From 3ec5f6bcc3fec8c6f5cd3227b364d1f5ff26e85b Mon Sep 17 00:00:00 2001 From: Alan Coopersmith Date: Sun, 21 Sep 2025 10:48:00 -0700 Subject: [PATCH] os: Use EVP APIs when building with OpenSSL 3 Avoids deprecation warnings for old SHA1 APIs in OpenSSL 3.0 and later Closes: #1845 Signed-off-by: Alan Coopersmith Part-of: --- COPYING | 2 +- os/xsha1.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 53 insertions(+), 3 deletions(-) diff --git a/COPYING b/COPYING index abf13c2e3..becc98987 100644 --- a/COPYING +++ b/COPYING @@ -16,7 +16,7 @@ Copyright © 2006 Nokia Corporation Copyright © 2006-2008 Peter Hutterer Copyright © 2006 Adam Jackson Copyright © 2009-2010 NVIDIA Corporation -Copyright © 1987, 2003-2006, 2008-2010 Oracle and/or its affiliates. +Copyright © 1987, 2003-2006, 2008-2010, 2025 Oracle and/or its affiliates. Copyright © 1999 Keith Packard Copyright © 2007-2009 Red Hat, Inc. Copyright © 2005-2008 Daniel Stone diff --git a/os/xsha1.c b/os/xsha1.c index a1a2448af..f2a6ba0af 100644 --- a/os/xsha1.c +++ b/os/xsha1.c @@ -1,7 +1,10 @@ -/* Copyright © 2007 Carl Worth +/* SPDX-License-Identifier: MIT + * + * Copyright © 2007 Carl Worth * Copyright © 2009 Jeremy Huddleston, Julien Cristau, and Matthieu Herrb * Copyright © 2009-2010 Mikhail Gusarov * Copyright © 2012 Yaakov Selkowitz and Keith Packard + * Copyright (c) 2025, Oracle and/or its affiliates. * * Permission is hereby granted, free of charge, to any person obtaining a * copy of this software and associated documentation files (the "Software"), @@ -13,7 +16,7 @@ * The above copyright notice and this permission notice (including the next * paragraph) shall be included in all copies or substantial portions of the * Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL @@ -254,13 +257,43 @@ x_sha1_final(void *ctx, unsigned char result[20]) #else /* Use OpenSSL's libcrypto */ +#include +#if OPENSSL_VERSION_MAJOR >= 3 +#define USE_EVP +#endif + +#ifdef USE_EVP +#include +#else #include /* buggy openssl/sha.h wants size_t */ #include +#endif + +#ifdef USE_EVP +static EVP_MD *sha1 = NULL; +#endif void * x_sha1_init(void) { int ret; +#ifdef USE_EVP + EVP_MD_CTX *ctx; + + if (sha1 == NULL) { + sha1 = EVP_MD_fetch(NULL, "SHA1", NULL); + if (sha1 == NULL) + return NULL; + } + ctx = EVP_MD_CTX_new(); + if (ctx == NULL) + return NULL; + ret = EVP_DigestInit_ex2(ctx, sha1, NULL); + if (!ret) { + EVP_MD_CTX_free(ctx); + return NULL; + } +#else SHA_CTX *ctx = malloc(sizeof(*ctx)); if (!ctx) @@ -270,6 +303,7 @@ x_sha1_init(void) free(ctx); return NULL; } +#endif return ctx; } @@ -277,11 +311,19 @@ int x_sha1_update(void *ctx, void *data, int size) { int ret; +#ifdef USE_EVP + EVP_MD_CTX *sha_ctx = ctx; + + ret = EVP_DigestUpdate(sha_ctx, data, size); + if (!ret) + EVP_MD_CTX_free(sha_ctx); +#else SHA_CTX *sha_ctx = ctx; ret = SHA1_Update(sha_ctx, data, size); if (!ret) free(sha_ctx); +#endif return ret; } @@ -289,10 +331,18 @@ int x_sha1_final(void *ctx, unsigned char result[20]) { int ret; +#ifdef USE_EVP + EVP_MD_CTX *sha_ctx = ctx; + unsigned int result_len = 20; /* size of result buffer */ + + ret = EVP_DigestFinal_ex(sha_ctx, result, &result_len); + EVP_MD_CTX_free(sha_ctx); +#else SHA_CTX *sha_ctx = ctx; ret = SHA1_Final(result, sha_ctx); free(sha_ctx); +#endif return ret; }