From: Jouni Malinen <j@w1.fi>
Date: Sun, 13 Mar 2022 09:21:00 +0000 (+0200)
Subject: OpenSSL: Determine RSA key size without low-level routines
X-Git-Tag: hostap_2_11~2155
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=09c62aaf11a73ab9876dfe7b6ef11b7fd18a6cb1;p=thirdparty%2Fhostap.git

OpenSSL: Determine RSA key size without low-level routines

RSA low-level routines were deprecated in OpenSSL 3.0.
EVP_PKEY_get_bits(), or its older and more backwards compatible name
EVP_PKEY_bits() can be used here instead.

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index c9e00b3af..e16daad26 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2529,16 +2529,11 @@ static int tls_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx)
 #ifdef CONFIG_SUITEB
 	if (conn->flags & TLS_CONN_SUITEB) {
 		EVP_PKEY *pk;
-		RSA *rsa;
 		int len = -1;
 
 		pk = X509_get_pubkey(err_cert);
 		if (pk) {
-			rsa = EVP_PKEY_get1_RSA(pk);
-			if (rsa) {
-				len = RSA_bits(rsa);
-				RSA_free(rsa);
-			}
+			len = EVP_PKEY_bits(pk);
 			EVP_PKEY_free(pk);
 		}