Migrate to openssl 1.1submit/tizen/20190708.161352submit/tizen/20190708.115723accepted/tizen/unified/20190709.113113

Change-Id: I43ac640debc91648e0d314e90f4c9b42ef0bf5a3

4 files changed, 14 insertions, 27 deletions

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 2d1f806..0bca399 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -71,7 +71,7 @@ CONFIGURE_FILE(packaging/lib${PROJECT_NAME}.manifest.in lib${PROJECT_NAME}.manif
 CONFIGURE_FILE(packaging/lib${PROJECT_NAME}-test.manifest.in lib${PROJECT_NAME}-test.manifest @ONLY)
 
 ################# common configurations for srcs and test ######################
-SET(DEPENDENTS "openssl dlog key-manager libtzplatform-config")
+SET(DEPENDENTS "openssl1.1 dlog key-manager libtzplatform-config")
 PKG_CHECK_MODULES(WEB_APP_ENC_DEPS
 	REQUIRED
 	${DEPENDENTS}
diff --git a/packaging/libwebappenc.spec b/packaging/libwebappenc.spec
index 8b0bea6..de8dd70 100644
--- a/packaging/libwebappenc.spec
+++ b/packaging/libwebappenc.spec
@@ -11,7 +11,7 @@ Requires(postun): /sbin/ldconfig
 
 BuildRequires: cmake
 BuildRequires: pkgconfig(dlog)
-BuildRequires: pkgconfig(openssl)
+BuildRequires: pkgconfig(openssl1.1)
 BuildRequires: pkgconfig(key-manager)
 BuildRequires: pkgconfig(libtzplatform-config)
 
diff --git a/srcs/crypto_service.c b/srcs/crypto_service.c
index dcc172e..a5a91f9 100644
--- a/srcs/crypto_service.c
+++ b/srcs/crypto_service.c
@@ -41,17 +41,6 @@
 
 crypto_element_s *dek_kek = NULL;
 
-static bool __initialized = false;
-
-void _initialize()
-{
-	if (!__initialized) {
-		ERR_load_crypto_strings();
-		OpenSSL_add_all_algorithms();
-		__initialized = true;
-	}
-}
-
 int _generate_dek_kek()
 {
 	int ret = WAE_ERROR_NONE;
@@ -131,8 +120,6 @@ int encrypt_aes_cbc(const crypto_element_s *ce, const raw_buffer_s *data,
 	raw_buffer_s *encrypted_data = NULL;
 	int ret = WAE_ERROR_NONE;
 
-	_initialize();
-
 	WAE_SLOGI("Encryption Started. size=%zu", data->size);
 
 	/* check input paramter */
@@ -215,8 +202,6 @@ int decrypt_aes_cbc(const crypto_element_s *ce, const raw_buffer_s *encrypted_da
 	raw_buffer_s *data = NULL;
 	int ret = WAE_ERROR_NONE;
 
-	_initialize();
-
 	WAE_SLOGI("Decryption Started. size=%zu", encrypted_data->size);
 
 	/* check input paramter */
diff --git a/srcs/decrypt_migrated_wgt.c b/srcs/decrypt_migrated_wgt.c
index 6dbc627..8d4bc29 100644
--- a/srcs/decrypt_migrated_wgt.c
+++ b/srcs/decrypt_migrated_wgt.c
@@ -113,34 +113,36 @@ static int _decrypt(const crypto_element_s *ce, const raw_buffer_s *data,
 	int in_len = data->size;
 	int out_len = 0;
 	int final_len = 0;
+	int ret = WAE_ERROR_NONE;
 
 	raw_buffer_s *decrypted = buffer_create(
-			(in_len / algo->block_size + 1) * algo->block_size);
+			(in_len / EVP_CIPHER_block_size(algo) + 1) * EVP_CIPHER_block_size(algo));
 
 	if (decrypted == NULL)
 		return WAE_ERROR_MEMORY;
 
-	EVP_CIPHER_CTX ctx;
-	EVP_CIPHER_CTX_init(&ctx);
-
-	int ret = WAE_ERROR_NONE;
+	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+	if (!ctx) {
+		ret = WAE_ERROR_MEMORY;
+		goto error;
+	}
 
-	if (EVP_CipherInit(&ctx, algo, ce->dek->buf, ce->iv->buf, 0) != 1) {
+	if (EVP_CipherInit(ctx, algo, ce->dek->buf, ce->iv->buf, 0) != 1) {
 		ret = WAE_ERROR_CRYPTO;
 		goto error;
 	}
 
-	if (EVP_CIPHER_CTX_set_padding(&ctx, 1) != 1) {
+	if (EVP_CIPHER_CTX_set_padding(ctx, 1) != 1) {
 		ret = WAE_ERROR_CRYPTO;
 		goto error;
 	}
 
-	if (EVP_CipherUpdate(&ctx, decrypted->buf, &out_len, data->buf, in_len) != 1) {
+	if (EVP_CipherUpdate(ctx, decrypted->buf, &out_len, data->buf, in_len) != 1) {
 		ret = WAE_ERROR_CRYPTO;
 		goto error;
 	}
 
-	if (EVP_CipherFinal(&ctx, decrypted->buf + out_len, &final_len) != 1) {
+	if (EVP_CipherFinal(ctx, decrypted->buf + out_len, &final_len) != 1) {
 		ret = WAE_ERROR_CRYPTO;
 		goto error;
 	}
@@ -150,7 +152,7 @@ static int _decrypt(const crypto_element_s *ce, const raw_buffer_s *data,
 	*pdecrypted = decrypted;
 
 error:
-	EVP_CIPHER_CTX_cleanup(&ctx);
+	EVP_CIPHER_CTX_free(ctx);
 
 	if (ret != WAE_ERROR_NONE)
 		buffer_destroy(decrypted);