Porting asterisk to Openssl-3.0

Philip Prindeville philipp_subx at redfish-solutions.com
Fri Mar 25 04:19:13 UTC 2022


Hi,

I'm incrementally trying to port asterisk to Openssl 3.0.

First thing I'm trying to do is wean the code off of the RSA_* functions, and use generic EVP_PKEY_* functions instead.

Most of it is fairly straightforward (it seems), but I've been looking for examples of reading PEM public and private keys into EVP_PKEY's.

Currently asterisk uses 1.1.0 or later, so I'm trying to figure make the code build first under 1.1.0 dropping the functions that get deprecated in 3.0, and then rewriting (in a separate PR) whatever the delta is between 1.1.0 and 3.0.

In 3.0, I can find examples of reading PEM into a public RSA key such as:

https://www.openssl.org/docs/manmaster/man3/OSSL_DECODER_from_bio.html

Though I didn't understand why selection is OSSL_KEYMGMT_SELECT_KEYPAIR and not OSSL_KEYMGMT_SELECT_PUBLIC or _PRIVATE.

What is the way to read a PEM file (as a FILE * or BIO *) into a EVP_PKEY canonically in 1.1.0?

I can't find an example in the docs.

Thanks,

-Philip



More information about the openssl-users mailing list