From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 29 Sep 2021 13:03:44 +0000 (+0200)
Subject: openssl-util: use EVP API to get RSA bits
X-Git-Tag: v250-rc1~585^2~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7f12adc3000c08a370f74bd16c654506c8a99e92;p=thirdparty%2Fsystemd.git

openssl-util: use EVP API to get RSA bits
---

diff --git a/src/shared/openssl-util.c b/src/shared/openssl-util.c
index bb47ae5e873..bd728e6c7c7 100644
--- a/src/shared/openssl-util.c
+++ b/src/shared/openssl-util.c
@@ -46,7 +46,6 @@ int rsa_pkey_to_suitable_key_size(
                 size_t *ret_suitable_key_size) {
 
         size_t suitable_key_size;
-        const RSA *rsa;
         int bits;
 
         assert_se(pkey);
@@ -58,11 +57,7 @@ int rsa_pkey_to_suitable_key_size(
         if (EVP_PKEY_base_id(pkey) != EVP_PKEY_RSA)
                 return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "X.509 certificate does not refer to RSA key.");
 
-        rsa = EVP_PKEY_get0_RSA(pkey);
-        if (!rsa)
-                return log_debug_errno(SYNTHETIC_ERRNO(EIO), "Failed to acquire RSA public key from X.509 certificate.");
-
-        bits = RSA_bits(rsa);
+        bits = EVP_PKEY_bits(pkey);
         log_debug("Bits in RSA key: %i", bits);
 
         /* We use PKCS#1 padding for the RSA cleartext, hence let's leave some extra space for it, hence only