9  *
10  * This package is an SSL implementation written
11  * by Eric Young (eay@cryptsoft.com).
12  * The implementation was written so as to conform with Netscapes SSL.
13  *
14  * This library is free for commercial and non-commercial use as long as
15  * the following conditions are aheared to.  The following conditions
16  * apply to all code found in this distribution, be it the RC4, RSA,
17  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
18  * included with this distribution is covered by the same copyright terms
19  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
20  *
21  * Copyright remains Eric Young's, and as such any Copyright notices in
22  * the code are not to be removed.
23  * If this package is used in a product, Eric Young should be given attribution
24  * as the author of the parts of the library used.
25  * This can be in the form of a textual message at program startup or
26  * in documentation (online or textual) provided with the package.
27  *
28  * Redistribution and use in source and binary forms, with or without
29  * modification, are permitted provided that the following conditions
30  * are met:
31  * 1. Redistributions of source code must retain the copyright
32  *    notice, this list of conditions and the following disclaimer.
33  * 2. Redistributions in binary form must reproduce the above copyright
34  *    notice, this list of conditions and the following disclaimer in the
35  *    documentation and/or other materials provided with the distribution.
36  * 3. All advertising materials mentioning features or use of this software
37  *    must display the following acknowledgement:
38  *    "This product includes cryptographic software written by
39  *     Eric Young (eay@cryptsoft.com)"
40  *    The word 'cryptographic' can be left out if the rouines from the library
41  *    being used are not cryptographic related :-).
42  * 4. If you include any Windows specific code (or a derivative thereof) from
43  *    the apps directory (application code) you must include an acknowledgement:
44  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
45  *
46  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
47  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
50  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
51  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
52  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
54  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
55  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
56  * SUCH DAMAGE.
57  *
58  * The licence and distribution terms for any publically available version or
59  * derivative of this code cannot be changed.  i.e. this code cannot simply be
60  * copied and put under another distribution licence
61  * [including the GNU Public Licence.]
62  */
63 
64 /* $OpenBSD: dsa_asn1.c,v 1.22 2018/06/14 17:03:19 jsing Exp $ */
65 /* $OpenBSD: ecs_asn1.c,v 1.9 2018/03/17 15:24:44 tb Exp $ */
66 /* $OpenBSD: digest.c,v 1.30 2018/04/14 07:09:21 tb Exp $ */
67 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
68  * project 2000.
69  */
70 /* ====================================================================
71  * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
72  *
73  * Redistribution and use in source and binary forms, with or without
74  * modification, are permitted provided that the following conditions
75  * are met:
76  *
77  * 1. Redistributions of source code must retain the above copyright
78  *    notice, this list of conditions and the following disclaimer.
79  *
80  * 2. Redistributions in binary form must reproduce the above copyright
81  *    notice, this list of conditions and the following disclaimer in
82  *    the documentation and/or other materials provided with the
83  *    distribution.
84  *
85  * 3. All advertising materials mentioning features or use of this
86  *    software must display the following acknowledgment:
87  *    "This product includes software developed by the OpenSSL Project
88  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
89  *
90  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
91  *    endorse or promote products derived from this software without
92  *    prior written permission. For written permission, please contact
93  *    licensing@OpenSSL.org.
94  *
95  * 5. Products derived from this software may not be called "OpenSSL"
96  *    nor may "OpenSSL" appear in their names without prior written
97  *    permission of the OpenSSL Project.
98  *
99  * 6. Redistributions of any form whatsoever must retain the following
100  *    acknowledgment:
101  *    "This product includes software developed by the OpenSSL Project
102  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
103  *
104  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
105  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
106  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
107  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
108  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
109  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
110  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
111  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
112  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
113  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
114  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
115  * OF THE POSSIBILITY OF SUCH DAMAGE.
116  * ====================================================================
117  *
118  * This product includes cryptographic software written by Eric Young
119  * (eay@cryptsoft.com).  This product includes software written by Tim
120  * Hudson (tjh@cryptsoft.com).
121  *
122  */
123 
124 /*	$OpenBSD: rsa_meth.c,v 1.2 2018/09/12 06:35:38 djm Exp $	*/
125 /*
126  * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
127  *
128  * Permission to use, copy, modify, and distribute this software for any
129  * purpose with or without fee is hereby granted, provided that the above
130  * copyright notice and this permission notice appear in all copies.
131  *
132  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
133  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
134  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
135  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
136  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
137  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
138  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
139  */
140 
141 #include "includes.h"
142 
143 #ifdef WITH_OPENSSL
144 
145 #include <sys/types.h>
146 
147 #include <stdlib.h>
148 #include <string.h>
149 
150 #include <openssl/err.h>
151 #include <openssl/bn.h>
152 #include <openssl/dsa.h>
153 #include <openssl/rsa.h>
154 #include <openssl/evp.h>
155 #include <openssl/ecdsa.h>
156 #include <openssl/dh.h>
157 
158 #ifndef HAVE_DSA_GET0_PQG
159 void
160 DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
161 {
162 	if (p != NULL)
163 		*p = d->p;
164 	if (q != NULL)
165 		*q = d->q;
166 	if (g != NULL)
167 		*g = d->g;
168 }
169 #endif /* HAVE_DSA_GET0_PQG */
170 
171 #ifndef HAVE_DSA_SET0_PQG
172 int
173 DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)
174 {
175 	if ((d->p == NULL && p == NULL) || (d->q == NULL && q == NULL) ||
176 	    (d->g == NULL && g == NULL))
177 		return 0;
178 
179 	if (p != NULL) {
180 		BN_free(d->p);
181 		d->p = p;
182 	}
183 	if (q != NULL) {
184 		BN_free(d->q);
185 		d->q = q;
186 	}
187 	if (g != NULL) {
188 		BN_free(d->g);
189 		d->g = g;
190 	}
191 
192 	return 1;
193 }
194 #endif /* HAVE_DSA_SET0_PQG */
195 
196 #ifndef HAVE_DSA_GET0_KEY
197 void
198 DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key)
199 {
200 	if (pub_key != NULL)
201 		*pub_key = d->pub_key;
202 	if (priv_key != NULL)
203 		*priv_key = d->priv_key;
204 }
205 #endif /* HAVE_DSA_GET0_KEY */
206 
207 #ifndef HAVE_DSA_SET0_KEY
208 int
209 DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
210 {
211 	if (d->pub_key == NULL && pub_key == NULL)
212 		return 0;
213 
214 	if (pub_key != NULL) {
215 		BN_free(d->pub_key);
216 		d->pub_key = pub_key;
217 	}
218 	if (priv_key != NULL) {
219 		BN_free(d->priv_key);
220 		d->priv_key = priv_key;
221 	}
222 
223 	return 1;
224 }
225 #endif /* HAVE_DSA_SET0_KEY */
226 
227 #ifndef HAVE_RSA_GET0_KEY
228 void
229 RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
230 {
231 	if (n != NULL)
232 		*n = r->n;
233 	if (e != NULL)
234 		*e = r->e;
235 	if (d != NULL)
236 		*d = r->d;
237 }
238 #endif /* HAVE_RSA_GET0_KEY */
239 
240 #ifndef HAVE_RSA_SET0_KEY
241 int
242 RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
243 {
244 	if ((r->n == NULL && n == NULL) || (r->e == NULL && e == NULL))
245 		return 0;
246 
247 	if (n != NULL) {
248 		BN_free(r->n);
249 		r->n = n;
250 	}
251 	if (e != NULL) {
252 		BN_free(r->e);
253 		r->e = e;
254 	}
255 	if (d != NULL) {
256 		BN_free(r->d);
257 		r->d = d;
258 	}
259 
260 	return 1;
261 }
262 #endif /* HAVE_RSA_SET0_KEY */
263 
264 #ifndef HAVE_RSA_GET0_CRT_PARAMS
265 void
266 RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1,
267     const BIGNUM **iqmp)
268 {
269 	if (dmp1 != NULL)
270 		*dmp1 = r->dmp1;
271 	if (dmq1 != NULL)
272 		*dmq1 = r->dmq1;
273 	if (iqmp != NULL)
274 		*iqmp = r->iqmp;
275 }
276 #endif /* HAVE_RSA_GET0_CRT_PARAMS */
277 
278 #ifndef HAVE_RSA_SET0_CRT_PARAMS
279 int
280 RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
281 {
282 	if ((r->dmp1 == NULL && dmp1 == NULL) ||
283 	    (r->dmq1 == NULL && dmq1 == NULL) ||
284 	    (r->iqmp == NULL && iqmp == NULL))
285 	       	return 0;
286 
287 	if (dmp1 != NULL) {
288 		BN_free(r->dmp1);
289 		r->dmp1 = dmp1;
290 	}
291 	if (dmq1 != NULL) {
292 		BN_free(r->dmq1);
293 		r->dmq1 = dmq1;
294 	}
295 	if (iqmp != NULL) {
296 		BN_free(r->iqmp);
297 		r->iqmp = iqmp;
298 	}
299 
300 	return 1;
301 }
302 #endif /* HAVE_RSA_SET0_CRT_PARAMS */
303 
304 #ifndef HAVE_RSA_GET0_FACTORS
305 void
306 RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q)
307 {
308 	if (p != NULL)
309 		*p = r->p;
310 	if (q != NULL)
311 		*q = r->q;
312 }
313 #endif /* HAVE_RSA_GET0_FACTORS */
314 
315 #ifndef HAVE_RSA_SET0_FACTORS
316 int
317 RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
318 {
319 	if ((r->p == NULL && p == NULL) || (r->q == NULL && q == NULL))
320 		return 0;
321 
322 	if (p != NULL) {
323 		BN_free(r->p);
324 		r->p = p;
325 	}
326 	if (q != NULL) {
327 		BN_free(r->q);
328 		r->q = q;
329 	}
330 
331 	return 1;
332 }
333 #endif /* HAVE_RSA_SET0_FACTORS */
334 
335 #ifndef HAVE_EVP_CIPHER_CTX_GET_IV
336 int
337 EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, unsigned char *iv, size_t len)
338 {
339 	if (ctx == NULL)
340 		return 0;
341 	if (EVP_CIPHER_CTX_iv_length(ctx) < 0)
342 		return 0;
343 	if (len != (size_t)EVP_CIPHER_CTX_iv_length(ctx))
344 		return 0;
345 	if (len > EVP_MAX_IV_LENGTH)
346 		return 0; /* sanity check; shouldn't happen */
347 	/*
348 	 * Skip the memcpy entirely when the requested IV length is zero,
349 	 * since the iv pointer may be NULL or invalid.
350 	 */
351 	if (len != 0) {
352 		if (iv == NULL)
353 			return 0;
354 # ifdef HAVE_EVP_CIPHER_CTX_IV
355 		memcpy(iv, EVP_CIPHER_CTX_iv(ctx), len);
356 # else
357 		memcpy(iv, ctx->iv, len);
358 # endif /* HAVE_EVP_CIPHER_CTX_IV */
359 	}
360 	return 1;
361 }
362 #endif /* HAVE_EVP_CIPHER_CTX_GET_IV */
363 
364 #ifndef HAVE_EVP_CIPHER_CTX_SET_IV
365 int
366 EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx, const unsigned char *iv, size_t len)
367 {
368 	if (ctx == NULL)
369 		return 0;
370 	if (EVP_CIPHER_CTX_iv_length(ctx) < 0)
371 		return 0;
372 	if (len != (size_t)EVP_CIPHER_CTX_iv_length(ctx))
373 		return 0;
374 	if (len > EVP_MAX_IV_LENGTH)
375 		return 0; /* sanity check; shouldn't happen */
376 	/*
377 	 * Skip the memcpy entirely when the requested IV length is zero,
378 	 * since the iv pointer may be NULL or invalid.
379 	 */
380 	if (len != 0) {
381 		if (iv == NULL)
382 			return 0;
383 # ifdef HAVE_EVP_CIPHER_CTX_IV_NOCONST
384 		memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, len);
385 # else
386 		memcpy(ctx->iv, iv, len);
387 # endif /* HAVE_EVP_CIPHER_CTX_IV_NOCONST */
388 	}
389 	return 1;
390 }
391 #endif /* HAVE_EVP_CIPHER_CTX_SET_IV */
392 
393 #ifndef HAVE_DSA_SIG_GET0
394 void
395 DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
396 {
397 	if (pr != NULL)
398 		*pr = sig->r;
399 	if (ps != NULL)
400 		*ps = sig->s;
401 }
402 #endif /* HAVE_DSA_SIG_GET0 */
403 
404 #ifndef HAVE_DSA_SIG_SET0
405 int
406 DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s)
407 {
408 	if (r == NULL || s == NULL)
409 		return 0;
410 
411 	BN_clear_free(sig->r);
412 	sig->r = r;
413 	BN_clear_free(sig->s);
414 	sig->s = s;
415 
416 	return 1;
417 }
418 #endif /* HAVE_DSA_SIG_SET0 */
419 
420 #ifndef HAVE_ECDSA_SIG_GET0
421 void
422 ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
423 {
424 	if (pr != NULL)
425 		*pr = sig->r;
426 	if (ps != NULL)
427 		*ps = sig->s;
428 }
429 #endif /* HAVE_ECDSA_SIG_GET0 */
430 
431 #ifndef HAVE_ECDSA_SIG_SET0
432 int
433 ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
434 {
435 	if (r == NULL || s == NULL)
436 		return 0;
437 
438 	BN_clear_free(sig->r);
439 	BN_clear_free(sig->s);
440 	sig->r = r;
441 	sig->s = s;
442 	return 1;
443 }
444 #endif /* HAVE_ECDSA_SIG_SET0 */
445 
446 #ifndef HAVE_DH_GET0_PQG
447 void
448 DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
449 {
450 	if (p != NULL)
451 		*p = dh->p;
452 	if (q != NULL)
453 		*q = dh->q;
454 	if (g != NULL)
455 		*g = dh->g;
456 }
457 #endif /* HAVE_DH_GET0_PQG */
458 
459 #ifndef HAVE_DH_SET0_PQG
460 int
461 DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
462 {
463 	if ((dh->p == NULL && p == NULL) || (dh->g == NULL && g == NULL))
464 		return 0;
465 
466 	if (p != NULL) {
467 		BN_free(dh->p);
468 		dh->p = p;
469 	}
470 	if (q != NULL) {
471 		BN_free(dh->q);
472 		dh->q = q;
473 	}
474 	if (g != NULL) {
475 		BN_free(dh->g);
476 		dh->g = g;
477 	}
478 
479 	return 1;
480 }
481 #endif /* HAVE_DH_SET0_PQG */
482 
483 #ifndef HAVE_DH_GET0_KEY
484 void
485 DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
486 {
487 	if (pub_key != NULL)
488 		*pub_key = dh->pub_key;
489 	if (priv_key != NULL)
490 		*priv_key = dh->priv_key;
491 }
492 #endif /* HAVE_DH_GET0_KEY */
493 
494 #ifndef HAVE_DH_SET0_KEY
495 int
496 DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
497 {
498 	if (pub_key != NULL) {
499 		BN_free(dh->pub_key);
500 		dh->pub_key = pub_key;
501 	}
502 	if (priv_key != NULL) {
503 		BN_free(dh->priv_key);
504 		dh->priv_key = priv_key;
505 	}
506 
507 	return 1;
508 }
509 #endif /* HAVE_DH_SET0_KEY */
510 
511 #ifndef HAVE_DH_SET_LENGTH
512 int
513 DH_set_length(DH *dh, long length)
514 {
515 	if (length < 0 || length > INT_MAX)
516 		return 0;
517 
518 	dh->length = length;
519 	return 1;
520 }
521 #endif /* HAVE_DH_SET_LENGTH */
522 
523 #ifndef HAVE_RSA_METH_FREE
524 void
525 RSA_meth_free(RSA_METHOD *meth)
526 {
527 	if (meth != NULL) {
528 		free((char *)meth->name);
529 		free(meth);
530 	}
531 }
532 #endif /* HAVE_RSA_METH_FREE */
533 
534 #ifndef HAVE_RSA_METH_DUP
535 RSA_METHOD *
536 RSA_meth_dup(const RSA_METHOD *meth)
537 {
538 	RSA_METHOD *copy;
539 
540 	if ((copy = calloc(1, sizeof(*copy))) == NULL)
541 		return NULL;
542 	memcpy(copy, meth, sizeof(*copy));
543 	if ((copy->name = strdup(meth->name)) == NULL) {
544 		free(copy);
545 		return NULL;
546 	}
547 
548 	return copy;
549 }
550 #endif /* HAVE_RSA_METH_DUP */
551 
552 #ifndef HAVE_RSA_METH_SET1_NAME
553 int
554 RSA_meth_set1_name(RSA_METHOD *meth, const char *name)
555 {
556 	char *copy;
557 
558 	if ((copy = strdup(name)) == NULL)
559 		return 0;
560 	free((char *)meth->name);
561 	meth->name = copy;
562 	return 1;
563 }
564 #endif /* HAVE_RSA_METH_SET1_NAME */
565 
566 #ifndef HAVE_RSA_METH_GET_FINISH
567 int
568 (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa)
569 {
570 	return meth->finish;
571 }
572 #endif /* HAVE_RSA_METH_GET_FINISH */
573 
574 #ifndef HAVE_RSA_METH_SET_PRIV_ENC
575 int
576 RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc)(int flen,
577     const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
578 {
579 	meth->rsa_priv_enc = priv_enc;
580 	return 1;
581 }
582 #endif /* HAVE_RSA_METH_SET_PRIV_ENC */
583 
584 #ifndef HAVE_RSA_METH_SET_PRIV_DEC
585 int
586 RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec)(int flen,
587     const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
588 {
589 	meth->rsa_priv_dec = priv_dec;
590 	return 1;
591 }
592 #endif /* HAVE_RSA_METH_SET_PRIV_DEC */
593 
594 #ifndef HAVE_RSA_METH_SET_FINISH
595 int
596 RSA_meth_set_finish(RSA_METHOD *meth, int (*finish)(RSA *rsa))
597 {
598 	meth->finish = finish;
599 	return 1;
600 }
601 #endif /* HAVE_RSA_METH_SET_FINISH */
602 
603 #ifndef HAVE_EVP_PKEY_GET0_RSA
604 RSA *
605 EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
606 {
607 	if (pkey->type != EVP_PKEY_RSA) {
608 		/* EVPerror(EVP_R_EXPECTING_AN_RSA_KEY); */
609 		return NULL;
610 	}
611 	return pkey->pkey.rsa;
612 }
613 #endif /* HAVE_EVP_PKEY_GET0_RSA */
614 
615 #ifndef HAVE_EVP_MD_CTX_NEW
616 EVP_MD_CTX *
617 EVP_MD_CTX_new(void)
618 {
619 	return calloc(1, sizeof(EVP_MD_CTX));
620 }
621 #endif /* HAVE_EVP_MD_CTX_NEW */
622 
623 #ifndef HAVE_EVP_MD_CTX_FREE
624 void
625 EVP_MD_CTX_free(EVP_MD_CTX *ctx)
626 {
627 	if (ctx == NULL)
628 		return;
629 
630 	EVP_MD_CTX_cleanup(ctx);
631 
632 	free(ctx);
633 }
634 #endif /* HAVE_EVP_MD_CTX_FREE */
635 
636 #endif /* WITH_OPENSSL */
637