changes for using openssl 3.0

INSTALL.md

@@ -85,7 +85,7 @@ To start an elevated command prompt in Windows 10, click on the search (magnifyi
 Whether or not you are using git, everything will go easier if you put everything in c:\git.
 
 Getting OpenSSL from github will get you the latest development version of OpenSSL.  However, the cppcryptfs releases are built using the
-current 1.1.1x Long Term Support (LTS) version of OpenSSL (currently openssl-1.1.1n).  These are available from https://www.openssl.org/source/.  To use those, you will need to download
+current 3.0.x Long Term Support (LTS) version of OpenSSL (currently openssl-3.0.10).  These are available from https://www.openssl.org/source/.  To use those, you will need to download
 the .tar.gz and extract it into a directory.  You can build it with the same instructions that follow regardless of how you get OpenSSL.
 
 Microsoft has announced a compiler-based mitigation for one variant of the Spectre vulnerability.  To use it, you need to have version 15.5 or higher of Visual Studio.  To use the mitigation with OpenSSL, you need to add the /Qspectre flag to the compiler optimization flags.  OpenSSL currently does not use this flag.  Also, to be extra safe, add the /guard:cf (Control Flow Guard) flag.  To use these, you need to edit c:\\git\openssl\\Configurations\\10-main.conf and change "/O2" to "/O2 /Qspectre /guard:cf".  

cppcryptfsctl/cppcryptfsctl.rc

@@ -51,8 +51,8 @@ END
 //
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 1,4,4,1
- PRODUCTVERSION 1,4,4,1
+ FILEVERSION 1,4,4,2
+ PRODUCTVERSION 1,4,4,2
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -69,12 +69,12 @@ BEGIN
         BEGIN
             VALUE "CompanyName", "Bailey Brown"
             VALUE "FileDescription", "cppcryptfsctl"
-            VALUE "FileVersion", "1.4.4.1"
+            VALUE "FileVersion", "1.4.4.2"
             VALUE "InternalName", "cppcryptfsctl.exe"
             VALUE "LegalCopyright", "Copyright (C) 2020-2023 Bailey Brown. All rights reserved."
             VALUE "OriginalFilename", "cppcryptfsctl.exe"
             VALUE "ProductName", "cppcryptfsctl"
-            VALUE "ProductVersion", "1.4.4.1"
+            VALUE "ProductVersion", "1.4.4.2"
         END
     END
     BLOCK "VarFileInfo"

libcppcryptfs/crypt/aes.cpp

@@ -73,8 +73,12 @@ void AES::initialize_keys(const unsigned char *key, int keylen /* in bits */,
 	} else
 #endif
 	{
+// low-level AES functions are deprecated in Openssl 3.0
+#pragma warning( push )
+#pragma warning(disable : 4996)
 		AES_set_encrypt_key(key, keylen, encrypt_key);
 		AES_set_decrypt_key(key, keylen, decrypt_key);
+#pragma warning( pop )
 	}
 }
 
@@ -105,7 +109,11 @@ void AES::encrypt(const unsigned char* plain, unsigned char *cipher) const
 	} else
 #endif
 	{
+// low-level AES functions are deprecated in Openssl 3.0
+#pragma warning( push )
+#pragma warning(disable : 4996)
 		AES_encrypt(plain, cipher, m_key_encrypt);
+#pragma warning( pop )
 	}
 }
 
@@ -118,7 +126,11 @@ void AES::decrypt(const unsigned char *cipher, unsigned char *plain) const
 	} else
 #endif
 	{
+// low-level AES functions are deprecated in Openssl 3.0
+#pragma warning( push )
+#pragma warning(disable : 4996)
 		AES_decrypt(cipher, plain, m_key_decrypt);
+#pragma warning( pop )
 	}
 }
 

libcppcryptfs/crypt/crypt.cpp

@@ -438,7 +438,7 @@ bool hkdfDerive(const BYTE *masterKey, int masterKeyLen, BYTE *newKey, int newKe
 #endif
 		if (EVP_PKEY_CTX_set1_hkdf_key(pctx, masterKey, masterKeyLen) <= 0)
 			throw(-1);
-		if (EVP_PKEY_CTX_add1_hkdf_info(pctx, info, (int)strlen(info)) <= 0)
+		if (EVP_PKEY_CTX_add1_hkdf_info(pctx, reinterpret_cast<const unsigned char *>(info), (int)strlen(info)) <= 0)
 			throw(-1);
 		if (EVP_PKEY_derive(pctx, newKey, &outLen) <= 0)
 			throw(-1);