crypto: Port libcrypto code to openssl-1.1

EVP_MD_CTX and EVP_CIPHER_CTX are opaque in openssl-1.1

Reviewed-by: Tomas Mraz <tmraz@redhat.com>

1 files changed, 19 insertions, 4 deletions

diff --git a/src/util/cert/libcrypto/cert.c b/src/util/cert/libcrypto/cert.c
index a7752d7c1..aba598d7c 100644
--- a/src/util/cert/libcrypto/cert.c
+++ b/src/util/cert/libcrypto/cert.c
@@ -182,6 +182,8 @@ errno_t cert_to_ssh_key(TALLOC_CTX *mem_ctx, const char *ca_db,
     size_t c;
     X509 *cert = NULL;
     EVP_PKEY *cert_pub_key = NULL;
+    const BIGNUM *n;
+    const BIGNUM *e;
     int modulus_len;
     unsigned char modulus[OPENSSL_RSA_MAX_MODULUS_BITS/8];
     int exponent_len;
@@ -208,16 +210,29 @@ errno_t cert_to_ssh_key(TALLOC_CTX *mem_ctx, const char *ca_db,
         goto done;
     }
 
-    if (cert_pub_key->type != EVP_PKEY_RSA) {
+    if (EVP_PKEY_base_id(cert_pub_key) != EVP_PKEY_RSA) {
         DEBUG(SSSDBG_CRIT_FAILURE,
               "Expected RSA public key, found unsupported [%d].\n",
-              cert_pub_key->type);
+              EVP_PKEY_base_id(cert_pub_key));
         ret = EINVAL;
         goto done;
     }
 
-    modulus_len = BN_bn2bin(cert_pub_key->pkey.rsa->n, modulus);
-    exponent_len = BN_bn2bin(cert_pub_key->pkey.rsa->e, exponent);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+    RSA *rsa_pub_key = NULL;
+    rsa_pub_key = EVP_PKEY_get0_RSA(cert_pub_key);
+    if (rsa_pub_key == NULL) {
+        ret = ENOMEM;
+        goto done;
+    }
+
+    RSA_get0_key(rsa_pub_key, &n, &e, NULL);
+#else
+    n = cert_pub_key->pkey.rsa->n;
+    e = cert_pub_key->pkey.rsa->e;
+#endif
+    modulus_len = BN_bn2bin(n, modulus);
+    exponent_len = BN_bn2bin(e, exponent);
 
     size = SSH_RSA_HEADER_LEN + 3 * sizeof(uint32_t)
                 + modulus_len