Prepare to provide EVP_PKEY_check()

This allows checking the validity of an EVP_PKEY. Only RSA and EC keys are supported. If a check function is set the EVP_PKEY_METHOD, it will be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is used. The default ASN.1 methods wrap RSA_check_key() and EC_KEY_check_key(), respectively. The corresponding setters are EVP_PKEY_{asn1,meth}_set_check(). It is unclear why the PKEY method has no const while the ASN.1 method has const. Requested by tobhe and used by PHP 8.1. Based on OpenSSL commit 2aee35d3 ok inoguchi jsing
author: tb <> 2022-01-10 11:52:43 +0000
committer: tb <> 2022-01-10 11:52:43 +0000
commit: c4f6925dc73274ba5f411d30fbd78b6be1580782 (patch)
tree: 1fec6a88d05f741604c6f6549798d45c11a3aef3 /src/lib/libcrypto/evp/evp.h
parent: b1042d763c8d1442a3bbd1098fe10bbb13206ca4 (diff)
download: openbsd-c4f6925dc73274ba5f411d30fbd78b6be1580782.tar.gz
openbsd-c4f6925dc73274ba5f411d30fbd78b6be1580782.tar.bz2
openbsd-c4f6925dc73274ba5f411d30fbd78b6be1580782.zip
1 files changed, 14 insertions, 1 deletions
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index aa5b35f67c..e122a6b329 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp.h,v 1.92 2022/01/09 15:15:25 tb Exp $ */
+/* $OpenBSD: evp.h,v 1.93 2022/01/10 11:52:43 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1087,6 +1087,11 @@ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
 void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
    int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2));
+#if defined(LIBRESSL_CRYPTO_INTERNAL) || defined(LIBRESSL_NEXT_API)
+void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+    int (*pkey_check)(const EVP_PKEY *pk));
+#endif
 #define EVP_PKEY_OP_UNDEFINED           0
 #define EVP_PKEY_OP_PARAMGEN            (1<<1)
 #define EVP_PKEY_OP_KEYGEN              (1<<2)
@@ -1213,6 +1218,9 @@ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
 int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+#if defined(LIBRESSL_CRYPTO_INTERNAL) || defined(LIBRESSL_NEXT_API)
+int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+#endif
 void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
 EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
@@ -1279,6 +1287,11 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
    int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
    int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value));
+#if defined(LIBRESSL_CRYPTO_INTERNAL) || defined(LIBRESSL_NEXT_API)
+void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+    int (*check)(EVP_PKEY *pkey));
+#endif
 /* Authenticated Encryption with Additional Data.
 *
 * AEAD couples confidentiality and integrity in a single primtive. AEAD
author	tb <>	2022-01-10 11:52:43 +0000
committer	tb <>	2022-01-10 11:52:43 +0000
commit	c4f6925dc73274ba5f411d30fbd78b6be1580782 (patch)
tree	1fec6a88d05f741604c6f6549798d45c11a3aef3 /src/lib/libcrypto/evp/evp.h
parent	b1042d763c8d1442a3bbd1098fe10bbb13206ca4 (diff)
download	openbsd-c4f6925dc73274ba5f411d30fbd78b6be1580782.tar.gz openbsd-c4f6925dc73274ba5f411d30fbd78b6be1580782.tar.bz2 openbsd-c4f6925dc73274ba5f411d30fbd78b6be1580782.zip