Cut down on usage of deprecated APIs in //crypto.

crypto/signature_verifier_openssl.cc

Index: crypto/signature_verifier_openssl.cc
diff --git a/crypto/signature_verifier_openssl.cc b/crypto/signature_verifier_openssl.cc
index a756149bdc4aa3281a3d7f7fb7b76ef09df6a477..2e64a58e94b8096e56bc207bd9f39c7d6751faa7 100644
--- a/crypto/signature_verifier_openssl.cc
+++ b/crypto/signature_verifier_openssl.cc
@@ -4,6 +4,7 @@
 
 #include "crypto/signature_verifier.h"
 
+#include <openssl/bytestring.h>
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <stdint.h>
@@ -139,9 +140,10 @@ bool SignatureVerifier::CommonInit(const EVP_MD* digest,
 
   signature_.assign(signature, signature + signature_len);
 
-  const uint8_t* ptr = public_key_info;
-  ScopedEVP_PKEY public_key(d2i_PUBKEY(nullptr, &ptr, public_key_info_len));
-  if (!public_key.get() || ptr != public_key_info + public_key_info_len)
+  CBS cbs;
+  CBS_init(&cbs, public_key_info, public_key_info_len);
+  ScopedEVP_PKEY public_key(EVP_parse_public_key(&cbs));
+  if (!public_key || CBS_len(&cbs) != 0)
     return false;
 
   verify_context_->ctx.reset(EVP_MD_CTX_create());