Address comments and add new CI for mac

Author: disa6302

.github/workflows/ci.yml

@@ -50,6 +50,34 @@ jobs:
         run:  |
           cd build
           ./tst/webrtc_client_test
+  mac-os-build-clang-openssl-old:
+    runs-on: macos-11
+    env:
+      CC: /usr/bin/clang
+      CXX: /usr/bin/clang++
+      AWS_KVS_LOG_LEVEL: 2
+      LDFLAGS: -L/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/lib
+      CPATH: /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Clone repository
+        uses: actions/checkout@v3
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+          aws-region: ${{ secrets.AWS_REGION }}
+      - name: Build repository
+        run: |
+          mkdir build && cd build
+          cmake .. -DBUILD_TEST=TRUE -DCOMPILER_WARNINGS=TRUE -DBUILD_OLD_OPENSSL_VERSION=ON
+          make
+      - name: Run tests
+        run:  |
+          cd build
+          ./tst/webrtc_client_test
   mac-os-build-gcc:
     runs-on: macos-11
     env:
@@ -76,6 +104,32 @@ jobs:
         run:  |
           cd build
           ./tst/webrtc_client_test
+  mac-os-build-gcc-openssl-old:
+    runs-on: macos-11
+    env:
+      CC: gcc
+      CXX: g++
+      AWS_KVS_LOG_LEVEL: 2
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Clone repository
+        uses: actions/checkout@v3
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+          aws-region: ${{ secrets.AWS_REGION }}
+      - name: Build repository
+        run: |
+          mkdir build && cd build
+          cmake .. -DBUILD_TEST=TRUE -DCOMPILER_WARNINGS=TRUE -DBUILD_OLD_OPENSSL_VERSION=ON
+          make
+      - name: Run tests
+        run:  |
+          cd build
+          ./tst/webrtc_client_test
   static-build-mac:
     runs-on: macos-11
     env:

src/source/Crypto/Dtls_openssl.c

@@ -106,14 +106,20 @@ STATUS createCertificateAndKey(INT32 certificateBits, BOOL generateRSACertificat
     STATUS retStatus = STATUS_SUCCESS;
     X509_NAME* pX509Name = NULL;
     UINT64 certSn;
-
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+    EVP_PKEY_CTX* pctx = NULL;
+#else
+    RSA* pRsa = NULL;
+    BIGNUM* pBne = NULL;
+    UINT32 eccGroup = 0;
+    EC_KEY* eccKey = NULL;
+#endif
     CHK(ppCert != NULL && ppPkey != NULL, STATUS_NULL_ARG);
     CHK((*ppPkey = EVP_PKEY_new()) != NULL, STATUS_CERTIFICATE_GENERATION_FAILED);
     CHK_STATUS(dtlsFillPseudoRandomBits((PBYTE) &certSn, SIZEOF(UINT64)));
 
 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
     DLOGI("Detected openssl version greater than 3.0.0");
-    EVP_PKEY_CTX* pctx = NULL;
     if (generateRSACertificate) {
         DLOGI("Using RSA");
         CHK_ERR(pctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL), STATUS_CERTIFICATE_GENERATION_FAILED, "Error creating EVP_PKEY_CTX for RSA");
@@ -130,9 +136,7 @@ STATUS createCertificateAndKey(INT32 certificateBits, BOOL generateRSACertificat
     }
     EVP_PKEY_CTX_free(pctx);
 #else
-    RSA* pRsa = NULL;
     if (generateRSACertificate) {
-        BIGNUM* pBne = NULL;
         DLOGI("Detected older version");
         CHK((pBne = BN_new()) != NULL, STATUS_CERTIFICATE_GENERATION_FAILED);
         CHK(BN_set_word(pBne, KVS_RSA_F4) != 0, STATUS_CERTIFICATE_GENERATION_FAILED);
@@ -144,8 +148,6 @@ STATUS createCertificateAndKey(INT32 certificateBits, BOOL generateRSACertificat
         }
         pRsa = NULL;
     } else {
-        UINT32 eccGroup = 0;
-        EC_KEY* eccKey = NULL;
         CHK((eccGroup = OBJ_txt2nid("prime256v1")) != NID_undef, STATUS_CERTIFICATE_GENERATION_FAILED);
         CHK((eccKey = EC_KEY_new_by_curve_name(eccGroup)) != NULL, STATUS_CERTIFICATE_GENERATION_FAILED);