diff options
| author | tb <> | 2022-01-10 12:10:26 +0000 |
|---|---|---|
| committer | tb <> | 2022-01-10 12:10:26 +0000 |
| commit | 875eb616f98cd0720501dc97ee72ed96343b0b33 (patch) | |
| tree | ba8a46237cda314ddd3da47248b453e7613bb73a /src/lib/libcrypto/asn1 | |
| parent | 7f7aefb469a9916b1d914a9fabaed99bb909ef8d (diff) | |
| download | openbsd-875eb616f98cd0720501dc97ee72ed96343b0b33.tar.gz openbsd-875eb616f98cd0720501dc97ee72ed96343b0b33.tar.bz2 openbsd-875eb616f98cd0720501dc97ee72ed96343b0b33.zip | |
Prepare to provide EVP_PKEY_{public,param}_check
This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().
There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.
ok inoguchi jsing
Diffstat (limited to 'src/lib/libcrypto/asn1')
| -rw-r--r-- | src/lib/libcrypto/asn1/ameth_lib.c | 16 | ||||
| -rw-r--r-- | src/lib/libcrypto/asn1/asn1_locl.h | 4 |
2 files changed, 18 insertions, 2 deletions
diff --git a/src/lib/libcrypto/asn1/ameth_lib.c b/src/lib/libcrypto/asn1/ameth_lib.c index 96669bbd2f..8ff5a35d78 100644 --- a/src/lib/libcrypto/asn1/ameth_lib.c +++ b/src/lib/libcrypto/asn1/ameth_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ameth_lib.c,v 1.24 2022/01/10 11:52:43 tb Exp $ */ | 1 | /* $OpenBSD: ameth_lib.c,v 1.25 2022/01/10 12:10:26 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| @@ -436,3 +436,17 @@ EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth, | |||
| 436 | { | 436 | { |
| 437 | ameth->pkey_check = pkey_check; | 437 | ameth->pkey_check = pkey_check; |
| 438 | } | 438 | } |
| 439 | |||
| 440 | void | ||
| 441 | EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth, | ||
| 442 | int (*pkey_public_check)(const EVP_PKEY *pk)) | ||
| 443 | { | ||
| 444 | ameth->pkey_public_check = pkey_public_check; | ||
| 445 | } | ||
| 446 | |||
| 447 | void | ||
| 448 | EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth, | ||
| 449 | int (*pkey_param_check)(const EVP_PKEY *pk)) | ||
| 450 | { | ||
| 451 | ameth->pkey_param_check = pkey_param_check; | ||
| 452 | } | ||
diff --git a/src/lib/libcrypto/asn1/asn1_locl.h b/src/lib/libcrypto/asn1/asn1_locl.h index 31fcbef20d..76b165e77f 100644 --- a/src/lib/libcrypto/asn1/asn1_locl.h +++ b/src/lib/libcrypto/asn1/asn1_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: asn1_locl.h,v 1.16 2022/01/10 11:52:43 tb Exp $ */ | 1 | /* $OpenBSD: asn1_locl.h,v 1.17 2022/01/10 12:10:26 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| @@ -125,6 +125,8 @@ struct evp_pkey_asn1_method_st { | |||
| 125 | X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig); | 125 | X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig); |
| 126 | 126 | ||
| 127 | int (*pkey_check)(const EVP_PKEY *pk); | 127 | int (*pkey_check)(const EVP_PKEY *pk); |
| 128 | int (*pkey_public_check)(const EVP_PKEY *pk); | ||
| 129 | int (*pkey_param_check)(const EVP_PKEY *pk); | ||
| 128 | } /* EVP_PKEY_ASN1_METHOD */; | 130 | } /* EVP_PKEY_ASN1_METHOD */; |
| 129 | 131 | ||
| 130 | /* Method to handle CRL access. | 132 | /* Method to handle CRL access. |