Update any code that was using deprecated functions so that everything builds
and links with OPENSSL_NO_DEPRECATED defined.
diff --git a/CHANGES b/CHANGES
index 666cf68..ea4793c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,7 +5,9 @@
Changes between 0.9.7c and 0.9.8 [xx XXX xxxx]
*) Ensure that deprecated functions do not get compiled when
- OPENSSL_NO_DEPRECATED is defined.
+ OPENSSL_NO_DEPRECATED is defined. Some "openssl" subcommands and a few of
+ the self-tests were still using deprecated key-generation functions so
+ these have been updated also.
[Geoff Thorpe]
*) Reorganise PKCS#7 code to separate the digest location functionality
diff --git a/apps/dhparam.c b/apps/dhparam.c
index dc00355..e3cabcf 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -142,7 +142,7 @@
* -C
*/
-static void MS_CALLBACK dh_cb(int p, int n, void *arg);
+static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);
int MAIN(int, char **);
@@ -294,6 +294,8 @@
if(num) {
+ BN_GENCB cb;
+ BN_GENCB_set(&cb, dh_cb, bio_err);
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
@@ -305,12 +307,13 @@
#ifndef OPENSSL_NO_DSA
if (dsaparam)
{
- DSA *dsa;
+ DSA *dsa = DSA_new();
BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
- dsa = DSA_generate_parameters(num, NULL, 0, NULL, NULL, dh_cb, bio_err);
- if (dsa == NULL)
+ if(!dsa || !DSA_generate_parameters_ex(dsa, num,
+ NULL, 0, NULL, NULL, &cb))
{
+ if(dsa) DSA_free(dsa);
ERR_print_errors(bio_err);
goto end;
}
@@ -326,12 +329,12 @@
else
#endif
{
+ dh = DH_new();
BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
BIO_printf(bio_err,"This is going to take a long time\n");
- dh=DH_generate_parameters(num,g,dh_cb,bio_err);
-
- if (dh == NULL)
+ if(!dh || !DH_generate_parameters_ex(dh, num, g, &cb))
{
+ if(dh) DH_free(dh);
ERR_print_errors(bio_err);
goto end;
}
@@ -534,7 +537,7 @@
}
/* dh_cb is identical to dsa_cb in apps/dsaparam.c */
-static void MS_CALLBACK dh_cb(int p, int n, void *arg)
+static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
{
char c='*';
@@ -542,11 +545,12 @@
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write((BIO *)arg,&c,1);
- (void)BIO_flush((BIO *)arg);
+ BIO_write(cb->arg,&c,1);
+ (void)BIO_flush(cb->arg);
#ifdef LINT
p=n;
#endif
+ return 1;
}
#endif
diff --git a/apps/gendh.c b/apps/gendh.c
index b900874..69baa50 100644
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -81,12 +81,13 @@
#undef PROG
#define PROG gendh_main
-static void MS_CALLBACK dh_cb(int p, int n, void *arg);
+static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
+ BN_GENCB cb;
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
@@ -102,6 +103,7 @@
apps_startup();
+ BN_GENCB_set(&cb, dh_cb, bio_err);
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
@@ -199,10 +201,10 @@
BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
BIO_printf(bio_err,"This is going to take a long time\n");
- dh=DH_generate_parameters(num,g,dh_cb,bio_err);
-
- if (dh == NULL) goto end;
+ if(((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, &cb))
+ goto end;
+
app_RAND_write_file(NULL, bio_err);
if (!PEM_write_bio_DHparams(out,dh))
@@ -217,7 +219,7 @@
OPENSSL_EXIT(ret);
}
-static void MS_CALLBACK dh_cb(int p, int n, void *arg)
+static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
{
char c='*';
@@ -225,10 +227,11 @@
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write((BIO *)arg,&c,1);
- (void)BIO_flush((BIO *)arg);
+ BIO_write(cb->arg,&c,1);
+ (void)BIO_flush(cb->arg);
#ifdef LINT
p=n;
#endif
+ return 1;
}
#endif
diff --git a/apps/genrsa.c b/apps/genrsa.c
index 0ce2394..85da98d 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -81,12 +81,13 @@
#undef PROG
#define PROG genrsa_main
-static void MS_CALLBACK genrsa_cb(int p, int n, void *arg);
+static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb);
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
+ BN_GENCB cb;
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
@@ -105,6 +106,7 @@
BIO *out=NULL;
apps_startup();
+ BN_GENCB_set(&cb, genrsa_cb, bio_err);
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
@@ -239,7 +241,9 @@
BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
num);
- rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err);
+
+ if(((rsa = RSA_new()) == NULL) || !RSA_generate_key_ex(rsa, num, f4, &cb))
+ goto err;
app_RAND_write_file(NULL, bio_err);
@@ -277,7 +281,7 @@
OPENSSL_EXIT(ret);
}
-static void MS_CALLBACK genrsa_cb(int p, int n, void *arg)
+static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb)
{
char c='*';
@@ -285,11 +289,12 @@
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write((BIO *)arg,&c,1);
- (void)BIO_flush((BIO *)arg);
+ BIO_write(cb->arg,&c,1);
+ (void)BIO_flush(cb->arg);
#ifdef LINT
p=n;
#endif
+ return 1;
}
#else /* !OPENSSL_NO_RSA */
diff --git a/apps/req.c b/apps/req.c
index 80b623c..2907626 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -135,7 +135,7 @@
static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
int nid,int n_min,int n_max, unsigned long chtype, int mval);
#ifndef OPENSSL_NO_RSA
-static void MS_CALLBACK req_cb(int p,int n,void *arg);
+static int MS_CALLBACK req_cb(int p, int n, BN_GENCB *cb);
#endif
static int req_check_len(int len,int n_min,int n_max);
static int check_end(char *str, char *end);
@@ -712,6 +712,8 @@
if (newreq && (pkey == NULL))
{
+ BN_GENCB cb;
+ BN_GENCB_set(&cb, req_cb, bio_err);
char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
if (randfile == NULL)
ERR_clear_error();
@@ -740,10 +742,13 @@
#ifndef OPENSSL_NO_RSA
if (pkey_type == TYPE_RSA)
{
- if (!EVP_PKEY_assign_RSA(pkey,
- RSA_generate_key(newkey,0x10001,
- req_cb,bio_err)))
+ RSA *rsa = RSA_new();
+ if(!rsa || !RSA_generate_key_ex(rsa, newkey, 0x10001, &cb) ||
+ !EVP_PKEY_assign_RSA(pkey, rsa))
+ {
+ if(rsa) RSA_free(rsa);
goto end;
+ }
}
else
#endif
@@ -1610,7 +1615,7 @@
}
#ifndef OPENSSL_NO_RSA
-static void MS_CALLBACK req_cb(int p, int n, void *arg)
+static int MS_CALLBACK req_cb(int p, int n, BN_GENCB *cb)
{
char c='*';
@@ -1618,11 +1623,12 @@
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write((BIO *)arg,&c,1);
- (void)BIO_flush((BIO *)arg);
+ BIO_write(cb->arg,&c,1);
+ (void)BIO_flush(cb->arg);
#ifdef LINT
p=n;
#endif
+ return 1;
}
#endif
diff --git a/apps/s_server.c b/apps/s_server.c
index dd58591..9b8fe57 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1785,7 +1785,12 @@
BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
(void)BIO_flush(bio_err);
}
- rsa_tmp=RSA_generate_key(keylength,RSA_F4,NULL,NULL);
+ if(((rsa_tmp = RSA_new()) == NULL) || !RSA_generate_key_ex(
+ rsa_tmp, keylength,RSA_F4,NULL))
+ {
+ if(rsa_tmp) RSA_free(rsa_tmp);
+ rsa_tmp = NULL;
+ }
if (!s_quiet)
{
BIO_printf(bio_err,"\n");
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
index fe057dc..0d37dcf 100644
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -1502,7 +1502,7 @@
return ret;
}
-static void genprime_cb(int p, int n, void *arg)
+static int genprime_cb(int p, int n, BN_GENCB *arg)
{
char c='*';
@@ -1512,12 +1512,12 @@
if (p == 3) c='\n';
putc(c, stderr);
fflush(stderr);
- (void)n;
- (void)arg;
+ return 1;
}
int test_kron(BIO *bp, BN_CTX *ctx)
{
+ BN_GENCB cb;
BIGNUM *a,*b,*r,*t;
int i;
int legendre, kronecker;
@@ -1528,6 +1528,8 @@
r = BN_new();
t = BN_new();
if (a == NULL || b == NULL || r == NULL || t == NULL) goto err;
+
+ BN_GENCB_set(&cb, genprime_cb, NULL);
/* We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol).
* In this case we know that if b is prime, then BN_kronecker(a, b, ctx)
@@ -1538,7 +1540,7 @@
* don't want to test whether b is prime but whether BN_kronecker
* works.) */
- if (!BN_generate_prime(b, 512, 0, NULL, NULL, genprime_cb, NULL)) goto err;
+ if (!BN_generate_prime_ex(b, 512, 0, NULL, NULL, &cb)) goto err;
b->neg = rand_neg();
putc('\n', stderr);
@@ -1606,6 +1608,7 @@
int test_sqrt(BIO *bp, BN_CTX *ctx)
{
+ BN_GENCB cb;
BIGNUM *a,*p,*r;
int i, j;
int ret = 0;
@@ -1614,7 +1617,9 @@
p = BN_new();
r = BN_new();
if (a == NULL || p == NULL || r == NULL) goto err;
-
+
+ BN_GENCB_set(&cb, genprime_cb, NULL);
+
for (i = 0; i < 16; i++)
{
if (i < 8)
@@ -1628,7 +1633,7 @@
if (!BN_set_word(a, 32)) goto err;
if (!BN_set_word(r, 2*i + 1)) goto err;
- if (!BN_generate_prime(p, 256, 0, a, r, genprime_cb, NULL)) goto err;
+ if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb)) goto err;
putc('\n', stderr);
}
p->neg = rand_neg();
diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c
index dc25283..492fbee 100644
--- a/crypto/dh/dhtest.c
+++ b/crypto/dh/dhtest.c
@@ -89,12 +89,13 @@
#define MS_CALLBACK
#endif
-static void MS_CALLBACK cb(int p, int n, void *arg);
+static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg);
static const char rnd_seed[] = "string to make the random number generator think it has entropy";
int main(int argc, char *argv[])
{
+ BN_GENCB _cb;
DH *a;
DH *b=NULL;
char buf[12];
@@ -116,8 +117,10 @@
if (out == NULL) EXIT(1);
BIO_set_fp(out,stdout,BIO_NOCLOSE);
- a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out);
- if (a == NULL) goto err;
+ BN_GENCB_set(&_cb, &cb, out);
+ if(((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64,
+ DH_GENERATOR_5, &_cb))
+ goto err;
if (!DH_check(a, &i)) goto err;
if (i & DH_CHECK_P_NOT_PRIME)
@@ -201,7 +204,7 @@
return(ret);
}
-static void MS_CALLBACK cb(int p, int n, void *arg)
+static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg)
{
char c='*';
@@ -209,10 +212,11 @@
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write((BIO *)arg,&c,1);
- (void)BIO_flush((BIO *)arg);
+ BIO_write(arg->arg,&c,1);
+ (void)BIO_flush(arg->arg);
#ifdef LINT
p=n;
#endif
+ return 1;
}
#endif
diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c
index 49c630b..1dbda68 100644
--- a/crypto/dsa/dsatest.c
+++ b/crypto/dsa/dsatest.c
@@ -90,7 +90,7 @@
#define MS_CALLBACK
#endif
-static void MS_CALLBACK dsa_cb(int p, int n, void *arg);
+static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg);
/* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to
* FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */
@@ -135,6 +135,7 @@
int main(int argc, char **argv)
{
+ BN_GENCB cb;
DSA *dsa=NULL;
int counter,ret=0,i,j;
unsigned char buf[256];
@@ -154,7 +155,10 @@
BIO_printf(bio_err,"test generation of DSA parameters\n");
- dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err);
+ BN_GENCB_set(&cb, dsa_cb, bio_err);
+ if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
+ seed, 20, &counter, &h, &cb))
+ goto end;
BIO_printf(bio_err,"seed\n");
for (i=0; i<20; i+=4)
@@ -221,13 +225,7 @@
return(0);
}
-static int cb_exit(int ec)
- {
- EXIT(ec);
- return(0); /* To keep some compilers quiet */
- }
-
-static void MS_CALLBACK dsa_cb(int p, int n, void *arg)
+static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg)
{
char c='*';
static int ok=0,num=0;
@@ -236,13 +234,14 @@
if (p == 1) c='+';
if (p == 2) { c='*'; ok++; }
if (p == 3) c='\n';
- BIO_write(arg,&c,1);
- (void)BIO_flush(arg);
+ BIO_write(arg->arg,&c,1);
+ (void)BIO_flush(arg->arg);
if (!ok && (p == 0) && (num > 1))
{
BIO_printf((BIO *)arg,"error in dsatest\n");
- cb_exit(1);
+ return 0;
}
+ return 1;
}
#endif
