From 3f20e26f92a869ab3b19753883206df004c7d4dc Mon Sep 17 00:00:00 2001
From: Jan Kolarik <jkolarik@redhat.com>
Date: Mon, 26 Sep 2022 16:29:44 +0000
Subject: [PATCH] Move OpenSSL functions to use 3.0 compatible API.

Also fixing the clone and cleanup functions.
---
 src/chksum.c | 132 +++++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 106 insertions(+), 26 deletions(-)

diff --git a/src/chksum.c b/src/chksum.c
index 9189b744..b5c3370a 100644
--- a/src/chksum.c
+++ b/src/chksum.c
@@ -17,31 +17,38 @@
 
 #ifdef WITH_OPENSSL
 
-#include <openssl/md5.h>
-#include <openssl/sha.h>
-
-typedef SHA_CTX SHA1_CTX;
-typedef SHA256_CTX SHA224_CTX;
-typedef SHA512_CTX SHA384_CTX;
-
-#define solv_MD5_Init(ctx) MD5_Init(ctx)
-#define solv_MD5_Update(ctx, data, len) MD5_Update(ctx, data, len)
-#define solv_MD5_Final(md, ctx) MD5_Final(md, ctx)
-#define solv_SHA1_Init(ctx) SHA1_Init(ctx)
-#define solv_SHA1_Update(ctx, data, len) SHA1_Update(ctx, data, len)
-#define solv_SHA1_Final(ctx, md) SHA1_Final(md, ctx)
-#define solv_SHA224_Init(ctx) SHA224_Init(ctx)
-#define solv_SHA224_Update(ctx, data, len) SHA224_Update(ctx, data, len)
-#define solv_SHA224_Final(md, ctx) SHA224_Final(md, ctx)
-#define solv_SHA256_Init(ctx) SHA256_Init(ctx)
-#define solv_SHA256_Update(ctx, data, len) SHA256_Update(ctx, data, len)
-#define solv_SHA256_Final(md, ctx) SHA256_Final(md, ctx)
-#define solv_SHA384_Init(ctx) SHA384_Init(ctx)
-#define solv_SHA384_Update(ctx, data, len) SHA384_Update(ctx, data, len)
-#define solv_SHA384_Final(md, ctx) SHA384_Final(md, ctx)
-#define solv_SHA512_Init(ctx) SHA512_Init(ctx)
-#define solv_SHA512_Update(ctx, data, len) SHA512_Update(ctx, data, len)
-#define solv_SHA512_Final(md, ctx) SHA512_Final(md, ctx)
+#include <openssl/evp.h>
+
+typedef EVP_MD_CTX* MD5_CTX;
+typedef EVP_MD_CTX* SHA1_CTX;
+typedef EVP_MD_CTX* SHA224_CTX;
+typedef EVP_MD_CTX* SHA256_CTX;
+typedef EVP_MD_CTX* SHA384_CTX;
+typedef EVP_MD_CTX* SHA512_CTX;
+
+#define solv_MD5_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_md5(), NULL); }
+#define solv_MD5_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
+#define solv_MD5_Final(md, ctx) EVP_DigestFinal_ex(*ctx, md, NULL)
+
+#define solv_SHA1_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_sha1(), NULL); }
+#define solv_SHA1_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
+#define solv_SHA1_Final(ctx, md) EVP_DigestFinal_ex(*ctx, md, NULL)
+
+#define solv_SHA224_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_sha224(), NULL); }
+#define solv_SHA224_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
+#define solv_SHA224_Final(md, ctx) EVP_DigestFinal_ex(*ctx, md, NULL)
+
+#define solv_SHA256_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_sha256(), NULL); }
+#define solv_SHA256_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
+#define solv_SHA256_Final(md, ctx) EVP_DigestFinal_ex(*ctx, md, NULL)
+
+#define solv_SHA384_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_sha384(), NULL); }
+#define solv_SHA384_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
+#define solv_SHA384_Final(md, ctx) EVP_DigestFinal_ex(*ctx, md, NULL)
+
+#define solv_SHA512_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_sha512(), NULL); }
+#define solv_SHA512_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
+#define solv_SHA512_Final(md, ctx) EVP_DigestFinal_ex(*ctx, md, NULL)
 
 #else
 
@@ -69,6 +76,72 @@ struct s_Chksum {
   } c;
 };
 
+#ifdef WITH_OPENSSL
+
+void
+openssl_ctx_copy(Chksum *chk_out, Chksum *chk_in)
+{
+  switch(chk_in->type)
+    {
+    case REPOKEY_TYPE_MD5:
+      chk_out->c.md5 = EVP_MD_CTX_new();
+      EVP_MD_CTX_copy_ex(chk_out->c.md5, chk_in->c.md5);
+      return;
+    case REPOKEY_TYPE_SHA1:
+      chk_out->c.sha1 = EVP_MD_CTX_new();
+      EVP_MD_CTX_copy_ex(chk_out->c.sha1, chk_in->c.sha1);
+      return;
+    case REPOKEY_TYPE_SHA224:
+      chk_out->c.sha224 = EVP_MD_CTX_new();
+      EVP_MD_CTX_copy_ex(chk_out->c.sha224, chk_in->c.sha224);
+      return;
+    case REPOKEY_TYPE_SHA256:
+      chk_out->c.sha256 = EVP_MD_CTX_new();
+      EVP_MD_CTX_copy_ex(chk_out->c.sha256, chk_in->c.sha256);
+      return;
+    case REPOKEY_TYPE_SHA384:
+      chk_out->c.sha384 = EVP_MD_CTX_new();
+      EVP_MD_CTX_copy_ex(chk_out->c.sha384, chk_in->c.sha384);
+      return;
+    case REPOKEY_TYPE_SHA512:
+      chk_out->c.sha512 = EVP_MD_CTX_new();
+      EVP_MD_CTX_copy_ex(chk_out->c.sha512, chk_in->c.sha512);
+      return;
+    default:
+      return;
+    }
+}
+
+void
+openssl_ctx_free(Chksum *chk)
+{
+  switch(chk->type)
+    {
+    case REPOKEY_TYPE_MD5:
+      EVP_MD_CTX_free(chk->c.md5);
+      return;
+    case REPOKEY_TYPE_SHA1:
+      EVP_MD_CTX_free(chk->c.sha1);
+      return;
+    case REPOKEY_TYPE_SHA224:
+      EVP_MD_CTX_free(chk->c.sha224);
+      return;
+    case REPOKEY_TYPE_SHA256:
+      EVP_MD_CTX_free(chk->c.sha256);
+      return;
+    case REPOKEY_TYPE_SHA384:
+      EVP_MD_CTX_free(chk->c.sha384);
+      return;
+    case REPOKEY_TYPE_SHA512:
+      EVP_MD_CTX_free(chk->c.sha512);
+      return;
+    default:
+      return;
+    }
+}
+
+#endif
+
 Chksum *
 solv_chksum_create(Id type)
 {
@@ -105,7 +178,11 @@ solv_chksum_create(Id type)
 Chksum *
 solv_chksum_create_clone(Chksum *chk)
 {
-  return solv_memdup(chk, sizeof(*chk));
+  Chksum *chk_clone = solv_memdup(chk, sizeof(*chk));
+#ifdef WITH_OPENSSL
+  openssl_ctx_copy(chk_clone, chk);
+#endif
+  return chk_clone;
 }
 
 int
@@ -291,6 +368,9 @@ solv_chksum_free(Chksum *chk, unsigned char *cp)
       if (l && res)
         memcpy(cp, res, l);
     }
+#ifdef WITH_OPENSSL
+  openssl_ctx_free(chk);
+#endif
   solv_free(chk);
   return 0;
 }
-- 
2.37.3