From eb6d9f7654ad683266b1b120f59afcd3403c19b3 Mon Sep 17 00:00:00 2001 From: tb Date: Wed, 7 Feb 2024 17:22:01 +0000 Subject: [PATCH] libkeynote: use DSA_generate_parameters_ex() DSA_generate_parameters() was deprecated in 2002. Its removal was blocked because someone added "enhanced DSA support" to rust-openssl. Fortunately this was fixed recently by the pyca people. So we can remove it now. Of course, DSA_generate_parameters_ex() wasn't an improvement. While it no longer uses the old callback version, it also needs a DSA object passed in thus making it more annoying for callers. ok jsing --- lib/libkeynote/keynote-keygen.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/lib/libkeynote/keynote-keygen.c b/lib/libkeynote/keynote-keygen.c index 9b1d840303a..edf013e713f 100644 --- a/lib/libkeynote/keynote-keygen.c +++ b/lib/libkeynote/keynote-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: keynote-keygen.c,v 1.22 2015/11/19 02:35:24 mmcc Exp $ */ +/* $OpenBSD: keynote-keygen.c,v 1.23 2024/02/07 17:22:01 tb Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu) * @@ -176,8 +176,7 @@ keynote_keygen(int argc, char *argv[]) { RAND_bytes(seed, SEED_LEN); - dsa = DSA_generate_parameters(len, seed, SEED_LEN, - &counter, &h, NULL, NULL); + dsa = DSA_new(); if (dsa == NULL) { @@ -185,6 +184,13 @@ keynote_keygen(int argc, char *argv[]) exit(1); } + if (DSA_generate_parameters_ex(dsa, len, seed, SEED_LEN, + &counter, &h, NULL) != 1) + { + ERR_print_errors_fp(stderr); + exit(1); + } + if (DSA_generate_key(dsa) != 1) { ERR_print_errors_fp(stderr); -- 2.20.1