diff options
author | Martijn Otto <git@martijnotto.nl> | 2019-03-27 13:23:30 +0100 |
---|---|---|
committer | Martijn Otto <git@martijnotto.nl> | 2019-03-27 13:23:30 +0100 |
commit | dffdccdc9ea15655e14b0899864c9a1e8243d5cd (patch) | |
tree | 309ea2cbb111d3f3e96bda52f73ef1cccaef1fbd | |
parent | Merge pull request #5286 (diff) | |
download | monero-dffdccdc9ea15655e14b0899864c9a1e8243d5cd.tar.xz |
No longer use deprecated RSA_generate_key in favor of
RSA_generate_key_ex
-rw-r--r-- | contrib/epee/src/net_ssl.cpp | 47 |
1 files changed, 40 insertions, 7 deletions
diff --git a/contrib/epee/src/net_ssl.cpp b/contrib/epee/src/net_ssl.cpp index eb0b0ad65..cb65121bd 100644 --- a/contrib/epee/src/net_ssl.cpp +++ b/contrib/epee/src/net_ssl.cpp @@ -46,8 +46,7 @@ namespace { void operator()(BIO* ptr) const noexcept { - if (ptr) - BIO_free(ptr); + BIO_free(ptr); } }; using openssl_bio = std::unique_ptr<BIO, openssl_bio_free>; @@ -56,12 +55,28 @@ namespace { void operator()(EVP_PKEY* ptr) const noexcept { - if (ptr) - EVP_PKEY_free(ptr); + EVP_PKEY_free(ptr); } }; using openssl_pkey = std::unique_ptr<EVP_PKEY, openssl_pkey_free>; + struct openssl_rsa_free + { + void operator()(RSA* ptr) const noexcept + { + RSA_free(ptr); + } + }; + using openssl_rsa = std::unique_ptr<RSA, openssl_rsa_free>; + + struct openssl_bignum_free + { + void operator()(BIGNUM* ptr) const noexcept + { + BN_free(ptr); + } + }; + using openssl_bignum = std::unique_ptr<BIGNUM, openssl_bignum_free>; } namespace epee @@ -81,19 +96,37 @@ bool create_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert) } openssl_pkey pkey_deleter{pkey}; - RSA *rsa = RSA_generate_key(4096, RSA_F4, NULL, NULL); + openssl_rsa rsa{RSA_new()}; if (!rsa) { + MERROR("Error allocating RSA private key"); + return false; + } + + openssl_bignum exponent{BN_new()}; + if (!exponent) + { + MERROR("Error allocating exponent"); + return false; + } + + BN_set_word(exponent.get(), RSA_F4); + + if (RSA_generate_key_ex(rsa.get(), 4096, exponent.get(), nullptr) != 1) + { MERROR("Error generating RSA private key"); return false; } - if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) // The RSA will be automatically freed when the EVP_PKEY structure is freed. + + if (EVP_PKEY_assign_RSA(pkey, rsa.get()) <= 0) { MERROR("Error assigning RSA private key"); - RSA_free(rsa); return false; } + // the RSA key is now managed by the EVP_PKEY structure + (void)rsa.release(); + cert = X509_new(); if (!cert) { |