From 9ca735ab8f71a6b64f31867e55d43f3f5a51bfec Mon Sep 17 00:00:00 2001

From: Petr Gotthard <petr.gotthard@centrum.cz>

Date: Sun, 18 Jul 2021 11:54:50 +0200

Subject: FAPI Test: Change RSA_sign to EVP_PKEY_sign

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

The EVP_PKEY_sign functions are available since OpenSSL 1.0.0.

The RSA_sign function is deprecated in OpenSSL 3.0.0.

This PR should work with OpenSSL 1.0.0 through 3.0.0.

Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz>

---

 test/integration/fapi-ext-public-key.int.c | 38 +++++++++++-----------

 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/test/integration/fapi-ext-public-key.int.c b/test/integration/fapi-ext-public-key.int.c

index 363c58b7..971d7897 100644

--- a/test/integration/fapi-ext-public-key.int.c

+++ b/test/integration/fapi-ext-public-key.int.c

@@ -49,7 +49,7 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)

     BIO *bufio = NULL;

     EVP_PKEY *evp_key = NULL;

-    RSA *rsa_key = NULL;

+    EVP_PKEY_CTX *ctx = NULL;

     /* Key will be used for non TPM signature verfication. */

     char *pubkey_pem =

@@ -186,10 +186,8 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)

     bufio = BIO_new_mem_buf((void *)priv_pem, strlen(priv_pem));

     evp_key = PEM_read_bio_PrivateKey(bufio, NULL, NULL, NULL);

-    rsa_key  = EVP_PKEY_get1_RSA(evp_key);

-

-    if (!bufio || !evp_key || !rsa_key) {

+    if (!bufio || !evp_key) {

         LOG_ERROR("Generation of test key failed.");

         goto error;

     }

@@ -199,10 +197,20 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)

         0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, 0x9c, 0xd0, 0xd8, 0x9d

     };

     uint8_t signature[256];

-    unsigned int  signatureLength = 256;

+    size_t  signatureLength = 256;

-    if (!RSA_sign(NID_sha1, digest, 20, signature, &signatureLength, rsa_key)) {

-        LOG_ERROR("Test RSA_sign failed.");

+    if ((ctx = EVP_PKEY_CTX_new(evp_key, NULL)) == NULL) {

+        LOG_ERROR("Test EVP_PKEY_CTX_new failed.");

+        goto error;

+    }

+    if (EVP_PKEY_sign_init(ctx) <= 0

+            || EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0

+            || EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha1()) <= 0) {

+        LOG_ERROR("Test EVP_PKEY_sign_init failed.");

+        goto error;

+    }

+    if (EVP_PKEY_sign(ctx, signature, &signatureLength, digest, 20) <= 0) {

+        LOG_ERROR("Test EVP_PKEY_sign failed.");

         goto error;

     }

@@ -243,12 +251,8 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)

     if (bufio) {

         BIO_free(bufio);

     }

-    if (evp_key) {

-        EVP_PKEY_free(evp_key);

-    }

-    if (rsa_key) {

-        RSA_free(rsa_key);

-    }

+    EVP_PKEY_CTX_free(ctx);

+    EVP_PKEY_free(evp_key);

     SAFE_FREE(path_list);

     SAFE_FREE(cert2);

     return EXIT_SUCCESS;

@@ -258,12 +262,8 @@ error:

     if (bufio) {

         BIO_free(bufio);

     }

-    if (evp_key) {

-        EVP_PKEY_free(evp_key);

-    }

-    if (rsa_key) {

-        RSA_free(rsa_key);

-    }

+    EVP_PKEY_CTX_free(ctx);

+    EVP_PKEY_free(evp_key);

     SAFE_FREE(path_list);

     SAFE_FREE(cert2);

     return EXIT_FAILURE;

-- 

2.26.3