How to fix RSA_key deprecation

I have a program to test the throughput of RSA, but the RSA_key is deprecated and I’m not sure how to switch the code over to the new RSA_key.

The program throws the warning:
rsa2.c:29:5: warning: ‘RSA_generate_key’ is deprecated [-Wdeprecated-declarations]
RSA *keypair = RSA_generate_key(KEY_LENGTH, PUB_EXP, NULL, NULL);

I know that I need to switch the RSA_generate_key to:

int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);

but because the new RSA_key is an int I’m not sure how to set RSA *keypair = int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);

My code is:

    #include <openssl/rsa.h>
    #include <openssl/pem.h>
    #include <openssl/err.h>
    #include <stdio.h>
    #include <string.h>
    #include <time.h>  
    #define KEY_LENGTH 768 
    #define PUB_EXP 65537
    #define PRINT_KEYS
    #define WRITE_TO_FILE
    int main(void) {
        size_t pri_len;            // Length of private key
        size_t pub_len;            // Length of public key
        char   *pri_key;           // Private key
        char   *pub_key;           // Public key
        char   msg[KEY_LENGTH/8] = "hello";  // Message to encrypt
        char   *encrypt = NULL;    // Encrypted message
        char   *decrypt = NULL;    // Decrypted message
        char   *err;               // Buffer for any error messages
        clock_t begin, end; 
        double time_spent; begin = clock();  
        // Generate key pair
        printf("Generating RSA (%d bits) keypair...", KEY_LENGTH);
        fflush(stdout);
        RSA *keypair = RSA_generate_key(KEY_LENGTH, PUB_EXP, NULL, NULL);
        // To get the C-string PEM form:
        BIO *pri = BIO_new(BIO_s_mem());
        BIO *pub = BIO_new(BIO_s_mem());
        PEM_write_bio_RSAPrivateKey(pri, keypair, NULL, NULL, 0, NULL, NULL);
        PEM_write_bio_RSAPublicKey(pub, keypair);
        pri_len = BIO_pending(pri);
        pub_len = BIO_pending(pub);
        pri_key = malloc(pri_len + 1);
        pub_key = malloc(pub_len + 1);
        BIO_read(pri, pri_key, pri_len);
        BIO_read(pub, pub_key, pub_len);
        pri_key[pri_len] = '\0';
        pub_key[pub_len] = '\0';
        #ifdef PRINT_KEYS
            printf("\n%s\n%s\n", pri_key, pub_key);
        #endif
        printf("done.\n");
        // Get the message to encrypt
       // printf("Message to encrypt: ");
       // fgets(msg, KEY_LENGTH-1, stdin);
       // msg[strlen(msg)-1] = '\0';
        // Encrypt the message
        encrypt = malloc(RSA_size(keypair));
        int encrypt_len;
        err = malloc(130);
        if((encrypt_len = RSA_public_encrypt(strlen(msg)+1, (unsigned char*)msg, (unsigned char*)encrypt,
                                             keypair, RSA_PKCS1_OAEP_PADDING)) == -1) {
            ERR_load_crypto_strings();
            ERR_error_string(ERR_get_error(), err);
            fprintf(stderr, "Error encrypting message: %s\n", err);
            goto free_stuff;
        }
        #ifdef WRITE_TO_FILE
        // Write the encrypted message to a file
            FILE *out = fopen("out.bin", "w");
            fwrite(encrypt, sizeof(*encrypt),  RSA_size(keypair), out);
            fclose(out);
            printf("Encrypted message written to file.\n");
            free(encrypt);
            encrypt = NULL;
            // Read it back
            printf("Reading back encrypted message and attempting decryption...\n");
            encrypt = malloc(RSA_size(keypair));
            out = fopen("out.bin", "r");

            fread(encrypt, sizeof(*encrypt), RSA_size(keypair), out);
            fclose(out);
        #endif
        // Decrypt it
        decrypt = malloc(encrypt_len);
        if(RSA_private_decrypt(encrypt_len, (unsigned char*)encrypt, (unsigned char*)decrypt,
                               keypair, RSA_PKCS1_OAEP_PADDING) == -1) {
            ERR_load_crypto_strings();
            ERR_error_string(ERR_get_error(), err);
            fprintf(stderr, "Error decrypting message: %s\n", err);
            goto free_stuff;
        }
        printf("Decrypted message: %s\n", decrypt);
        end = clock(); 
        time_spent = (double)(end - begin) / CLOCKS_PER_SEC; 
        printf("time spent %f\n", time_spent); 
        free_stuff:
        RSA_free(keypair);
        BIO_free_all(pub);
        BIO_free_all(pri);
        free(pri_key);
        free(pub_key);
        free(encrypt);
        free(decrypt);
        free(err);
        return 0;
    }

Hi,

I think you need to use RSA_generate_key_ex

Ref: https://www.libssh.org/archive/libssh/2014-03/0000032.html

1 Like