pocoproject · AnDevi · Mar 8, 2018 · May 21, 2018 · May 21, 2018 · May 21, 2018
diff --git a/.gitmodules b/.gitmodules
@@ -1,6 +1,8 @@
 [submodule "openssl"]
 	path = openssl
 	url = https://github.com/pocoproject/openssl
+	branch = master
+
 [submodule "gradle"]
 	path = gradle
 	url = https://github.com/pocoproject/gradle
diff --git a/Crypto/src/CipherKeyImpl.cpp b/Crypto/src/CipherKeyImpl.cpp
@@ -121,9 +121,6 @@ CipherKeyImpl::Mode CipherKeyImpl::mode() const
 
 	case EVP_CIPH_GCM_MODE:
 		return MODE_GCM;
-
-	case EVP_CIPH_CCM_MODE:
-		return MODE_CCM;
 #endif
 	}
 	throw Poco::IllegalStateException("Unexpected value of EVP_CIPHER_mode()");

diff --git a/Crypto/src/DigestEngine.cpp b/Crypto/src/DigestEngine.cpp
@@ -12,10 +12,13 @@
 //
 
 
+//Changed for port OpenSSL -> BoringSSL
+#if defined(OPENSSL_IS_BORINGSSL)
+	#include "openssl/digest.h"
+#endif
 #include "Poco/Crypto/DigestEngine.h"
 #include "Poco/Exception.h"
 
-
 namespace Poco {
 namespace Crypto {
 
@@ -37,7 +40,12 @@ DigestEngine::~DigestEngine()
 
 int DigestEngine::nid() const
 {
-	return EVP_MD_nid(EVP_MD_CTX_md(_pContext));
+	//Changed for port OpenSSL -> BoringSSL
+	#if defined(OPENSSL_IS_BORINGSSL)
+		return EVP_MD_type(EVP_MD_CTX_md(_pContext));
+	#else 
+		return EVP_MD_nid(EVP_MD_CTX_md(_pContext));
+	#endif
 }
 
 std::size_t DigestEngine::digestLength() const

diff --git a/Crypto/src/PKCS12Container.cpp b/Crypto/src/PKCS12Container.cpp
@@ -128,26 +128,31 @@ PKCS12Container::~PKCS12Container()
 
 std::string PKCS12Container::extractFriendlyName(X509* pCert)
 {
-	std::string friendlyName;
-	if(pCert)
-	{
-		STACK_OF(PKCS12_SAFEBAG)*pBags = 0;
-		PKCS12_SAFEBAG*pBag = PKCS12_add_cert(&pBags, pCert);
-		if(pBag)
-		{
-			char* pBuffer = PKCS12_get_friendlyname(pBag);
-			if(pBuffer)
+	//Changed for port OpenSSL -> BoringSSL
+	#if defined(OPENSSL_IS_BORINGSSL)
+    	throw NotImplementedException();
+	#else 
+		std::string friendlyName;
+		f(pCert)
+		{	
+			STACK_OF(PKCS12_SAFEBAG)*pBags = 0;
+			PKCS12_SAFEBAG*pBag = PKCS12_add_cert(&pBags, pCert);
+			if(pBag)
 			{
-				friendlyName = pBuffer;
-				OPENSSL_free(pBuffer);
+				char* pBuffer = PKCS12_get_friendlyname(pBag);
+				if(pBuffer)
+				{
+					friendlyName = pBuffer;
+					OPENSSL_free(pBuffer);
+				}
+				if(pBags) sk_PKCS12_SAFEBAG_pop_free(pBags, PKCS12_SAFEBAG_free);
 			}
-			if(pBags) sk_PKCS12_SAFEBAG_pop_free(pBags, PKCS12_SAFEBAG_free);
+			else throw OpenSSLException("PKCS12Container::extractFriendlyName()");
 		}
-		else throw OpenSSLException("PKCS12Container::extractFriendlyName()");
-	}
-	else throw NullPointerException("PKCS12Container::extractFriendlyName()");
+		else throw NullPointerException("PKCS12Container::extractFriendlyName()");
 
-	return friendlyName;
+		return friendlyName;
+	#endif
 }
 
 

diff --git a/Crypto/src/RSACipherImpl.cpp b/Crypto/src/RSACipherImpl.cpp
@@ -51,7 +51,12 @@ namespace
 		case RSA_PADDING_PKCS1_OAEP:
 			return RSA_PKCS1_OAEP_PADDING;
 		case RSA_PADDING_SSLV23:
-			return RSA_SSLV23_PADDING;
+		//Changed for port OpenSSL -> BoringSSL
+			#if defined(OPENSSL_IS_BORINGSSL)
+				throw NotImplementedException();
+			#else 
+				return RSA_SSLV23_PADDING;
+			#endif			
 		case RSA_PADDING_NONE:
 			return RSA_NO_PADDING;
 		default:

diff --git a/NetSSL_OpenSSL/src/Context.cpp b/NetSSL_OpenSSL/src/Context.cpp
@@ -198,7 +198,13 @@ void Context::useCertificate(const Poco::Crypto::X509Certificate& certificate)
 
 void Context::addChainCertificate(const Poco::Crypto::X509Certificate& certificate)
 {
-	int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, certificate.certificate());
+	//Changed for port OpenSSL -> BoringSSL
+	#if defined(OPENSSL_IS_BORINGSSL)
+		int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, const_cast<X509*>(certificate.certificate()));
+	#else 
+		int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, certificate.certificate());
+	#endif
+
 	if (errCode != 1)
 	{
 		std::string msg = Utility::getLastError();
@@ -511,25 +517,37 @@ void Context::initDH(const std::string& dhParamsFile)
 			std::string msg = Utility::getLastError();
 			throw SSLContextException("Error creating Diffie-Hellman parameters", msg);
 		}
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-		BIGNUM* p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
-		BIGNUM* g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
-		DH_set0_pqg(dh, p, 0, g);
-		DH_set_length(dh, 160);
-		if (!p || !g)
-		{
-			DH_free(dh);
-			throw SSLContextException("Error creating Diffie-Hellman parameters");
-		}
-#else
+
+//Changed for port OpenSSL -> BoringSSL	
+#if defined(OPENSSL_IS_BORINGSSL)
 		dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
 		dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
-		dh->length = 160;
 		if ((!dh->p) || (!dh->g))
 		{
 			DH_free(dh);
 			throw SSLContextException("Error creating Diffie-Hellman parameters");
 		}
+#else
+	#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+			BIGNUM* p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
+			BIGNUM* g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
+			DH_set0_pqg(dh, p, 0, g);
+			DH_set_length(dh, 160);
+			if (!p || !g)
+			{
+				DH_free(dh);
+				throw SSLContextException("Error creating Diffie-Hellman parameters");
+			}
+	#else
+			dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
+			dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
+			dh->length = 160;
+			if ((!dh->p) || (!dh->g))
+			{
+				DH_free(dh);
+				throw SSLContextException("Error creating Diffie-Hellman parameters");
+			}
+	#endif
 #endif
 	}
 	SSL_CTX_set_tmp_dh(_pSSLContext, dh);

diff --git a/openssl b/openssl