From e0b6b694477dc9d6497727f8833a722be12e8b24 Mon Sep 17 00:00:00 2001
From: Aveen Ismail <aveen.ismail@yubico.com>
Date: Wed, 24 Jan 2024 13:48:04 +0100
Subject: [PATCH] Remove OpenSSL version check if it does not cause compilation
 error

---
 common/util.c          |  6 ------
 lib/util.c             |  4 ----
 lib/ykpiv.c            | 10 +++++-----
 tool/yubico-piv-tool.c | 10 ----------
 4 files changed, 5 insertions(+), 25 deletions(-)

diff --git a/common/util.c b/common/util.c
index 1a1ce45b..ed3b9f64 100644
--- a/common/util.c
+++ b/common/util.c
@@ -111,12 +111,10 @@ unsigned char get_algorithm(EVP_PKEY *key) {
           return 0;
         }
       }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     case EVP_PKEY_ED25519:
       return YKPIV_ALGO_ED25519;
     case EVP_PKEY_X25519:
       return YKPIV_ALGO_X25519;
-#endif
     default:
       fprintf(stderr, "Unknown algorithm %d.\n", type);
       return 0;
@@ -526,12 +524,10 @@ int get_hashnid(enum enum_hash hash, unsigned char algorithm) {
         default:
           return 0;
       }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     case YKPIV_ALGO_ED25519:
       return  NID_ED25519;
     case YKPIV_ALGO_X25519:
       return NID_X25519;
-#endif
     default:
       return 0;
   }
@@ -551,12 +547,10 @@ unsigned char get_piv_algorithm(enum enum_algorithm algorithm) {
       return YKPIV_ALGO_ECCP256;
     case algorithm_arg_ECCP384:
       return YKPIV_ALGO_ECCP384;
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     case algorithm_arg_ED25519:
       return YKPIV_ALGO_ED25519;
     case algorithm_arg_X25519:
       return YKPIV_ALGO_X25519;
-#endif
     case algorithm__NULL:
     default:
       return 0;
diff --git a/lib/util.c b/lib/util.c
index da02222e..fc16b11f 100644
--- a/lib/util.c
+++ b/lib/util.c
@@ -816,10 +816,8 @@ ykpiv_rc ykpiv_util_generate_key(ykpiv_state *state, uint8_t slot, uint8_t algor
 
   case YKPIV_ALGO_ECCP256:
   case YKPIV_ALGO_ECCP384:
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   case YKPIV_ALGO_ED25519:
   case YKPIV_ALGO_X25519:
-#endif
     if (!point || !point_len) {
       DBG("Invalid output parameter for ECC algorithm");
       return YKPIV_ARGUMENT_ERROR;
@@ -944,10 +942,8 @@ ykpiv_rc ykpiv_util_generate_key(ykpiv_state *state, uint8_t slot, uint8_t algor
       len = CB_ECC_POINTP256;
     } else if (YKPIV_ALGO_ECCP384 == algorithm) {
       len = CB_ECC_POINTP384;
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     } else if (YKPIV_IS_25519(algorithm)) {
       len = CB_ECC_POINT25519;
-#endif
     }
 
     if (*data_ptr++ != TAG_ECC_POINT) {
diff --git a/lib/ykpiv.c b/lib/ykpiv.c
index 727b6b29..5ac55ffc 100644
--- a/lib/ykpiv.c
+++ b/lib/ykpiv.c
@@ -1223,10 +1223,8 @@ static ykpiv_rc _general_authenticate(ykpiv_state *state,
       }
       break;
     case YKPIV_ALGO_ECCP256:
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     case YKPIV_ALGO_ED25519:
     case YKPIV_ALGO_X25519:
-#endif
       key_len = 32;
       // fall through
     case YKPIV_ALGO_ECCP384:
@@ -1924,12 +1922,16 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
     switch (algorithm) {
       case YKPIV_ALGO_RSA1024:
         elem_len = 64;
+        break;
       case YKPIV_ALGO_RSA2048:
         elem_len = 128;
+        break;
       case YKPIV_ALGO_RSA3072:
         elem_len = 192;
+        break;
       case YKPIV_ALGO_RSA4096:
-      elem_len = 256;
+        elem_len = 256;
+        break;
     }
 
     if (p == NULL || q == NULL || dp == NULL ||
@@ -1970,7 +1972,6 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
     param_tag = 0x06;
     n_params = 1;
   }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   else if (YKPIV_IS_25519(algorithm)) {
     elem_len = 32;
     if (ec_data == NULL)
@@ -1985,7 +1986,6 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
     }
     n_params = 1;
   }
-#endif
   else
     return YKPIV_ALGORITHM_ERROR;
 
diff --git a/tool/yubico-piv-tool.c b/tool/yubico-piv-tool.c
index 43a4dc4c..cb82a3a9 100644
--- a/tool/yubico-piv-tool.c
+++ b/tool/yubico-piv-tool.c
@@ -941,16 +941,12 @@ static bool request_certificate(ykpiv_state *state, enum enum_key_format key_for
   if(algorithm == 0) {
     goto request_out;
   }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   if (!YKPIV_IS_25519(algorithm)) {
-#endif
     md = get_hash(hash, &oid, &oid_len);
     if (md == NULL) {
       goto request_out;
     }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   }
-#endif
 
   if(!X509_REQ_set_pubkey(req, public_key)) {
     fprintf(stderr, "Failed setting the request public key.\n");
@@ -1155,16 +1151,12 @@ static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_fo
   size_t oid_len = 0;
   const unsigned char *oid = 0;
   const EVP_MD *md = NULL;
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   if (!YKPIV_IS_25519(algorithm)) {
-#endif
     md = get_hash(hash, &oid, &oid_len);
     if (md == NULL) {
       goto selfsign_out;
     }
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
   }
-#endif
   x509 = X509_new();
   if(!x509) {
     fprintf(stderr, "Failed to allocate certificate structure.\n");
@@ -1687,14 +1679,12 @@ static void print_cert_info(ykpiv_state *state, enum enum_slot slot, const EVP_M
     case YKPIV_ALGO_ECCP384:
       fprintf(output, "ECCP384\n");
       break;
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
     case YKPIV_ALGO_ED25519:
       fprintf(output, "ED25519\n");
       break;
     case YKPIV_ALGO_X25519:
       fprintf(output, "X25519\n");
       break;
-#endif
     default:
       fprintf(output, "Unknown\n");
   }