Re: Porting asterisk to Openssl-3.0

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2022-03-24 at 22:19 -0600, Philip Prindeville wrote:
> Hi,
> 
> I'm incrementally trying to port asterisk to Openssl 3.0.
> 
> First thing I'm trying to do is wean the code off of the RSA_*
> functions, and use generic EVP_PKEY_* functions instead.
> 
> Most of it is fairly straightforward (it seems), but I've been
> looking for examples of reading PEM public and private keys into
> EVP_PKEY's.
> 
> Currently asterisk uses 1.1.0 or later, so I'm trying to figure make
> the code build first under 1.1.0 dropping the functions that get
> deprecated in 3.0, and then rewriting (in a separate PR) whatever the
> delta is between 1.1.0 and 3.0.
> 
> In 3.0, I can find examples of reading PEM into a public RSA key such
> as:
> 
> https://www.openssl.org/docs/manmaster/man3/OSSL_DECODER_from_bio.html
> 
> Though I didn't understand why selection is
> OSSL_KEYMGMT_SELECT_KEYPAIR and not OSSL_KEYMGMT_SELECT_PUBLIC or
> _PRIVATE.
> 
> What is the way to read a PEM file (as a FILE * or BIO *) into a
> EVP_PKEY canonically in 1.1.0?
> 

It's PEM_read_bio_PrivateKey and PEM_read_PrivateKey - these functions
aren't deprecated in 3.0 so you can use them there as well. It's
actually a better idea to use these than the decoder API directly as
they can support legacy functionality (engine based keys).

-- 
Tomáš Mráz, OpenSSL





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux