libkeynote: use DSA_generate_parameters_ex()

DSA_generate_parameters() was deprecated in 2002. Its removal was blocked
because someone added "enhanced DSA support" to rust-openssl. Fortunately
this was fixed recently by the pyca people. So we can remove it now.

Of course, DSA_generate_parameters_ex() wasn't an improvement. While it no
longer uses the old callback version, it also needs a DSA object passed in
thus making it more annoying for callers.

ok jsing

diff --git a/lib/libkeynote/keynote-keygen.c b/lib/libkeynote/keynote-keygen.c
index 9b1d840..edf013e 100644 (file)
--- a/lib/libkeynote/keynote-keygen.c
+++ b/lib/libkeynote/keynote-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: keynote-keygen.c,v 1.22 2015/11/19 02:35:24 mmcc Exp $ */
+/* $OpenBSD: keynote-keygen.c,v 1.23 2024/02/07 17:22:01 tb Exp $ */
 /*
  * The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
  *
@@ -176,8 +176,7 @@ keynote_keygen(int argc, char *argv[])
     {
         RAND_bytes(seed, SEED_LEN);
 
-       dsa = DSA_generate_parameters(len, seed, SEED_LEN,
-           &counter, &h, NULL, NULL);
+       dsa = DSA_new();
 
        if (dsa == NULL)
        {
@@ -185,6 +184,13 @@ keynote_keygen(int argc, char *argv[])
            exit(1);
        }
 
+       if (DSA_generate_parameters_ex(dsa, len, seed, SEED_LEN,
+           &counter, &h, NULL) != 1)
+       {
+           ERR_print_errors_fp(stderr);
+           exit(1);
+       }
+
        if (DSA_generate_key(dsa) != 1)
        {
            ERR_print_errors_fp(stderr);