--- a/src/restore.c.orig	2026-03-28 07:31:21.203998289 +0000
+++ b/src/restore.c	2026-03-28 07:31:21.219998289 +0000
@@ -1420,7 +1420,7 @@
				goto leave;
			}

-			if (zip_replace(za, zindex, zs) == -1) {
+			if (zip_file_replace(za, zindex, zs, 0) == -1) {
				error("ERROR: could not update signed '%s' in archive\n", signfn);
				goto leave;
			}
@@ -1438,7 +1438,7 @@
	free(iter);

	// remove everything but required files
-	int i, j, keep, numf = zip_get_num_files(za);
+	int i, j, keep, numf = zip_get_num_entries(za, 0);
	for (i = 0; i < numf; i++) {
		keep = 0;
		// check for signed file index
@@ -1539,7 +1539,7 @@
				goto leave;
			}

-			if (zip_replace(za, zindex, zs) == -1) {
+			if (zip_file_replace(za, zindex, zs, 0) == -1) {
				error("ERROR: could not update archive with ticketed ebl.fls\n");
				goto leave;
			}
@@ -1560,7 +1560,7 @@
			}
			blob = NULL;

-			if (zip_add(za, "bbticket.der", zs) == -1) {
+			if (zip_file_add(za, "bbticket.der", zs, ZIP_FL_OVERWRITE) == -1) {
				error("ERROR: could not add bbticket.der to archive\n");
				goto leave;
			}
--- a/src/ipsw.c.orig	2026-03-28 07:31:21.207998289 +0000
+++ b/src/ipsw.c	2026-03-28 07:31:21.475998286 +0000
@@ -34,6 +34,7 @@
 #include <zip.h>
 #ifdef HAVE_OPENSSL
 #include <openssl/sha.h>
+#include <openssl/evp.h>
 #else
 #include "sha1.h"
 #define SHA_CTX SHA1_CTX
@@ -692,14 +693,28 @@
	unsigned char tsha1[20];
	char buf[8192];
	if (!f) return 0;
+#ifdef HAVE_OPENSSL
+	EVP_MD_CTX *sha1ctx = EVP_MD_CTX_new();
+	EVP_DigestInit_ex(sha1ctx, EVP_sha1(), NULL);
+#else
	SHA_CTX sha1ctx;
	SHA1_Init(&sha1ctx);
+#endif
	rewind(f);
	while (!feof(f)) {
		size_t sz = fread(buf, 1, 8192, f);
+#ifdef HAVE_OPENSSL
+		EVP_DigestUpdate(sha1ctx, (const void*)buf, sz);
+#else
		SHA1_Update(&sha1ctx, (const void*)buf, sz);
+#endif
	}
+#ifdef HAVE_OPENSSL
+	EVP_DigestFinal_ex(sha1ctx, tsha1, NULL);
+	EVP_MD_CTX_free(sha1ctx);
+#else
	SHA1_Final(tsha1, &sha1ctx);
+#endif
	return (memcmp(expected_sha1, tsha1, 20) == 0) ? 1 : 0;
 }