Fix 'no-deprecated'

Some of the handling of no-deprecated stuff wasn't quite complete, or
even plain wrong.

This restores i2d_PublicKey() to be able to handle EVP_PKEYs with
legacy internal keys.

This also refactors the DSA key tests in test/evp_extra_test.c to use
EVP functionality entirely.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13706)

1 files changed, 7 insertions, 8 deletions

diff --git a/crypto/asn1/i2d_evp.c b/crypto/asn1/i2d_evp.c
index da1d136184..3df49a1701 100644
--- a/crypto/asn1/i2d_evp.c
+++ b/crypto/asn1/i2d_evp.c
@@ -7,8 +7,11 @@
  * https://www.openssl.org/source/license.html
  */
 
-/* We need to use some deprecated APIs to support the legacy bits */
-#define OPENSSL_SUPPRESS_DEPRECATED
+/*
+ * Low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
 
 #include <stdio.h>
 #include "internal/cryptlib.h"
@@ -16,9 +19,7 @@
 #include <openssl/encoder.h>
 #include <openssl/buffer.h>
 #include <openssl/x509.h>
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-# include <openssl/rsa.h>        /* For i2d_RSAPublicKey */
-#endif
+#include <openssl/rsa.h>         /* For i2d_RSAPublicKey */
 #include <openssl/dsa.h>         /* For i2d_DSAPublicKey */
 #include <openssl/ec.h>          /* For i2o_ECPublicKey */
 #include "crypto/asn1.h"
@@ -106,11 +107,9 @@ int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp)
         return i2d_provided(a, EVP_PKEY_PUBLIC_KEY, output_structures, pp);
     }
     switch (EVP_PKEY_id(a)) {
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-# ifndef OPENSSL_NO_RSA
+#ifndef OPENSSL_NO_RSA
     case EVP_PKEY_RSA:
         return i2d_RSAPublicKey(EVP_PKEY_get0_RSA(a), pp);
-# endif
 #endif
 #ifndef OPENSSL_NO_DSA
     case EVP_PKEY_DSA: