diff options
| author | Petar Koretic <petar.koretic@sartura.hr> | 2014-03-16 10:20:44 +0000 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2014-03-27 11:14:25 +0100 |
| commit | fdced9d5441c80fd07ff5c20394f35cc0cb7976b (patch) | |
| tree | f475fb18b2cfa81733d810b1cca3fc999390be64 | |
| parent | 96db44ff171ab9d07207afe59cd9fbaff59a1d2c (diff) | |
pki_crypto: Replace deprecated RSA_generate_key() with RSA_generate_key_ex()
On Mar 16, 09:41, Aris Adamantiadis wrote:
> Hi Petar,
> I agree with the principle, but I don't think this code can work...
> RSA_generate_key takes an RSA* as parameter and in our code we probably
> have key->rsa==NULL. (if we don't then the old code had a memory leak).
>
> Does the test case work ?
>
> Aris
>
Yes, you are right. This works, tested with tests/unittests/torture_pki
Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
(cherry picked from commit 0b8d24f800bae5f4f86c0eaca41c609f40d7baef)
| -rw-r--r-- | src/pki_crypto.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/src/pki_crypto.c b/src/pki_crypto.c index cbd2c784..3f594914 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -383,10 +383,20 @@ fail: } int pki_key_generate_rsa(ssh_key key, int parameter){ - key->rsa = RSA_generate_key(parameter, 65537, NULL, NULL); - if(key->rsa == NULL) - return SSH_ERROR; - return SSH_OK; + BIGNUM *e; + int rc; + + e = BN_new(); + key->rsa = RSA_new(); + + BN_set_word(e, 65537); + rc = RSA_generate_key_ex(key->rsa, parameter, e, NULL); + + BN_free(e); + + if (rc == -1 || key->rsa == NULL) + return SSH_ERROR; + return SSH_OK; } int pki_key_generate_dss(ssh_key key, int parameter){ |