From c38edb59f2f7d6a291812ae46903b4b66cb19d1f Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 12 Mar 2026 12:36:58 +0100
Subject: [PATCH] examples: Avoid using deprecated ssh_pki_generate

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
---
 examples/keygen.c  |  2 +-
 examples/keygen2.c | 38 +++++++++++++++++++++++++-------------
 2 files changed, 26 insertions(+), 14 deletions(-)

diff --git a/examples/keygen.c b/examples/keygen.c
index 99f8c98c..b8c049d2 100644
--- a/examples/keygen.c
+++ b/examples/keygen.c
@@ -24,7 +24,7 @@ int main(void)
     int rv;
 
     /* Generate a new ED25519 private key file */
-    rv = ssh_pki_generate(SSH_KEYTYPE_ED25519, 0, &key);
+    rv = ssh_pki_generate_key(SSH_KEYTYPE_ED25519, NULL, &key);
     if (rv != SSH_OK) {
         fprintf(stderr, "Failed to generate private key");
         return -1;
diff --git a/examples/keygen2.c b/examples/keygen2.c
index 904046d7..b45a61f9 100644
--- a/examples/keygen2.c
+++ b/examples/keygen2.c
@@ -35,7 +35,7 @@
 
 struct arguments_st {
     enum ssh_keytypes_e type;
-    unsigned long bits;
+    int bits;
     char *file;
     char *passphrase;
     char *format;
@@ -321,6 +321,7 @@ list_fingerprint(char *file)
 
 int main(int argc, char *argv[])
 {
+    ssh_pki_ctx ctx = NULL;
     ssh_key key = NULL;
     int ret = EXIT_FAILURE, rc, fd;
     char overwrite[1024] = "";
@@ -394,10 +395,27 @@ int main(int argc, char *argv[])
         close(fd);
     }
 
+    /* Create a new PKI Context if needed -- for other types using NULL is ok */
+    if (arguments.type == SSH_KEYTYPE_RSA && arguments.bits != 0) {
+        ctx = ssh_pki_ctx_new();
+        if (ctx == NULL) {
+            fprintf(stderr, "Error: Failed to allocate PKI context\n");
+            goto end;
+        }
+
+        rc = ssh_pki_ctx_options_set(ctx,
+                                     SSH_PKI_OPTION_RSA_KEY_SIZE,
+                                     &arguments.bits);
+        if (rc != SSH_OK) {
+            fprintf(stderr, "Error: Failed to set RSA bit size\n");
+            goto end;
+        }
+    }
+
     /* Generate a new private key */
-    rc = ssh_pki_generate(arguments.type, arguments.bits, &key);
+    rc = ssh_pki_generate_key(arguments.type, ctx, &key);
     if (rc != SSH_OK) {
-        fprintf(stderr, "Error: Failed to generate keys");
+        fprintf(stderr, "Error: Failed to generate keys\n");
         goto end;
     }
 
@@ -503,13 +521,9 @@ int main(int argc, char *argv[])
     ret = EXIT_SUCCESS;
 
 end:
-    if (key != NULL) {
-        ssh_key_free(key);
-    }
-
-    if (arguments.file != NULL) {
-        free(arguments.file);
-    }
+    ssh_pki_ctx_free(ctx);
+    ssh_key_free(key);
+    free(arguments.file);
 
     if (arguments.passphrase != NULL) {
 #ifdef HAVE_EXPLICIT_BZERO
@@ -520,8 +534,6 @@ end:
         free(arguments.passphrase);
     }
 
-    if (pubkey_file != NULL) {
-        free(pubkey_file);
-    }
+    free(pubkey_file);
     return ret;
 }