From: Jouni Malinen <j@w1.fi>
Date: Thu, 26 May 2022 13:40:18 +0000 (+0300)
Subject: OpenSSL: crypto_ec_key_get_private_key() using new EVP_PKEY API
X-Git-Tag: hostap_2_11~1876
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5b97395b3ea4a21dcb6215731d9b7a75506a66b5;p=thirdparty%2Fhostap.git

OpenSSL: crypto_ec_key_get_private_key() using new EVP_PKEY API

Implement crypto_ec_key_get_private_key() without the deprecated EC_KEY
API when using OpenSSL 3.0.

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index e2c8bca2b..149536774 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -3438,6 +3438,14 @@ struct crypto_bignum *
 crypto_ec_key_get_private_key(struct crypto_ec_key *key)
 {
 	EVP_PKEY *pkey = (EVP_PKEY *) key;
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+	BIGNUM *bn = NULL;
+
+	if (!EVP_PKEY_is_a(pkey, "EC") ||
+	    EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &bn) != 1)
+		return NULL;
+	return (struct crypto_bignum *) bn;
+#else /* OpenSSL version >= 3.0 */
 	const EC_KEY *eckey;
 	const BIGNUM *bn;
 
@@ -3448,6 +3456,7 @@ crypto_ec_key_get_private_key(struct crypto_ec_key *key)
 	if (!bn)
 		return NULL;
 	return (struct crypto_bignum *) BN_dup(bn);
+#endif /* OpenSSL version >= 3.0 */
 }