[openssl-dev] [openssl.org #4589] simplifying writing code that is 1.0.x and 1.1.x compatible
Thomas Waldmann via RT
rt at openssl.org
Sat Jun 25 18:20:23 UTC 2016
Hi,
at borgbackup project, we are currently trying to make it compatible
with OpenSSL 1.0.x and 1.1.x.
For the opaque cipher ctx this worked quite easily like this:
https://github.com/borgbackup/borg/pull/1193/files#diff-85ee6ebe1cdcfd4a4699c3913d519b27R23
I could not have a cipher ctx structure as a instance variable, but a
pointer to one worked. I am just computing the current IV myself, so I
do not need to reach into the ctx (I need to do that anyway to support
gcm mode).
I used EVP_CIPHER_CTX_new/free() - although not in the man page, they
are there since 0.98 (and the wiki examples use them, too).
Solved.
In borgbackup 1.2, we will also need the flexible (not single-call)
interface to HMAC and I could get it working using the same method as
above (using a pointer and the new/free functions - we do not access
into hmac ctx here, so it is even simpler).
But: HMAC_CTX_{new/free} are not available on 1.0.x. :-(
So my question / request: could these functions be added to a future
update, like 1.0.2i, to simplify migration / portability of code?
I suspect that these 2 functions are very simple to backport from 1.1 to
1.0.x.
Cheers,
Thomas
--
GPG ID: FAF7B393
GPG FP: 6D5B EF9A DD20 7580 5747 B70F 9F88 FB52 FAF7 B393
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4589
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list