Don't use deprecated *_generate_key functions, update.

8 files changed, 105 insertions, 67 deletions

diff --git a/M2Crypto/DH.py b/M2Crypto/DH.py
index 3864087..c94f13b 100644
--- a/M2Crypto/DH.py
+++ b/M2Crypto/DH.py
@@ -85,7 +85,9 @@ class DH:
 
 def gen_params(plen, g, callback=genparam_callback):
     # type: (int, int, Optional[Callable]) -> DH
-    return DH(m2.dh_generate_parameters(plen, g, callback), 1)
+    dh_parms = m2.dh_generate_parameters(plen, g, callback)
+    dh_obj = DH(dh_parms, 1)
+    return dh_obj
 
 
 def load_params(file):
diff --git a/SWIG/_dh.i b/SWIG/_dh.i
index 88a42e6..6fdd8d5 100644
--- a/SWIG/_dh.i
+++ b/SWIG/_dh.i
@@ -54,30 +54,35 @@ DH *dh_read_parameters(BIO *bio) {
     return PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
 }
 
-void gendh_callback(int p, int n, void *arg) {
-    PyObject *argv, *ret, *cbfunc;
- 
-    cbfunc = (PyObject *)arg;
-    argv = Py_BuildValue("(ii)", p, n);
-    ret = PyEval_CallObject(cbfunc, argv);
-    PyErr_Clear();
-    Py_DECREF(argv);
-    Py_XDECREF(ret);
-}
-
 DH *dh_generate_parameters(int plen, int g, PyObject *pyfunc) {
     DH *dh;
+    BN_GENCB *gencb;
+    int ret;
+
+    if ((gencb=BN_GENCB_new()) == NULL) {
+        PyErr_SetString(_dh_err, ERR_reason_error_string(ERR_get_error()));
+        return NULL;
+    }
+
+    if ((dh=DH_new()) == NULL) {
+        PyErr_SetString(_dh_err, ERR_reason_error_string(ERR_get_error()));
+        BN_GENCB_free(gencb);
+        return NULL;
+    }
+
+    BN_GENCB_set(gencb, bn_gencb_callback, (void *)pyfunc);
 
-#if OPENSSL_VERSION_NUMBER >= 0x11100000L
-    PyErr_WarnEx(PyExc_DeprecationWarning,
-                 "Function DH_generate_parameters has been deprecated.", 1))
-#endif
     Py_INCREF(pyfunc);
-    dh = DH_generate_parameters(plen, g, gendh_callback, (void *)pyfunc);
+    ret = DH_generate_parameters_ex(dh, plen, g, gencb);
     Py_DECREF(pyfunc);
-    if (!dh) 
-        PyErr_SetString(_dh_err, ERR_reason_error_string(ERR_get_error()));
-    return dh;
+    BN_GENCB_free(gencb);
+
+    if (ret)
+        return dh;
+
+    PyErr_SetString(_dh_err, ERR_reason_error_string(ERR_get_error()));
+    DH_free(dh);
+    return NULL;
 }
 
 /* Note return value shenanigan. */
@@ -123,7 +128,7 @@ PyObject *dh_compute_key(DH *dh, PyObject *pubkey) {
     PyMem_Free(key);
     return ret;
 }
-        
+
 PyObject *dh_get_p(DH *dh) {
     const BIGNUM* p = NULL;
     DH_get0_pqg(dh, &p, NULL, NULL);
diff --git a/SWIG/_dsa.i b/SWIG/_dsa.i
index d6ed51d..0438089 100644
--- a/SWIG/_dsa.i
+++ b/SWIG/_dsa.i
@@ -40,30 +40,36 @@ void dsa_init(PyObject *dsa_err) {
     _dsa_err = dsa_err;
 }
 
-void genparam_callback(int p, int n, void *arg) {
-    PyObject *argv, *ret, *cbfunc;
-
-    cbfunc = (PyObject *)arg;
-    argv = Py_BuildValue("(ii)", p, n);
-    ret = PyEval_CallObject(cbfunc, argv);
-    PyErr_Clear();
-    Py_DECREF(argv);
-    Py_XDECREF(ret);
-}
-
 DSA *dsa_generate_parameters(int bits, PyObject *pyfunc) {
     DSA *dsa;
+    BN_GENCB *gencb;
+    int ret;
+
+    if ((gencb=BN_GENCB_new()) == NULL) {
+        PyErr_SetString(_dh_err, ERR_reason_error_string(ERR_get_error()));
+        return NULL;
+    }
+
+    if ((dsa = DSA_new()) == NULL) {
+        PyErr_SetString(_dsa_err, ERR_reason_error_string(ERR_get_error()));
+        BN_GENCB_free(gencb);
+        return NULL;
+    }
+
+    BN_GENCB_set(gencb, bn_gencb_callback, (void *) pyfunc);
 
-#if OPENSSL_VERSION_NUMBER >= 0x11100000L
-    PyErr_WarnEx(PyExc_DeprecationWarning,
-                 "Function DSA_generate_parameters has been deprecated.", 1))
-#endif
     Py_INCREF(pyfunc);
-    dsa = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, genparam_callback, (void *)pyfunc);
+    ret = DSA_generate_parameters_ex(dsa, bits, NULL, 0, NULL, NULL,
+                                     gencb);
     Py_DECREF(pyfunc);
-    if (!dsa)
-        PyErr_SetString(_dsa_err, ERR_reason_error_string(ERR_get_error()));
-    return dsa;
+    BN_GENCB_free(gencb);
+
+    if (ret)
+        return dsa;
+
+    PyErr_SetString(_dsa_err, ERR_reason_error_string(ERR_get_error()));
+    DSA_free(dsa);
+    return NULL;
 }
 
 PyObject *dsa_get_p(DSA *dsa) {
diff --git a/SWIG/_lib.h b/SWIG/_lib.h
index 5c36c0c..e8a8645 100644
--- a/SWIG/_lib.h
+++ b/SWIG/_lib.h
@@ -1,6 +1,8 @@
 /* Copyright (c) 1999 Ng Pheng Siong. All rights reserved. */
 /* $Id$ */
 
+#include <openssl/bn.h>
+
 typedef struct _blob {
 	unsigned char *data;
 	int len;
@@ -20,7 +22,7 @@ static BIGNUM* m2_PyObject_AsBIGNUM(PyObject* value, PyObject* _py_exc) ;
 static int m2_PyObject_GetBufferInt(PyObject *obj, Py_buffer *view, int flags);
 static void m2_PyBuffer_Release(PyObject *obj, Py_buffer *view);
 
-void gen_callback(int p, int n, void *arg);
+int bn_gencb_callback(int p, int n, BN_GENCB *gencb);
 int passphrase_callback(char *buf, int num, int v, void *userdata);
 
 void lib_init(void);
diff --git a/SWIG/_lib.i b/SWIG/_lib.i
index 80496d3..4365c4e 100644
--- a/SWIG/_lib.i
+++ b/SWIG/_lib.i
@@ -2,6 +2,7 @@
 /* $Id$ */
 
 %{
+#include <openssl/bn.h>
 #include <openssl/dh.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
@@ -424,17 +425,18 @@ RSA *ssl_set_tmp_rsa_callback(SSL *ssl, int is_export, int keylength) {
     return rsa;
 }
 
-void gen_callback(int p, int n, void *arg) {
+/* Universal callback for dh_generate_parameters,
+ * dsa_generate_parametersm, and rsa_generate_key */
+int bn_gencb_callback(int p, int n, BN_GENCB *gencb) {
     PyObject *argv, *ret, *cbfunc;
 
-    PyGILState_STATE gilstate;
-    gilstate = PyGILState_Ensure();
-    cbfunc = (PyObject *)arg;
+    cbfunc = (PyObject *)BN_GENCB_get_arg(gencb);
     argv = Py_BuildValue("(ii)", p, n);
     ret = PyEval_CallObject(cbfunc, argv);
+    PyErr_Clear();
     Py_DECREF(argv);
     Py_XDECREF(ret);
-    PyGILState_Release(gilstate);
+    return 1;
 }
 
 int passphrase_callback(char *buf, int num, int v, void *arg) {
diff --git a/SWIG/_lib11_compat.i b/SWIG/_lib11_compat.i
index ad9e700..1ec42dd 100644
--- a/SWIG/_lib11_compat.i
+++ b/SWIG/_lib11_compat.i
@@ -30,6 +30,8 @@ static void *CRYPTO_zalloc(size_t num, const char *file, int line)
 # define BN_F_BN_GENCB_NEW       143
 #endif
 
+# define BN_GENCB_get_arg(gencb) ((gencb)->arg)
+
 BN_GENCB *BN_GENCB_new(void)
 {
     BN_GENCB *ret;
diff --git a/SWIG/_rsa.i b/SWIG/_rsa.i
index cfea61c..c8a37cf 100644
--- a/SWIG/_rsa.i
+++ b/SWIG/_rsa.i
@@ -427,33 +427,51 @@ int rsa_verify(RSA *rsa, PyObject *py_verify_string, PyObject* py_sign_string, i
     return ret;
 }
 
-void genrsa_callback(int p, int n, void *arg) {
-    PyObject *argv, *ret, *cbfunc;
-
-    cbfunc = (PyObject *)arg;
-    argv = Py_BuildValue("(ii)", p, n);
-    ret = PyEval_CallObject(cbfunc, argv);
-    PyErr_Clear();
-    Py_DECREF(argv);
-    Py_XDECREF(ret);
-}
-
 PyObject *rsa_generate_key(int bits, unsigned long e, PyObject *pyfunc) {
     RSA *rsa;
     PyObject *self = NULL; /* bug in SWIG_NewPointerObj as of 3.0.5 */
+    BN_GENCB *gencb;
+    BIGNUM *e_big;
+    int ret;
 
-    Py_INCREF(pyfunc);
-#if OPENSSL_VERSION_NUMBER >= 0x11100000L
-    PyErr_WarnEx(PyExc_DeprecationWarning,
-                 "Function RSA_generate_key has been deprecated.", 1))
-#endif
-    rsa = RSA_generate_key(bits, e, genrsa_callback, (void *)pyfunc);
-    Py_DECREF(pyfunc);
-    if (!rsa) {
+    if ((e_big=BN_new()) == NULL) {
         PyErr_SetString(_rsa_err, ERR_reason_error_string(ERR_get_error()));
-	return NULL;
+        return NULL;
     }
-    return SWIG_NewPointerObj((void *)rsa, SWIGTYPE_p_RSA, 0);
+
+    if (BN_set_word(e_big, e) == 0) {
+        PyErr_SetString(_rsa_err, ERR_reason_error_string(ERR_get_error()));
+        BN_free(e_big);
+        return NULL;
+    }
+
+    if ((gencb=BN_GENCB_new()) == NULL) {
+        PyErr_SetString(_rsa_err, ERR_reason_error_string(ERR_get_error()));
+        BN_free(e_big);
+        return NULL;
+    }
+
+    if ((rsa = RSA_new()) == NULL) {
+        PyErr_SetString(_rsa_err, ERR_reason_error_string(ERR_get_error()));
+        BN_free(e_big);
+        BN_GENCB_free(gencb);
+        return NULL;
+    }
+
+    BN_GENCB_set(gencb, bn_gencb_callback, (void *) pyfunc);
+
+    Py_INCREF(pyfunc);
+    ret = RSA_generate_key_ex(rsa, bits, e_big, gencb);
+    BN_free(e_big);
+    BN_GENCB_free(gencb);
+    Py_DECREF(pyfunc);
+
+    if (ret)
+        return SWIG_NewPointerObj((void *)rsa, SWIGTYPE_p_RSA, 0);
+
+    PyErr_SetString(_rsa_err, ERR_reason_error_string(ERR_get_error()));
+    RSA_free(rsa);
+    return NULL;
 }
 
 int rsa_type_check(RSA *rsa) {
diff --git a/tests/test_dh.py b/tests/test_dh.py
index d5920da..20b763a 100644
--- a/tests/test_dh.py
+++ b/tests/test_dh.py
@@ -11,6 +11,7 @@ except ImportError:
 
 from M2Crypto import DH, BIO, Rand
 
+
 class DHTestCase(unittest.TestCase):
 
     params = 'tests/dhparam.pem'