diff options
| author | tb <> | 2022-01-10 12:10:26 +0000 |
|---|---|---|
| committer | tb <> | 2022-01-10 12:10:26 +0000 |
| commit | 875eb616f98cd0720501dc97ee72ed96343b0b33 (patch) | |
| tree | ba8a46237cda314ddd3da47248b453e7613bb73a /src/lib/libcrypto/evp/pmeth_gn.c | |
| parent | 7f7aefb469a9916b1d914a9fabaed99bb909ef8d (diff) | |
| download | openbsd-875eb616f98cd0720501dc97ee72ed96343b0b33.tar.gz openbsd-875eb616f98cd0720501dc97ee72ed96343b0b33.tar.bz2 openbsd-875eb616f98cd0720501dc97ee72ed96343b0b33.zip | |
Prepare to provide EVP_PKEY_{public,param}_check
This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().
There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.
ok inoguchi jsing
Diffstat (limited to 'src/lib/libcrypto/evp/pmeth_gn.c')
| -rw-r--r-- | src/lib/libcrypto/evp/pmeth_gn.c | 44 |
1 files changed, 43 insertions, 1 deletions
diff --git a/src/lib/libcrypto/evp/pmeth_gn.c b/src/lib/libcrypto/evp/pmeth_gn.c index a8a4cc97db..7d921d23b4 100644 --- a/src/lib/libcrypto/evp/pmeth_gn.c +++ b/src/lib/libcrypto/evp/pmeth_gn.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pmeth_gn.c,v 1.9 2022/01/10 11:52:43 tb Exp $ */ | 1 | /* $OpenBSD: pmeth_gn.c,v 1.10 2022/01/10 12:10:26 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| @@ -244,3 +244,45 @@ EVP_PKEY_check(EVP_PKEY_CTX *ctx) | |||
| 244 | 244 | ||
| 245 | return pkey->ameth->pkey_check(pkey); | 245 | return pkey->ameth->pkey_check(pkey); |
| 246 | } | 246 | } |
| 247 | |||
| 248 | int | ||
| 249 | EVP_PKEY_public_check(EVP_PKEY_CTX *ctx) | ||
| 250 | { | ||
| 251 | EVP_PKEY *pkey; | ||
| 252 | |||
| 253 | if ((pkey = ctx->pkey) == NULL) { | ||
| 254 | EVPerror(EVP_R_NO_KEY_SET); | ||
| 255 | return 0; | ||
| 256 | } | ||
| 257 | |||
| 258 | if (ctx->pmeth->public_check != NULL) | ||
| 259 | return ctx->pmeth->public_check(pkey); | ||
| 260 | |||
| 261 | if (pkey->ameth == NULL || pkey->ameth->pkey_public_check == NULL) { | ||
| 262 | EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | ||
| 263 | return -2; | ||
| 264 | } | ||
| 265 | |||
| 266 | return pkey->ameth->pkey_public_check(pkey); | ||
| 267 | } | ||
| 268 | |||
| 269 | int | ||
| 270 | EVP_PKEY_param_check(EVP_PKEY_CTX *ctx) | ||
| 271 | { | ||
| 272 | EVP_PKEY *pkey; | ||
| 273 | |||
| 274 | if ((pkey = ctx->pkey) == NULL) { | ||
| 275 | EVPerror(EVP_R_NO_KEY_SET); | ||
| 276 | return 0; | ||
| 277 | } | ||
| 278 | |||
| 279 | if (ctx->pmeth->param_check != NULL) | ||
| 280 | return ctx->pmeth->param_check(pkey); | ||
| 281 | |||
| 282 | if (pkey->ameth == NULL || pkey->ameth->pkey_param_check == NULL) { | ||
| 283 | EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | ||
| 284 | return -2; | ||
| 285 | } | ||
| 286 | |||
| 287 | return pkey->ameth->pkey_param_check(pkey); | ||
| 288 | } | ||