robustness: `_get_key_parameters()` silently swallows `EVP_PKEY_get_bn_param()` errors on OpenSSL 3.x

[Koan-Bot]

Problem

The eight EVP_PKEY_get_bn_param() calls (lines 877–884) on the OpenSSL 3.x path have their return values discarded. The function returns 0 on error and leaves the BIGNUM* pointer NULL. cor_bn2sv(NULL) then returns &PL_sv_undef, making a corrupted or truncated key look identical to a public key (missing private parameters). A caller using get_key_parameters() to reconstruct a key from its components would receive silent undefs.

Why This Matters

Error conditions are invisible to callers; get_key_parameters on a broken key silently returns undef for some components rather than croaking, making key round-trip bugs very hard to diagnose.

Suggested Fix

Check the return value of EVP_PKEY_get_bn_param() for the mandatory public components n and e — if those fail, croak. For optional private components (d, p, q, …) a NULL result is legitimate for a public key, so only croak if the function returns an error code while the key is marked private.

Details

Severity	🟡 Medium
Category	robustness
Location	RSA.xs:876-884
Effort	⚡ Quick fix

---

🤖 Created by Kōan from audit session

[atoomic]

@Koan-Bot fix