git.tuebingen.mpg.de Git - paraslash.git/commit

author	Andre Noll <maan@tuebingen.mpg.de>
	Sun, 7 May 2023 15:49:58 +0000 (17:49 +0200)
committer	Andre Noll <maan@tuebingen.mpg.de>
	Thu, 16 May 2024 23:36:55 +0000 (01:36 +0200)
commit	0485079436ad11e6a4f403c3f7a259c7e51da691
tree	1600e1d7d787f0a857d164f318d506a6feffba9e	tree \| snapshot
parent	e15f70f41d691fc1e6cc82fb398429cdb3444342	commit \| diff

openssl: Use the EVP library for RSA public encryption.

Many functions related to RSA have been deprecated in openssl-3. Users
of the deprecated API are expected to switch to the high-level
cryptographic functions of the EVP library which ships together
with openssl.

Since openssl-1.0 is still supported and even openssl-1.1 lacks some
of the features we need for EVP, for example OSSL_PARAM_construct_BN(),
we check for this symbol at configure time and use #ifdefs in openssl.c
to compile the code conditionally depending on the value of the new
HAVE_OSSL_PARAM preprocessor macro. The code should work with both
old and new openssl versions.

apc_get_pubkey() used to call RSA_size() to obtain the key size in
bytes for the return value, but RSA_size() is one of the functions
that got deprecated in openssl-3. So modify read_public_key() to
return the number of bits of the modulus (rather than the constant
one), and use 1/8 of this number as the return value.

configure.ac		diff \| blob \| history
openssl.c		diff \| blob \| history