Need Help for Code Changes to Upgrade from OpenSSL 1.0.2 to 3.0

Floodeenjr, Thomas thomas_floodeenjr at
Thu Oct 21 12:02:00 UTC 2021

Here are my notes from when we did this project a couple of years ago. It does not match your code exactly, but maybe it helps.


### ALL ###
Follow the porting instructions here:

Especially the section "EVP_CIPHER_CTX became opaque". The changes here will match changes for most classes in OpenSSL.

Most notable:
                -              EVP_CIPHER_CTX  evp;
                +             EVP_CIPHER_CTX  *evp;
Initialization & cleanup:
                -              EVP_CIPHER_CTX_init(&evp);
                +             evp = EVP_CIPHER_CTX_new();
                +             EVP_CIPHER_CTX_free(evp);      /* do not forget to free after usage or error */
Function calling:
                -              EVP_CipherInit(&evp, EVP_des_cbc(), k1, NULL, enc);
                +             EVP_CipherInit(evp, EVP_des_cbc(), k1, NULL, enc);

Note the change to using a pointer instead of directly.

For encoding/decoding, the init() step is still needed.

-    EVP_EncodeInit(&m_evpCtx);
+    m_evpCtx = EVP_ENCODE_CTX_new();
+    EVP_EncodeInit(m_evpCtx);

More changes:

                                X509_EXTENSION *ext = X509_get_ext(peer, i);
                                const unsigned char *data;

                -              data = ext->value->data;
                +             data = ASN1_STRING_get0_data(X509_EXTENSION_get_data(ext));

                -              ext_data = meth->d2i(NULL, &data, ext->value->length);
                +             ext_data = meth->d2i(NULL, &data, ASN1_STRING_length(X509_EXTENSION_get_data(ext)));

xmlsec.h(99): warning C4005: 'XMLSEC_CRYPTO': macro redefinition
* Macro. Deprecated. Defined for backward compatibility only. Do not use
* in your code and use xmlSecGetDefaultCrypto() function instead.
* Returns the default crypto engine.
#define XMLSEC_CRYPTO                          (xmlSecGetDefaultCrypto())

### WINDOWS ###
ws2_32.lib will need to replace wsock32.lib when linking, or be added to link if not there.

ZLIB_WINAPI may be defined with some OSS (like curl), this causes link errors and should be removed.

### LINUX ###
Linux will likely need to link with -lpthread
Some apps may need -lrt

From: openssl-users <openssl-users-bounces at> On Behalf Of Paramashivaiah, Sunil
Sent: Thursday, October 21, 2021 2:49 AM
To: openssl-users at
Subject: Need Help for Code Changes to Upgrade from OpenSSL 1.0.2 to 3.0

Hi All,
         Please let me know how I can replace the below 1.0.2 code to 3.0

    SSL_SESSION data;

    data.ssl_version = sessVersion;
    data.session_id_length= sessIdLen;

    memcpy(data.session_id, sessId,  sessIdLen);

    ret= (SSL_SESSION *)lh_retrieve((_LHASH *)sslCtx->sessions, &data);


Thanks and Regards,

Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list