From 9ca735ab8f71a6b64f31867e55d43f3f5a51bfec Mon Sep 17 00:00:00 2001
From: Petr Gotthard <petr.gotthard@centrum.cz>
Date: Sun, 18 Jul 2021 11:54:50 +0200
Subject: FAPI Test: Change RSA_sign to EVP_PKEY_sign
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The EVP_PKEY_sign functions are available since OpenSSL 1.0.0.
The RSA_sign function is deprecated in OpenSSL 3.0.0.

This PR should work with OpenSSL 1.0.0 through 3.0.0.

Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz>
---
 test/integration/fapi-ext-public-key.int.c | 38 +++++++++++-----------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/test/integration/fapi-ext-public-key.int.c b/test/integration/fapi-ext-public-key.int.c
index 363c58b7..971d7897 100644
--- a/test/integration/fapi-ext-public-key.int.c
+++ b/test/integration/fapi-ext-public-key.int.c
@@ -49,7 +49,7 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)
     BIO *bufio = NULL;
 
     EVP_PKEY *evp_key = NULL;
-    RSA *rsa_key = NULL;
+    EVP_PKEY_CTX *ctx = NULL;
 
     /* Key will be used for non TPM signature verfication. */
     char *pubkey_pem =
@@ -186,10 +186,8 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)
 
     bufio = BIO_new_mem_buf((void *)priv_pem, strlen(priv_pem));
     evp_key = PEM_read_bio_PrivateKey(bufio, NULL, NULL, NULL);
-    rsa_key  = EVP_PKEY_get1_RSA(evp_key);
 
-
-    if (!bufio || !evp_key || !rsa_key) {
+    if (!bufio || !evp_key) {
         LOG_ERROR("Generation of test key failed.");
         goto error;
     }
@@ -199,10 +197,20 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)
         0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, 0x9c, 0xd0, 0xd8, 0x9d
     };
     uint8_t signature[256];
-    unsigned int  signatureLength = 256;
+    size_t  signatureLength = 256;
 
-    if (!RSA_sign(NID_sha1, digest, 20, signature, &signatureLength, rsa_key)) {
-        LOG_ERROR("Test RSA_sign failed.");
+    if ((ctx = EVP_PKEY_CTX_new(evp_key, NULL)) == NULL) {
+        LOG_ERROR("Test EVP_PKEY_CTX_new failed.");
+        goto error;
+    }
+    if (EVP_PKEY_sign_init(ctx) <= 0
+            || EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0
+            || EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha1()) <= 0) {
+        LOG_ERROR("Test EVP_PKEY_sign_init failed.");
+        goto error;
+    }
+    if (EVP_PKEY_sign(ctx, signature, &signatureLength, digest, 20) <= 0) {
+        LOG_ERROR("Test EVP_PKEY_sign failed.");
         goto error;
     }
 
@@ -243,12 +251,8 @@ test_fapi_ext_public_key(FAPI_CONTEXT *context)
     if (bufio) {
         BIO_free(bufio);
     }
-    if (evp_key) {
-        EVP_PKEY_free(evp_key);
-    }
-    if (rsa_key) {
-        RSA_free(rsa_key);
-    }
+    EVP_PKEY_CTX_free(ctx);
+    EVP_PKEY_free(evp_key);
     SAFE_FREE(path_list);
     SAFE_FREE(cert2);
     return EXIT_SUCCESS;
@@ -258,12 +262,8 @@ error:
     if (bufio) {
         BIO_free(bufio);
     }
-    if (evp_key) {
-        EVP_PKEY_free(evp_key);
-    }
-    if (rsa_key) {
-        RSA_free(rsa_key);
-    }
+    EVP_PKEY_CTX_free(ctx);
+    EVP_PKEY_free(evp_key);
     SAFE_FREE(path_list);
     SAFE_FREE(cert2);
     return EXIT_FAILURE;
-- 
2.26.3