From 5efb80e66536c9f55a8cee0575a0e449691110c1 Mon Sep 17 00:00:00 2001
From: Yingchun Lai <laiyingchun@apache.org>
Date: Tue, 8 Aug 2023 21:32:44 +0800
Subject: [PATCH] Check OPENSSL_NO_SM4 before using sm4 encryption (#11)

https://github.com/apache/incubator-pegasus/issues/1575

Cherry-pick from
https://github.com/tikv/rocksdb/commit/946476657ffd4ffadad754d36e2c3b22687ce209

In some env, user installed openssl by yum install, and the openssl
software may compiled with OPENSSL_NO_SM4 flag, so although the version
is >= 1.1.1, but we still could not use sm4 in that situation.

Signed-off-by: Jarvis Zheng <jiayang@hust.edu.cn>
---
 encryption/encryption.cc      | 2 +-
 encryption/encryption.h       | 2 +-
 encryption/encryption_test.cc | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/encryption/encryption.cc b/encryption/encryption.cc
index b3a07fa0c6c..8f4dea32e7b 100644
--- a/encryption/encryption.cc
+++ b/encryption/encryption.cc
@@ -216,7 +216,7 @@ Status NewAESCTRCipherStream(EncryptionMethod method, const std::string& key,
       cipher = EVP_aes_256_ctr();
       break;
     case EncryptionMethod::kSM4_CTR:
-#if OPENSSL_VERSION_NUMBER < 0x1010100fL
+#if OPENSSL_VERSION_NUMBER < 0x1010100fL || defined(OPENSSL_NO_SM4)
       return Status::InvalidArgument(
           "Unsupport SM4 encryption method under OpenSSL version: " +
           std::string(OPENSSL_VERSION_TEXT));
diff --git a/encryption/encryption.h b/encryption/encryption.h
index 1f994708954..6d0ac220221 100644
--- a/encryption/encryption.h
+++ b/encryption/encryption.h
@@ -59,7 +59,7 @@ class AESCTRCipherStream : public BlockAccessCipherStream {
 
   size_t BlockSize() override {
     // Openssl support SM4 after 1.1.1 release version.
-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL
+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_SM4)
     if (EVP_CIPHER_nid(cipher_) == NID_sm4_ctr) {
       return SM4_BLOCK_SIZE;
     }
diff --git a/encryption/encryption_test.cc b/encryption/encryption_test.cc
index d4a427d6b09..26513ccba56 100644
--- a/encryption/encryption_test.cc
+++ b/encryption/encryption_test.cc
@@ -56,7 +56,7 @@ class EncryptionTest
       case EncryptionMethod::kAES256_CTR:
         cipher = EVP_aes_256_ctr();
         break;
-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL
+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_SM4)
       // Openssl support SM4 after 1.1.1 release version.
       case EncryptionMethod::kSM4_CTR:
         cipher = EVP_sm4_ctr();
@@ -153,7 +153,7 @@ TEST_P(EncryptionTest, EncryptionTest) {
 }
 
 // Openssl support SM4 after 1.1.1 release version.
-#if OPENSSL_VERSION_NUMBER < 0x1010100fL
+#if OPENSSL_VERSION_NUMBER < 0x1010100fL || defined(OPENSSL_NO_SM4)
 INSTANTIATE_TEST_CASE_P(
     EncryptionTestInstance, EncryptionTest,
     testing::Combine(testing::Bool(),