Frédéric 0 Posted June 11 Hello; Not sure it's the most appropriate way to report it... I've added the RSA_verify prototype, so we can directly call it. RSA_verify : function (type1: Integer; m: pointer; m_len: longword; sigbuf: PAnsichar; siglen: longword; rsa: PRSA): Integer; cdecl = nil; Attached the modified file. It would be nice to include the modification in the SVN. Thanks ! Regards Frederic OverbyteIcsLIBEAY.pas Share this post Link to post
Angus Robertson 651 Posted June 11 RSA_verify is a deprecated low-level signing function, you should be using the EVP_VerifyFinal and related EVP functions. Not sure that we want to add deprecated functions, ICS has already been updated to stop using most of them. Angus Share this post Link to post
Frédéric 0 Posted June 11 It's for an existing application, not sure it will be easy to switch to newer functions... Thanks ! Share this post Link to post
Angus Robertson 651 Posted June 11 You should be able to use the IcsAsymVerifyDigestTB function to replace your old code, passing it the RSA key as EVP_PKEY. Angus Share this post Link to post
Frédéric 0 Posted June 12 Thanks for the tip, I will give it a try !! Frédéric Share this post Link to post
Angus Robertson 651 Posted June 12 (edited) On reflection, I will add your new prototypes to ICS. I was going to suggest you created your own import table with the RSA functions, similarly to the OpenSSL engine table that requires a define conditional to import. But ICS has a problem with the OpenSSL import tables getting larger as new functions are added, but old ones rarely disappear when they cease being used. So I'll create a new import table that will have most of the RSA_, ECDA_, DH_., EC_KEY_, EC_GROUP_ and DSA_ exports, with a new define around all those functions and the table, to ensure that none are currently being used by ICS. I already had to remove some EC_GROUP_ exports that have disappeared from some Linux distributions. Should be in SVN in a couple of days. Angus Edited June 12 by Angus Robertson 1 Share this post Link to post
Angus Robertson 651 Posted 7 hours ago Your change is now in SVN, but you'll need a new DEFINE OpenSSL_Deprecated to use it. I've moved about 130 OpenSSL deprecated 3.0 exports to a new table only loaded with the new define, and fixed two units that still used deprecated EC_x exports. Not sure if all these deprecated exports will disappear in OpenSSL 4.0 due next April, but at least ICS is now ready. Angus Share this post Link to post
![Delphi-PRAXiS [en]](https://en.delphipraxis.net/uploads/monthly_2018_12/logo.png.be76d93fcd709295cb24de51900e5888.png){kind=logo}
