search

fireblocks / mpc-lib

GNU General Public License v3.0
147 stars 86 forks source link

SHA256_{Init, Update, Final} are deprecated since OpenSSL 3.0 #4

Open bergkvist opened 8 months ago

bergkvist commented 8 months ago

This causes the build to fail on recent versions of OpenSSL.

make                                                                                                                         (main) 
make[1]: Entering directory '/home/tobias/repos/mpc-lib/src'
make[2]: Entering directory '/home/tobias/repos/mpc-lib/src/common'
CXX  <=  cosigner/cosigner_exception.cpp
cosigner/cmp_setup_service.cpp: In member function ‘void fireblocks::common::cosigner::cmp_setup_service::ack_message(const std::map<long unsigned int, fireblocks::common::cosigner::commitment>&, uint8_t (*)[32])’:
cosigner/cmp_setup_service.cpp:638:16: error: ‘int SHA256_Init(SHA256_CTX*)’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
  638 |     SHA256_Init(&ctx);
      |     ~~~~~~~~~~~^~~~~~
In file included from cosigner/cmp_setup_service.cpp:7:
/usr/include/openssl/sha.h:73:27: note: declared here
   73 | OSSL_DEPRECATEDIN_3_0 int SHA256_Init(SHA256_CTX *c);
      |                           ^~~~~~~~~~~
cosigner/cmp_setup_service.cpp:641:22: error: ‘int SHA256_Update(SHA256_CTX*, const void*, size_t)’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
  641 |         SHA256_Update(&ctx, &i->first, sizeof(uint64_t));
      |         ~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/openssl/sha.h:74:27: note: declared here
   74 | OSSL_DEPRECATEDIN_3_0 int SHA256_Update(SHA256_CTX *c,
      |                           ^~~~~~~~~~~~~
cosigner/cmp_setup_service.cpp:642:22: error: ‘int SHA256_Update(SHA256_CTX*, const void*, size_t)’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
  642 |         SHA256_Update(&ctx, &i->second.data, sizeof(commitments_commitment_t));
      |         ~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/openssl/sha.h:74:27: note: declared here
   74 | OSSL_DEPRECATEDIN_3_0 int SHA256_Update(SHA256_CTX *c,
      |                           ^~~~~~~~~~~~~
cosigner/cmp_setup_service.cpp:644:17: error: ‘int SHA256_Final(unsigned char*, SHA256_CTX*)’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
  644 |     SHA256_Final(*ack, &ctx);
      |     ~~~~~~~~~~~~^~~~~~~~~~~~
/usr/include/openssl/sha.h:76:27: note: declared here
   76 | OSSL_DEPRECATEDIN_3_0 int SHA256_Final(unsigned char *md, SHA256_CTX *c);
      |                           ^~~~~~~~~~~~
cc1plus: all warnings being treated as errors
make[2]: *** [Makefile:46: cosigner/cmp_setup_service.o] Error 1
make[2]: Leaving directory '/home/tobias/repos/mpc-lib/src/common'
make[1]: *** [Makefile:2: all] Error 2
make[1]: Leaving directory '/home/tobias/repos/mpc-lib/src'
make: *** [Makefile:2: all] Error 2

Instead of SHA256_Init, SHA256_Update, SHA256_Final you can use the following interface:

#include <openssl/sha.h>

unsigned char *SHA256(const unsigned char *data, size_t count, unsigned char *md_buf);

Obviously that requires editing some code (it will simplify the code quite a bit).

Another option is to add the following to your CFLAGS:

-Wno-deprecated-declarations
sre3ed commented 7 months ago

on which file? do we need to make changes!.

nadav-fireblocks commented 6 months ago

Yes, this is a known issue, thank you for submitting it.

We'll consider contributions regarding it, and expect it to be resolved in the future when the project formally moves to support higher versions of OpenSSL.

I believe that the changes, when done correctly, may be non-trivial.