From: Vsevolod Stakhov <vsevolod@rspamd.com>
Date: Mon, 23 Sep 2024 18:15:44 +0000 (+0100)
Subject: [Fix] Get rid of EVP_PKEY_CTX_set1_rsa_keygen_pubexp
X-Git-Tag: 3.10.0~8^2~6
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=f9f75097a286e69e38929a4a02172645e7f77a8f;p=rspamd.git

[Fix] Get rid of EVP_PKEY_CTX_set1_rsa_keygen_pubexp

OpenSSL uses 65537 by default, no need in explicit set.
---

diff --git a/src/lua/lua_cryptobox.c b/src/lua/lua_cryptobox.c
index 3fa7d7d4f..96a8db074 100644
--- a/src/lua/lua_cryptobox.c
+++ b/src/lua/lua_cryptobox.c
@@ -2531,31 +2531,20 @@ lua_cryptobox_gen_dkim_keypair(lua_State *L)
 	}
 
 	if (strcmp(alg_str, "rsa") == 0) {
-		BIGNUM *e;
 		EVP_PKEY *pk;
 
-		e = BN_new();
 		pk = EVP_PKEY_new();
 
-		if (BN_set_word(e, RSA_F4) != 1) {
-			BN_free(e);
-			EVP_PKEY_free(pk);
-
-			return luaL_error(L, "BN_set_word failed");
-		}
 
 		EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
 		if (EVP_PKEY_keygen_init(pctx) != 1) {
-			BN_free(e);
 			EVP_PKEY_free(pk);
 			EVP_PKEY_CTX_free(pctx);
 
 			return luaL_error(L, "EVP_PKEY_keygen_init failed");
 		}
 		EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, nbits);
-		EVP_PKEY_CTX_set1_rsa_keygen_pubexp(pctx, e);
 		if (EVP_PKEY_keygen(pctx, &pk) != 1) {
-			BN_free(e);
 			EVP_PKEY_free(pk);
 			EVP_PKEY_CTX_free(pctx);
 
@@ -2575,7 +2564,6 @@ lua_cryptobox_gen_dkim_keypair(lua_State *L)
 
 		if (rc == 0) {
 			BIO_free(mbio);
-			BN_free(e);
 			EVP_PKEY_free(pk);
 
 			return luaL_error(L, "i2d_RSAPrivateKey_bio failed");
@@ -2597,7 +2585,6 @@ lua_cryptobox_gen_dkim_keypair(lua_State *L)
 
 		if (rc == 0) {
 			BIO_free(mbio);
-			BN_free(e);
 			EVP_PKEY_free(pk);
 
 			return luaL_error(L, "i2d_RSA_PUBKEY_bio failed");
@@ -2613,7 +2600,6 @@ lua_cryptobox_gen_dkim_keypair(lua_State *L)
 		pub_out->len = b64_len;
 		pub_out->flags = RSPAMD_TEXT_FLAG_OWN;
 
-		BN_free(e);
 		EVP_PKEY_free(pk);
 		BIO_free(mbio);
 	}
diff --git a/src/lua/lua_rsa.c b/src/lua/lua_rsa.c
index b7be612b0..78534c682 100644
--- a/src/lua/lua_rsa.c
+++ b/src/lua/lua_rsa.c
@@ -791,7 +791,6 @@ lua_rsa_sign_memory(lua_State *L)
 static int
 lua_rsa_keypair(lua_State *L)
 {
-	BIGNUM *e;
 	EVP_PKEY *pkey = NULL, *pub_pkey, *priv_pkey, **ppkey;
 	int bits = lua_gettop(L) > 0 ? lua_tointeger(L, 1) : 1024;
 
@@ -799,16 +798,11 @@ lua_rsa_keypair(lua_State *L)
 		return luaL_error(L, "invalid bits count");
 	}
 
-	e = BN_new();
-
-	g_assert(BN_set_word(e, RSA_F4) == 1);
 	EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
 	g_assert(pctx != NULL);
 	g_assert(EVP_PKEY_keygen_init(pctx) == 1);
 
 	g_assert(EVP_PKEY_CTX_set_rsa_keygen_bits(pctx, bits) == 1);
-	g_assert(EVP_PKEY_CTX_set1_rsa_keygen_pubexp(pctx, e) == 1);
-
 	g_assert(EVP_PKEY_keygen(pctx, &pkey) == 1);
 	g_assert(pkey != NULL);
 
@@ -824,7 +818,6 @@ lua_rsa_keypair(lua_State *L)
 
 	EVP_PKEY_free(pkey);
 	EVP_PKEY_CTX_free(pctx);
-	BN_free(e);
 
 	return 2;
 }