EVP_PKEY *priv)
{
unsigned char *key = NULL;
- int i, size = 0, ret = 0;
+ size_t keylen = 0;
+ int ret = 0;
+ EVP_PKEY_CTX *pctx = NULL;
if (type) {
EVP_CIPHER_CTX_reset(ctx);
if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL))
- return 0;
+ goto err;
}
if (priv == NULL)
return 1;
- if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) {
- EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA);
+ if ((pctx = EVP_PKEY_CTX_new(priv, NULL)) == NULL) {
+ ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
goto err;
}
- size = EVP_PKEY_size(priv);
- key = OPENSSL_malloc(size);
- if (key == NULL) {
- /* ERROR */
- EVPerr(EVP_F_EVP_OPENINIT, ERR_R_MALLOC_FAILURE);
+ if (EVP_PKEY_decrypt_init(pctx) <= 0
+ || EVP_PKEY_decrypt(pctx, NULL, &keylen, ek, ekl) <= 0)
goto err;
- }
- i = EVP_PKEY_decrypt_old(key, ek, ekl, priv);
- if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) {
- /* ERROR */
+ if ((key = OPENSSL_malloc(keylen)) == NULL) {
+ ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
+
+ if (EVP_PKEY_decrypt(pctx, key, &keylen, ek, ekl) <= 0)
+ goto err;
+
+ if (!EVP_CIPHER_CTX_set_key_length(ctx, keylen)
+ || !EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
goto err;
ret = 1;
err:
- OPENSSL_clear_free(key, size);
+ EVP_PKEY_CTX_free(pctx);
+ OPENSSL_clear_free(key, keylen);
return ret;
}