1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
From 2d94a152dd36543d2a713f1abe20717fdaafae0a Mon Sep 17 00:00:00 2001
From: Frank Morgner <frankmorgner@gmail.com>
Date: Sat, 18 Dec 2021 00:15:04 +0100
Subject: [PATCH] added basic compatibility with OpenSSL 3.0
deprecated warnings are not handled for now
fixes https://github.com/frankmorgner/openpace/issues/53
---
src/eac/cv_cert.h | 6 +++++-
src/eac_util.c | 14 ++++++++++++++
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/src/eac/cv_cert.h b/src/eac/cv_cert.h
index f8c6565..595eb9c 100644
--- a/src/eac/cv_cert.h
+++ b/src/eac/cv_cert.h
@@ -341,7 +341,11 @@ CVC_CERT *CVC_d2i_CVC_CERT(CVC_CERT **cert, const unsigned char **in, long len);
* @return Number of bytes successfully encoded or a negative value if an
* error occured.
*/
-int i2d_CVC_CERT(CVC_CERT *a, unsigned char **out);
+int i2d_CVC_CERT(
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ const
+#endif
+ CVC_CERT *a, unsigned char **out);
/**
* @brief Duplicate a CV certificate
diff --git a/src/eac_util.c b/src/eac_util.c
index e87293c..6e518e0 100644
--- a/src/eac_util.c
+++ b/src/eac_util.c
@@ -321,6 +321,8 @@ randb(int numbytes)
return NULL;
}
+#include <openssl/provider.h>
+
BUF_MEM *
retail_mac_des(const BUF_MEM * key, const BUF_MEM * in)
{
@@ -331,6 +333,11 @@ retail_mac_des(const BUF_MEM * key, const BUF_MEM * in)
check(key, "Invalid arguments");
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ OSSL_PROVIDER *legacy;
+ legacy = OSSL_PROVIDER_load(NULL, "legacy");
+#endif
+
len = EVP_CIPHER_block_size(EVP_des_cbc());
check(key->length >= 2*len, "Key too short");
@@ -369,6 +376,9 @@ retail_mac_des(const BUF_MEM * key, const BUF_MEM * in)
BUF_MEM_free(c_tmp);
BUF_MEM_free(d_tmp);
EVP_CIPHER_CTX_free(ctx);
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ OSSL_PROVIDER_unload(legacy);
+#endif
return mac;
@@ -381,6 +391,10 @@ retail_mac_des(const BUF_MEM * key, const BUF_MEM * in)
BUF_MEM_free(d_tmp);
if (ctx)
EVP_CIPHER_CTX_free(ctx);
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ if (legacy)
+ OSSL_PROVIDER_unload(legacy);
+#endif
return NULL;
}
|
