cgo starts exiting when pkg-config doesn't work, so limit calling
pkg-config to linux and windows.
we also need to specify -lssl and -lcrypto in the linker flags
when we don't have pkg-config
- created a uniform shim layer for the Go code to invoke that does the
right thing depending on the version of openssl. functions that have
yet to be moved can be done so as needed.
- fixed the incorrect use of X509_STORE_CTX_get_app_data in verify_cb to
pull out the SSL object from the x509 store context, which causes
crashes when the SSL object index happens to not be zero.
- fix engine not being passed to HMAC_Init_ex
- fix HMAC tests not checking for failures with NewHMAC
Resolves#35
Author: Scott Kidder <skidder@brightcove.com>
Date: Fri May 22 10:41:35 2015 -0700
First commit of HMAC functions
Renamed HMAC Update function to Write
Eliminate debug logging
Compare the HMAC result
Call Reset function in Final return statement
the signature for the X509_check_host function takes
a char **peername, and our vendored hostname code does
not have this argument. hilarity ensues!!
so since we never use it, just have our vendored code
ignore it.
Change-Id: I4fdf0a4cd43738e4cc7261e4e2d16a9deef1ac82
On Fedora 23, the build fails like this:
go build
# github.com/spacemonkeygo/openssl
/usr/bin/ld: $WORK/github.com/spacemonkeygo/openssl/_obj/cert.cgo2.o: undefined reference to symbol 'EVP_dss1@@libcrypto.so.10'
/usr/lib64/libcrypto.so.10: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
Adding "libcrypto" to the linker flags fixes the issue.
in later openssl, the key param in EVP_PKEY_assign changed from char* to
void*. causes this error:
../github.com/spacemonkeygo/openssl/key.go:324: cannot use
(*C.char)(unsafe.Pointer(rsa)) (type *C.char) as type unsafe.Pointer in
argument to _Cfunc_EVP_PKEY_assign
As pointed out by ishbir in issue 24, the applyKeyAndIV function was
incorrectly always using EVP_EncryptInit_ex(), even when the underlying
context being initialized was for a decryption.
This change causes it to select the right initializer based on the
"encrypt" field in the EVP_CIPHER_CTX. A test is also added which
verifies a fix.
Closes#24.
