aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRiccardo Spagni <ric@spagni.net>2019-04-06 16:02:30 +0200
committerRiccardo Spagni <ric@spagni.net>2019-04-06 16:02:31 +0200
commit17fefb878603b9d5134b722d74a8c5cc8e9b468b (patch)
treedc25820d5449c3989f7d6c9d588f0c4d3f8bf400
parentMerge pull request #5353 (diff)
parentNo longer use deprecated RSA_generate_key in favor of (diff)
downloadmonero-17fefb878603b9d5134b722d74a8c5cc8e9b468b.tar.xz
Merge pull request #5358
dffdccdc No longer use deprecated RSA_generate_key in favor of RSA_generate_key_ex (Martijn Otto)
-rw-r--r--contrib/epee/src/net_ssl.cpp47
1 files changed, 40 insertions, 7 deletions
diff --git a/contrib/epee/src/net_ssl.cpp b/contrib/epee/src/net_ssl.cpp
index eb0b0ad65..cb65121bd 100644
--- a/contrib/epee/src/net_ssl.cpp
+++ b/contrib/epee/src/net_ssl.cpp
@@ -46,8 +46,7 @@ namespace
{
void operator()(BIO* ptr) const noexcept
{
- if (ptr)
- BIO_free(ptr);
+ BIO_free(ptr);
}
};
using openssl_bio = std::unique_ptr<BIO, openssl_bio_free>;
@@ -56,12 +55,28 @@ namespace
{
void operator()(EVP_PKEY* ptr) const noexcept
{
- if (ptr)
- EVP_PKEY_free(ptr);
+ EVP_PKEY_free(ptr);
}
};
using openssl_pkey = std::unique_ptr<EVP_PKEY, openssl_pkey_free>;
+ struct openssl_rsa_free
+ {
+ void operator()(RSA* ptr) const noexcept
+ {
+ RSA_free(ptr);
+ }
+ };
+ using openssl_rsa = std::unique_ptr<RSA, openssl_rsa_free>;
+
+ struct openssl_bignum_free
+ {
+ void operator()(BIGNUM* ptr) const noexcept
+ {
+ BN_free(ptr);
+ }
+ };
+ using openssl_bignum = std::unique_ptr<BIGNUM, openssl_bignum_free>;
}
namespace epee
@@ -81,19 +96,37 @@ bool create_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert)
}
openssl_pkey pkey_deleter{pkey};
- RSA *rsa = RSA_generate_key(4096, RSA_F4, NULL, NULL);
+ openssl_rsa rsa{RSA_new()};
if (!rsa)
{
+ MERROR("Error allocating RSA private key");
+ return false;
+ }
+
+ openssl_bignum exponent{BN_new()};
+ if (!exponent)
+ {
+ MERROR("Error allocating exponent");
+ return false;
+ }
+
+ BN_set_word(exponent.get(), RSA_F4);
+
+ if (RSA_generate_key_ex(rsa.get(), 4096, exponent.get(), nullptr) != 1)
+ {
MERROR("Error generating RSA private key");
return false;
}
- if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) // The RSA will be automatically freed when the EVP_PKEY structure is freed.
+
+ if (EVP_PKEY_assign_RSA(pkey, rsa.get()) <= 0)
{
MERROR("Error assigning RSA private key");
- RSA_free(rsa);
return false;
}
+ // the RSA key is now managed by the EVP_PKEY structure
+ (void)rsa.release();
+
cert = X509_new();
if (!cert)
{