liboqs usage of OpenSSL memory APIs disabled

[baentsch]

Discussed in https://github.com/orgs/open-quantum-safe/discussions/2038

^{Originally posted by baluduvvuri1 January 11, 2025}
Hi all,

We set OQS_USE_OPENSSL to ON during compilation of liboqs (-DOQS_USE_OPENSSL=ON) so that liboqs will use OpenSSL API's as needed and as the crypto code provider.

The issue is in order for liboqs to use the OpenSSL memory API's, the check is as below:

In the liboqs source code : src/common/common.h

#if (defined(OQS_USE_OPENSSL) || defined(OQS_DLOPEN_OPENSSL)) &&
defined(OPENSSL_VERSION_NUMBER)
#include <openssl/crypto.h>
#define OQS_MEM_malloc(size) OPENSSL_malloc(size) --->OpenSSL memory API
..........
#else
...........
#define OQS_MEM_malloc(size) malloc(size) // IGNORE memory-check

My question is who needs to define OPENSSL_VERSION_NUMBER?

The definition of OPENSSL_VERSION_NUMBER is present in the OpenSSL header file opensslv.h which is included by crypto.h

But as from above code , crypto.h is included only if OPENSSL_VERSION_NUMBER has been defined?

Can you please help to understand ?

The below change worked for me:

#if (defined(OQS_USE_OPENSSL))
#include <openssl/crypto.h>
#endif

#if (defined(OQS_USE_OPENSSL) || defined(OQS_DLOPEN_OPENSSL)) &&
defined(OPENSSL_VERSION_NUMBER)
#define OQS_MEM_malloc(size) OPENSSL_malloc(size)
..........
#else
..........
#define OQS_MEM_malloc(size) malloc(size) // IGNORE memory-check...

Thanks
Bala