Is there a compatibility mode provided by OS X CommonCrypto for OpenSSL EVP_* calls (like there is for OpenSSL MD5 functions)?
-
29-06-2021 - |
Domanda
Compiling one of my source files on Mac OS X10.7 and getting these deprecation warnings:
xxx_evp.c:135:5: 'EVP_MD_CTX_init' is deprecated
xxx_evp.c:137:9: 'EVP_DigestInit_ex' is deprecated
xxx_evp.c:177:9: 'EVP_DigestUpdate' is deprecated
xxx_evp.c:227:13: 'EVP_DigestFinal_ex' is deprecated
xxx_evp.c:235:5: 'EVP_MD_CTX_cleanup' is deprecated
I had another set of OpenSSL deprecation warnings where I was using MD5 functions from openssl/md5.h
and was able to switch to a CommonCrypto version of the OpenSSL calls like this:
#if defined(__APPLE__)
# define COMMON_DIGEST_FOR_OPENSSL
# include <CommonCrypto/CommonDigest.h>
#else
# include <openssl/md5.h>
#endif
But I can't find anything offhand about any kind of OpenSSL compatibility related to these EVP_*
calls. Is there something similar I can do to get "free" compatibility support on OS X 10.7 for these OpenSSL EVP_*
calls?
Soluzione
I looked in the CommonCrypto headers files in /usr/include/CommonCrypto/
and the only one that notes any OpenSSL compatibility is CommonDigest.h
. When the #define
symbol COMMON_DIGEST_FOR_OPENSSL
is defined before this header file is included your code, then the following classes of OpenSSL functions are mapped to their CommonCrypto equivalents:
MD2_xxx
,MD4_xxx
andMD5_xxx
SHA_xxx
,SHA1_xxx
,SHA224_xxx
,SHA256_xxx
,SHA384_xxx
andSHA512_xxx
There does not appear to be any such mapping of the OpenSSL EVP_xxx functions, at least provided as part of CommonCrypto.
Altri suggerimenti
If you are using any of the MD or SHA hashes you can have OpenSSL compatibility by defining COMMON_DIGEST_FOR_OPENSSL before including CommonDigest.h. So it all depends on the second parameter of your EVP_DigestInit_ex() function call. As an example the Mac App Store signing code that uses SHA1 and 6 "EVP_..." calls can be replaced with the following code:
#define COMMON_DIGEST_FOR_OPENSSL
#include <CommonCrypto/CommonDigest.h>
unsigned char digest[CC_SHA1_DIGEST_LENGTH];
if (CC_SHA1([input bytes], [input length], digest)) {
NSData *newHash = [NSData dataWithBytes:digest length:CC_SHA1_DIGEST_LENGTH];
}