libstb/create-container: avoid using deprecated APIs when compiling with OpenSSL 3.0

OpenSSL 3.0 has deprecated functions that operate on raw key data, however the
closest replacement function are not available in OpenSSL 1.x. This patch
attempts to maintain compatibility with both 3.0 and 1.x versions.

Avoids using the following deprecated functions when compiling with 3.0:
 - EC_KEY_get0_group
 - EC_KEY_get0_public_key
 - EC_POINT_point2bn
 - EC_KEY_free

Signed-off-by: Eric Richter <erichte@linux.ibm.com>
Signed-off-by: Reza Arbab <arbab@linux.ibm.com>

1 files changed, 9 insertions, 1 deletions

diff --git a/libstb/create-container.c b/libstb/create-container.c
index 0c7bf13..4e198da 100644
--- a/libstb/create-container.c
+++ b/libstb/create-container.c
@@ -11,6 +11,9 @@
 #include <openssl/ec.h>
 #include <openssl/ecdsa.h>
 #include <openssl/evp.h>
+#if OPENSSL_VERSION_NUMBER >= 0x30000000
+#include <openssl/core_names.h>
+#endif
 #include <openssl/opensslv.h>
 #include <openssl/ossl_typ.h>
 #include <openssl/pem.h>
@@ -45,7 +48,7 @@ void usage(int status);
 void getPublicKeyRaw(ecc_key_t *pubkeyraw, char *filename)
 {
 	EVP_PKEY* pkey;
-	unsigned char pubkeyData[1 + 2 * EC_COORDBYTES];
+	unsigned char pubkeyData[1 + 2 * EC_COORDBYTES] = {0};
 
 	FILE *fp = fopen(filename, "r");
 	if (!fp)
@@ -64,6 +67,10 @@ void getPublicKeyRaw(ecc_key_t *pubkeyraw, char *filename)
 	}
 
 	if (pkey) {
+#if OPENSSL_VERSION_NUMBER >= 0x30000000
+		size_t sz;
+		EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, pubkeyData, sizeof(pubkeyData), &sz);
+#else
 		EC_KEY *key;
 		const EC_GROUP *ecgrp;
 		const EC_POINT *ecpoint;
@@ -87,6 +94,7 @@ void getPublicKeyRaw(ecc_key_t *pubkeyraw, char *filename)
 
 		BN_free(pubkeyBN);
 		EC_KEY_free(key);
+#endif
 		EVP_PKEY_free(pkey);
 	}
 	else {