Remove OpenSSL version check if it does not cause compilation error

Yubico · Jan 24, 2024 · e0b6b69 · e0b6b69
1 parent c620c41
commit e0b6b69
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 25 deletions.
diff --git a/common/util.c b/common/util.c
@@ -111,12 +111,10 @@ unsigned char get_algorithm(EVP_PKEY *key) {
           return 0;
         }
       }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     case EVP_PKEY_ED25519:
       return YKPIV_ALGO_ED25519;
     case EVP_PKEY_X25519:
       return YKPIV_ALGO_X25519;
-#endif
     default:
       fprintf(stderr, "Unknown algorithm %d.\n", type);
       return 0;
@@ -526,12 +524,10 @@ int get_hashnid(enum enum_hash hash, unsigned char algorithm) {
         default:
           return 0;
       }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     case YKPIV_ALGO_ED25519:
       return  NID_ED25519;
     case YKPIV_ALGO_X25519:
       return NID_X25519;
-#endif
     default:
       return 0;
   }
@@ -551,12 +547,10 @@ unsigned char get_piv_algorithm(enum enum_algorithm algorithm) {
       return YKPIV_ALGO_ECCP256;
     case algorithm_arg_ECCP384:
       return YKPIV_ALGO_ECCP384;
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     case algorithm_arg_ED25519:
       return YKPIV_ALGO_ED25519;
     case algorithm_arg_X25519:
       return YKPIV_ALGO_X25519;
-#endif
     case algorithm__NULL:
     default:
       return 0;

diff --git a/lib/util.c b/lib/util.c
@@ -816,10 +816,8 @@ ykpiv_rc ykpiv_util_generate_key(ykpiv_state *state, uint8_t slot, uint8_t algor
 
   case YKPIV_ALGO_ECCP256:
   case YKPIV_ALGO_ECCP384:
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   case YKPIV_ALGO_ED25519:
   case YKPIV_ALGO_X25519:
-#endif
     if (!point || !point_len) {
       DBG("Invalid output parameter for ECC algorithm");
       return YKPIV_ARGUMENT_ERROR;
@@ -944,10 +942,8 @@ ykpiv_rc ykpiv_util_generate_key(ykpiv_state *state, uint8_t slot, uint8_t algor
       len = CB_ECC_POINTP256;
     } else if (YKPIV_ALGO_ECCP384 == algorithm) {
       len = CB_ECC_POINTP384;
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     } else if (YKPIV_IS_25519(algorithm)) {
       len = CB_ECC_POINT25519;
-#endif
     }
 
     if (*data_ptr++ != TAG_ECC_POINT) {

diff --git a/lib/ykpiv.c b/lib/ykpiv.c
@@ -1223,10 +1223,8 @@ static ykpiv_rc _general_authenticate(ykpiv_state *state,
       }
       break;
     case YKPIV_ALGO_ECCP256:
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     case YKPIV_ALGO_ED25519:
     case YKPIV_ALGO_X25519:
-#endif
       key_len = 32;
       // fall through
     case YKPIV_ALGO_ECCP384:
@@ -1924,12 +1922,16 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
     switch (algorithm) {
       case YKPIV_ALGO_RSA1024:
         elem_len = 64;
+        break;
       case YKPIV_ALGO_RSA2048:
         elem_len = 128;
+        break;
       case YKPIV_ALGO_RSA3072:
         elem_len = 192;
+        break;
       case YKPIV_ALGO_RSA4096:
-      elem_len = 256;
+        elem_len = 256;
+        break;
     }
 
     if (p == NULL || q == NULL || dp == NULL ||
@@ -1970,7 +1972,6 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
     param_tag = 0x06;
     n_params = 1;
   }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   else if (YKPIV_IS_25519(algorithm)) {
     elem_len = 32;
     if (ec_data == NULL)
@@ -1985,7 +1986,6 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
     }
     n_params = 1;
   }
-#endif
   else
     return YKPIV_ALGORITHM_ERROR;
 

diff --git a/tool/yubico-piv-tool.c b/tool/yubico-piv-tool.c
@@ -941,16 +941,12 @@ static bool request_certificate(ykpiv_state *state, enum enum_key_format key_for
   if(algorithm == 0) {
     goto request_out;
   }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   if (!YKPIV_IS_25519(algorithm)) {
-#endif
     md = get_hash(hash, &oid, &oid_len);
     if (md == NULL) {
       goto request_out;
     }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   }
-#endif
 
   if(!X509_REQ_set_pubkey(req, public_key)) {
     fprintf(stderr, "Failed setting the request public key.\n");
@@ -1155,16 +1151,12 @@ static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_fo
   size_t oid_len = 0;
   const unsigned char *oid = 0;
   const EVP_MD *md = NULL;
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   if (!YKPIV_IS_25519(algorithm)) {
-#endif
     md = get_hash(hash, &oid, &oid_len);
     if (md == NULL) {
       goto selfsign_out;
     }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   }
-#endif
   x509 = X509_new();
   if(!x509) {
     fprintf(stderr, "Failed to allocate certificate structure.\n");
@@ -1687,14 +1679,12 @@ static void print_cert_info(ykpiv_state *state, enum enum_slot slot, const EVP_M
     case YKPIV_ALGO_ECCP384:
       fprintf(output, "ECCP384\n");
       break;
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     case YKPIV_ALGO_ED25519:
       fprintf(output, "ED25519\n");
       break;
     case YKPIV_ALGO_X25519:
       fprintf(output, "X25519\n");
       break;
-#endif
     default:
       fprintf(output, "Unknown\n");
   }