From 4f00e3556ada2892c0f92baa34d6e999aa6694cc Mon Sep 17 00:00:00 2001 From: orbea Date: Sat, 15 Apr 2023 09:02:24 -0700 Subject: [PATCH] src: Check if NID_sm2 is defined The NID_sm2 algorithm is not currently supported by LibreSSL which causes build failures. However instead of checking the OpenSSL version number it is possible to just check if NID_sm2 is defined instead. This way it will be automatically enabled when LibreSSL does support it and disabled in the event the OpenSSL stops supporting it. LibreSSL issue: https://github.com/libressl/portable/issues/841 Signed-off-by: orbea --- src/tss2-esys/esys_crypto_ossl.c | 2 +- src/tss2-fapi/fapi_crypto.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/tss2-esys/esys_crypto_ossl.c b/src/tss2-esys/esys_crypto_ossl.c index a92ecc46f..92b48b11c 100644 --- a/src/tss2-esys/esys_crypto_ossl.c +++ b/src/tss2-esys/esys_crypto_ossl.c @@ -919,7 +919,7 @@ iesys_cryptossl_get_ecdh_point(TPM2B_PUBLIC *key, curveId = NID_secp521r1; key_size = 66; break; -#if OPENSSL_VERSION_NUMBER >= 0x10101000L +#ifdef NID_sm2 case TPM2_ECC_SM2_P256: curveId = NID_sm2; key_size = 32; diff --git a/src/tss2-fapi/fapi_crypto.c b/src/tss2-fapi/fapi_crypto.c index 3f11b3d64..37573aceb 100644 --- a/src/tss2-fapi/fapi_crypto.c +++ b/src/tss2-fapi/fapi_crypto.c @@ -544,7 +544,7 @@ ossl_ecc_pub_from_tpm(const TPM2B_PUBLIC *tpmPublicKey, EVP_PKEY **evpPublicKey) case TPM2_ECC_NIST_P521: curveId = NID_secp521r1; break; -#if OPENSSL_VERSION_NUMBER >= 0x10101000L +#ifdef NID_sm2 case TPM2_ECC_SM2_P256: curveId = NID_sm2; break; @@ -1195,7 +1195,7 @@ get_ecc_tpm2b_public_from_evp( case NID_secp521r1: tpmCurveId = TPM2_ECC_NIST_P521; break; -#if OPENSSL_VERSION_NUMBER >= 0x10101000L +#ifdef NID_sm2 case NID_sm2: tpmCurveId = TPM2_ECC_SM2_P256; break;