openssl: Don't pass pointers to RSA structures around.

The RSA structure has been made opaque in openssl-3. As a preparation
for not using this structure any more, pass pointers to the containing
asymmetric key structure instead.

diff --git a/openssl.c b/openssl.c
index 09d11e1e0530ceef44642591b1bf76ce8a46653d..e34169499dcc9bfa14560b41d08cf5516465eec1 100644 (file)
--- a/openssl.c
+++ b/openssl.c
@@ -97,7 +97,8 @@ static int read_bignum(const unsigned char *buf, size_t len, BIGNUM **result)
        return bnsize + 4;
 }
 
-static int read_public_key(const unsigned char *blob, int blen, RSA **result)
+static int read_public_key(const unsigned char *blob, int blen,
+               struct asymmetric_key *result)
 {
        int ret;
        RSA *rsa;
@@ -120,7 +121,7 @@ static int read_public_key(const unsigned char *blob, int blen, RSA **result)
        rsa->n = n;
        rsa->e = e;
 #endif
-       *result = rsa;
+       result->rsa = rsa;
        return 1;
 free_e:
        BN_free(e);
@@ -129,12 +130,12 @@ free_rsa:
        return ret;
 }
 
-static int read_pem_private_key(const char *path, RSA **rsa)
+static int read_pem_private_key(const char *path, struct asymmetric_key *priv)
 {
        EVP_PKEY *pkey;
        BIO *bio = BIO_new(BIO_s_file());
 
-       *rsa = NULL;
+       priv->rsa = NULL;
        if (!bio)
                return -E_PRIVATE_KEY;
        if (BIO_read_filename(bio, path) <= 0)
@@ -142,15 +143,15 @@ static int read_pem_private_key(const char *path, RSA **rsa)
        pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
        if (!pkey)
                goto bio_free;
-       *rsa = EVP_PKEY_get1_RSA(pkey);
+       priv->rsa = EVP_PKEY_get1_RSA(pkey);
        EVP_PKEY_free(pkey);
 bio_free:
        BIO_free(bio);
-       return *rsa? RSA_size(*rsa) : -E_PRIVATE_KEY;
+       return priv->rsa? RSA_size(priv->rsa) : -E_PRIVATE_KEY;
 }
 
 static int read_openssh_private_key(const unsigned char *blob,
-               const unsigned char *end, RSA **result)
+               const unsigned char *end, struct asymmetric_key *priv)
 {
        int ret;
        RSA *rsa;
@@ -196,7 +197,7 @@ static int read_openssh_private_key(const unsigned char *blob,
        rsa->p = p;
        rsa->q = q;
 #endif
-       *result = rsa;
+       priv->rsa = rsa;
        return 1;
 free_p:
        BN_clear_free(p);
@@ -213,13 +214,13 @@ free_rsa:
        return ret;
 }
 
-static int get_private_key(const char *path, RSA **rsa)
+static int get_private_key(const char *path, struct asymmetric_key *priv)
 {
        int ret;
        unsigned char *blob, *end;
        size_t blob_size;
 
-       *rsa = NULL;
+       priv->rsa = NULL;
        ret = decode_private_key(path, &blob, &blob_size);
        if (ret < 0)
                return ret;
@@ -229,9 +230,9 @@ static int get_private_key(const char *path, RSA **rsa)
                if (ret < 0)
                        goto free_blob;
                PARA_INFO_LOG("reading RSA params at offset %d\n", ret);
-               ret = read_openssh_private_key(blob + ret, end, rsa);
+               ret = read_openssh_private_key(blob + ret, end, priv);
        } else
-               ret = read_pem_private_key(path, rsa);
+               ret = read_pem_private_key(path, priv);
 free_blob:
        free(blob);
        return ret;
@@ -247,7 +248,7 @@ int apc_get_pubkey(const char *key_file, struct asymmetric_key **result)
        ret = decode_public_key(key_file, &blob, &decoded_size);
        if (ret < 0)
                goto out;
-       ret = read_public_key(blob + ret, decoded_size - ret, &pub->rsa);
+       ret = read_public_key(blob + ret, decoded_size - ret, pub);
        if (ret < 0)
                goto free_blob;
        ret = RSA_size(pub->rsa);
@@ -284,7 +285,7 @@ int apc_priv_decrypt(const char *key_file, unsigned char *outbuf,
        if (inlen < 0)
                return -E_RSA;
        priv = alloc(sizeof(*priv));
-       ret = get_private_key(key_file, &priv->rsa);
+       ret = get_private_key(key_file, priv);
        if (ret < 0) {
                free(priv);
                return ret;