Issue 28: Fix integration issue with OpenSSL 1.1.1l (#37)

Author: ericeberry

CMakeLists.txt

@@ -106,6 +106,8 @@ set_target_properties(sec_api PROPERTIES
         VERSION 2.3.2.26
         )
 
+target_compile_options(sec_api PRIVATE -Wno-deprecated-declarations)
+
 target_link_libraries(sec_api
         PRIVATE
         ${SACLIENT_LIBRARY}
@@ -148,6 +150,8 @@ target_include_directories(sec_api_2_adapter_test
         test/openssl/headers
         )
 
+target_compile_options(sec_api_2_adapter_test PRIVATE -Wno-deprecated-declarations)
+
 target_link_libraries(sec_api_2_adapter_test
         PRIVATE
         sec_api

src/sec_adapter_engine.c

@@ -21,6 +21,7 @@
 #include <pthread.h>
 
 #define SECAPI_ENGINE_ID "securityapi"
+#define OPENSSL_ENGINE_ID "openssl"
 
 static SEC_BOOL g_sec_openssl_inited = SEC_FALSE;
 
@@ -276,6 +277,7 @@ void Sec_InitOpenSSL() {
             ENGINE_set_default(engine, ENGINE_METHOD_ALL);
             ENGINE_free(engine);
         }
+
         ENGINE_load_securityapi();
 
         if (atexit(Sec_ShutdownOpenSSL) != 0) {
@@ -297,9 +299,8 @@ void Sec_PrintOpenSSLVersion() {
 RSA* SecKey_ToEngineRSA(Sec_KeyHandle* keyHandle) {
     Sec_RSARawPublicKey pubKey;
     RSA* rsa = NULL;
-    ENGINE* engine = NULL;
 
-    engine = ENGINE_by_id(SECAPI_ENGINE_ID);
+    ENGINE* engine = ENGINE_by_id(SECAPI_ENGINE_ID);
     if (engine == NULL) {
         SEC_LOG_ERROR("ENGINE_by_id failed");
         return NULL;
@@ -334,9 +335,8 @@ RSA* SecKey_ToEngineRSA(Sec_KeyHandle* keyHandle) {
 RSA* SecKey_ToEngineRSAWithCert(Sec_KeyHandle* keyHandle, Sec_CertificateHandle* certificateHandle) {
     Sec_RSARawPublicKey pubKey;
     RSA* rsa = NULL;
-    ENGINE* engine = NULL;
 
-    engine = ENGINE_by_id(SECAPI_ENGINE_ID);
+    ENGINE* engine = ENGINE_by_id(SECAPI_ENGINE_ID);
     if (engine == NULL) {
         SEC_LOG_ERROR("ENGINE_by_id failed");
         return NULL;

test/main/cpp/exchange.cpp

@@ -393,7 +393,12 @@ static Sec_Result hkdf(SEC_BYTE* key, SEC_SIZE key_len, SEC_BYTE* out, const SEC
         return SEC_RESULT_FAILURE;
     }
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000
+    if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, reinterpret_cast<const unsigned char*>(use_salt ? "salt" : nullptr),
+                use_salt ? 4 : 0) <= 0) {
+#else
     if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, use_salt ? "salt" : nullptr, use_salt ? 4 : 0) <= 0) {
+#endif
         EVP_PKEY_CTX_free(pctx);
         return SEC_RESULT_FAILURE;
     }
@@ -403,7 +408,11 @@ static Sec_Result hkdf(SEC_BYTE* key, SEC_SIZE key_len, SEC_BYTE* out, const SEC
         return SEC_RESULT_FAILURE;
     }
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000
+    if (EVP_PKEY_CTX_add1_hkdf_info(pctx, reinterpret_cast<const unsigned char*>("label"), 5) <= 0) {
+#else
     if (EVP_PKEY_CTX_add1_hkdf_info(pctx, "label", 5) <= 0) {
+#endif
         EVP_PKEY_CTX_free(pctx);
         return SEC_RESULT_FAILURE;
     }