Properly apply the OpenSSL version checks

This commit is contained in:
Jakub Jelen
2017-11-14 12:32:23 +01:00
parent 0a131a053d
commit 77c51a7317
4 changed files with 10 additions and 9 deletions
+5 -5
View File
@@ -116,6 +116,7 @@ static bool sign_data(ykpiv_state *state, const unsigned char *in, size_t len, u
return false;
}
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
static int ec_key_ex_data_idx = -1;
struct internal_key {
@@ -148,7 +149,6 @@ yk_ec_meth_sign(int type, const unsigned char *dgst, int dlen,
return 1;
}
#if OPENSSL_VERSION_NUMBER >= 10100000L
static int
wrap_public_key(ykpiv_state *state, int algorithm, EVP_PKEY *public_key,
int key)
@@ -801,7 +801,7 @@ static bool request_certificate(ykpiv_state *state, enum enum_key_format key_for
goto request_out;
}
#if OPENSSL_VERSION_NUMBER < 10100000L
#if OPENSSL_VERSION_NUMBER < 0x10100000L
memcpy(digest, oid, oid_len);
/* XXX: this should probably use X509_REQ_digest() but that's buggy */
if(!ASN1_item_digest(ASN1_ITEM_rptr(X509_REQ_INFO), md, req->req_info,
@@ -864,7 +864,7 @@ request_out:
EVP_PKEY_free(public_key);
}
if(req) {
#if OPENSSL_VERSION_NUMBER < 10100000L
#if OPENSSL_VERSION_NUMBER < 0x10100000L
if(req->sig_alg->parameter) {
req->sig_alg->parameter = NULL;
}
@@ -997,7 +997,7 @@ static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_fo
if(nid == 0) {
goto selfsign_out;
}
#if OPENSSL_VERSION_NUMBER < 10100000L
#if OPENSSL_VERSION_NUMBER < 0x10100000L
if(YKPIV_IS_RSA(algorithm)) {
signinput = digest;
len = oid_len + md_len;
@@ -1054,7 +1054,7 @@ selfsign_out:
fclose(output_file);
}
if(x509) {
#if OPENSSL_VERSION_NUMBER < 10100000L
#if OPENSSL_VERSION_NUMBER < 0x10100000L
if(x509->sig_alg->parameter) {
x509->sig_alg->parameter = NULL;
x509->cert_info->signature->parameter = NULL;