On 01.08.24 07:57, Sascha Hauer wrote:
> EVP_PKEY_get1_RSA() and RSA_get0_key() are deprecated. Use
> EVP_PKEY_get_bn_param() instead.
>
> Signed-off-by: Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
Reviewed-by: Ahmad Fatoum <a.fatoum@xxxxxxxxxxxxxx>
> ---
> scripts/rsatoc.c | 29 +++++++++++++++--------------
> 1 file changed, 15 insertions(+), 14 deletions(-)
>
> diff --git a/scripts/rsatoc.c b/scripts/rsatoc.c
> index afef6212d0..c7bc4ba843 100644
> --- a/scripts/rsatoc.c
> +++ b/scripts/rsatoc.c
> @@ -18,6 +18,8 @@
> #include <openssl/ssl.h>
> #include <openssl/evp.h>
> #include <openssl/engine.h>
> +#include <openssl/provider.h>
> +#include <openssl/core_names.h>
>
> static int dts, standalone;
>
> @@ -160,14 +162,17 @@ static int engine_get_pub_key(const char *key_id, EVP_PKEY **key)
> /*
> * rsa_get_exponent(): - Get the public exponent from an RSA key
> */
> -static int rsa_get_exponent(RSA *key, uint64_t *e)
> +static int rsa_get_exponent(EVP_PKEY *key, uint64_t *e)
> {
> int ret;
> BIGNUM *bn_te = NULL;
> - const BIGNUM *key_e;
> + BIGNUM *key_e = NULL;
> uint64_t te;
>
> - RSA_get0_key(key, NULL, &key_e, NULL);
> + ret = EVP_PKEY_get_bn_param(key, OSSL_PKEY_PARAM_RSA_E, &key_e);
> + if (!ret)
> + return -EINVAL;
> +
> if (BN_num_bits(key_e) > 64) {
> ret = -EINVAL;
> goto cleanup;
> @@ -204,6 +209,7 @@ static int rsa_get_exponent(RSA *key, uint64_t *e)
> cleanup:
> if (bn_te)
> BN_free(bn_te);
> + BN_free(key_e);
>
> return ret;
> }
> @@ -214,20 +220,12 @@ static int rsa_get_exponent(RSA *key, uint64_t *e)
> static int rsa_get_params(EVP_PKEY *key, uint64_t *exponent, uint32_t *n0_invp,
> BIGNUM **modulusp, BIGNUM **r_squaredp)
> {
> - RSA *rsa;
> BIGNUM *big1, *big2, *big32, *big2_32;
> BIGNUM *n, *r, *r_squared, *tmp;
> - const BIGNUM *key_n;
> + BIGNUM *key_n = NULL;
> BN_CTX *bn_ctx = BN_CTX_new();
> int ret;
>
> - /* Convert to a RSA_style key. */
> - rsa = EVP_PKEY_get1_RSA(key);
> - if (!rsa) {
> - openssl_error("Couldn't convert to a RSA style key");
> - return -EINVAL;
> - }
> -
> /* Initialize BIGNUMs */
> big1 = BN_new();
> big2 = BN_new();
> @@ -243,11 +241,14 @@ static int rsa_get_params(EVP_PKEY *key, uint64_t *exponent, uint32_t *n0_invp,
> return -ENOMEM;
> }
>
> - ret = rsa_get_exponent(rsa, exponent);
> + ret = rsa_get_exponent(key, exponent);
> if (ret)
> goto cleanup;
>
> - RSA_get0_key(rsa, &key_n, NULL, NULL);
> + ret = EVP_PKEY_get_bn_param(key, OSSL_PKEY_PARAM_RSA_N, &key_n);
> + if (!ret)
> + return -EINVAL;
> +
> if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) ||
> !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) {
> ret = -EINVAL;
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
