OpenSSL: Determine RSA key size without low-level routines

RSA low-level routines were deprecated in OpenSSL 3.0.
EVP_PKEY_get_bits(), or its older and more backwards compatible name
EVP_PKEY_bits() can be used here instead.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index c9e00b3af8555f134e59cc2dca7498b9d060ff67..e16daad26a354e393846ced5eae1e1bec267bf61 100644 (file)
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2529,16 +2529,11 @@ static int tls_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx)
 #ifdef CONFIG_SUITEB
        if (conn->flags & TLS_CONN_SUITEB) {
                EVP_PKEY *pk;
-               RSA *rsa;
                int len = -1;
 
                pk = X509_get_pubkey(err_cert);
                if (pk) {
-                       rsa = EVP_PKEY_get1_RSA(pk);
-                       if (rsa) {
-                               len = RSA_bits(rsa);
-                               RSA_free(rsa);
-                       }
+                       len = EVP_PKEY_bits(pk);
                        EVP_PKEY_free(pk);
                }