Rework EVP_PKEY_set_type{,_str}()

These two functions previously wrapped a pkey_set_type() helper, which was an utter mess because of ENGINE. With the long awaited departure of ENGINE, this function became a lot simpler. A further simplification is obtained by not doing the optimization to avoid an ameth lookup: this requires walking a list of 11 ameths. We should consider bsearch()... With this gone and a saner implementation of EVP_PKEY_free_it(), we can implement these functions with a dozen lines of code each. ok jsing
author: tb <> 2023-12-25 21:51:57 +0000
committer: tb <> 2023-12-25 21:51:57 +0000
commit: d92f0cb502bab2f27fd0e9c89e49c2a9dc35267b (patch)
tree: c00e345aeb4b92004086a4b9ba3817973b5ced40 /src/lib
parent: bd5929d47ed5d4ecddaca010d10d643cb23d9e97 (diff)
download: openbsd-d92f0cb502bab2f27fd0e9c89e49c2a9dc35267b.tar.gz
openbsd-d92f0cb502bab2f27fd0e9c89e49c2a9dc35267b.tar.bz2
openbsd-d92f0cb502bab2f27fd0e9c89e49c2a9dc35267b.zip
1 files changed, 27 insertions, 34 deletions
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
index 3eba5af298..39c6adcde0 100644
--- a/src/lib/libcrypto/evp/p_lib.c
+++ b/src/lib/libcrypto/evp/p_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p_lib.c,v 1.47 2023/12/25 21:41:19 tb Exp $ */
+/* $OpenBSD: p_lib.c,v 1.48 2023/12/25 21:51:57 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -238,45 +238,44 @@ EVP_PKEY_free(EVP_PKEY *pkey)
        freezero(pkey, sizeof(*pkey));
 }
-/* Setup a public key ASN1 method from a NID or a string.
+int
- * If pkey is NULL just return 1 or 0 if the algorithm exists.
+EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
- */
-static int
-pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
 {
        const EVP_PKEY_ASN1_METHOD *ameth;
-        if (pkey) {
+        evp_pkey_free_pkey_ptr(pkey);
-                if (pkey->pkey.ptr)
-                        evp_pkey_free_pkey_ptr(pkey);
+        if ((ameth = EVP_PKEY_asn1_find(NULL, type)) == NULL) {
-                /* If key type matches and a method exists then this
-                 * lookup has succeeded once so just indicate success.
-                 */
-                if ((type == pkey->save_type) && pkey->ameth)
-                        return 1;
-        }
-        if (str != NULL)
-                ameth = EVP_PKEY_asn1_find_str(NULL, str, len);
-        else
-                ameth = EVP_PKEY_asn1_find(NULL, type);
-        if (!ameth) {
                EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
                return 0;
        }
-        if (pkey) {
+        if (pkey != NULL) {
                pkey->ameth = ameth;
                pkey->type = pkey->ameth->pkey_id;
                pkey->save_type = type;
        }
        return 1;
 }
 int
-EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
+EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
 {
-        return pkey_set_type(pkey, type, NULL, -1);
+        const EVP_PKEY_ASN1_METHOD *ameth;
+        evp_pkey_free_pkey_ptr(pkey);
+        if ((ameth = EVP_PKEY_asn1_find_str(NULL, str, len)) == NULL) {
+                EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
+                return 0;
+        }
+        if (pkey != NULL) {
+                pkey->ameth = ameth;
+                pkey->type = pkey->ameth->pkey_id;
+                pkey->save_type = EVP_PKEY_NONE;
+        }
+        return 1;
 }
 EVP_PKEY *
@@ -288,7 +287,7 @@ EVP_PKEY_new_raw_private_key(int type, ENGINE *engine,
        if ((ret = EVP_PKEY_new()) == NULL)
                goto err;
-        if (!pkey_set_type(ret, type, NULL, -1))
+        if (!EVP_PKEY_set_type(ret, type))
                goto err;
        if (ret->ameth->set_priv_key == NULL) {
@@ -317,7 +316,7 @@ EVP_PKEY_new_raw_public_key(int type, ENGINE *engine,
        if ((ret = EVP_PKEY_new()) == NULL)
                goto err;
-        if (!pkey_set_type(ret, type, NULL, -1))
+        if (!EVP_PKEY_set_type(ret, type))
                goto err;
        if (ret->ameth->set_pub_key == NULL) {
@@ -381,7 +380,7 @@ EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len,
        if ((cmctx = CMAC_CTX_new()) == NULL)
                goto err;
-        if (!pkey_set_type(ret, EVP_PKEY_CMAC, NULL, -1))
+        if (!EVP_PKEY_set_type(ret, EVP_PKEY_CMAC))
                goto err;
        if (!CMAC_Init(cmctx, priv, len, cipher, NULL)) {
@@ -400,12 +399,6 @@ EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len,
 }
 int
-EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
-{
-        return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
-}
-int
 EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
 {
        if (!EVP_PKEY_set_type(pkey, type))
author	tb <>	2023-12-25 21:51:57 +0000
committer	tb <>	2023-12-25 21:51:57 +0000
commit	d92f0cb502bab2f27fd0e9c89e49c2a9dc35267b (patch)
tree	c00e345aeb4b92004086a4b9ba3817973b5ced40 /src/lib
parent	bd5929d47ed5d4ecddaca010d10d643cb23d9e97 (diff)
download	openbsd-d92f0cb502bab2f27fd0e9c89e49c2a9dc35267b.tar.gz openbsd-d92f0cb502bab2f27fd0e9c89e49c2a9dc35267b.tar.bz2 openbsd-d92f0cb502bab2f27fd0e9c89e49c2a9dc35267b.zip

diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c index 3eba5af298..39c6adcde0 100644 --- a/src/lib/libcrypto/evp/p_lib.c +++ b/src/lib/libcrypto/evp/p_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: p_lib.c,v 1.47 2023/12/25 21:41:19 tb Exp $ */	1	/* $OpenBSD: p_lib.c,v 1.48 2023/12/25 21:51:57 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -238,45 +238,44 @@ EVP_PKEY_free(EVP_PKEY *pkey)
238	freezero(pkey, sizeof(*pkey));	238	freezero(pkey, sizeof(*pkey));
239	}	239	}
240		240
241	/* Setup a public key ASN1 method from a NID or a string.	241	int
242	* If pkey is NULL just return 1 or 0 if the algorithm exists.	242	EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
243	*/
244
245	static int
246	pkey_set_type(EVP_PKEY pkey, int type, const char str, int len)
247	{	243	{
248	const EVP_PKEY_ASN1_METHOD *ameth;	244	const EVP_PKEY_ASN1_METHOD *ameth;
249		245
250	if (pkey) {	246	evp_pkey_free_pkey_ptr(pkey);
251	if (pkey->pkey.ptr)	247
252	evp_pkey_free_pkey_ptr(pkey);	248	if ((ameth = EVP_PKEY_asn1_find(NULL, type)) == NULL) {
253	/* If key type matches and a method exists then this
254	* lookup has succeeded once so just indicate success.
255	*/
256	if ((type == pkey->save_type) && pkey->ameth)
257	return 1;
258	}
259	if (str != NULL)
260	ameth = EVP_PKEY_asn1_find_str(NULL, str, len);
261	else
262	ameth = EVP_PKEY_asn1_find(NULL, type);
263	if (!ameth) {
264	EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);	249	EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
265	return 0;	250	return 0;
266	}	251	}
267	if (pkey) {	252	if (pkey != NULL) {
268	pkey->ameth = ameth;	253	pkey->ameth = ameth;
269
270	pkey->type = pkey->ameth->pkey_id;	254	pkey->type = pkey->ameth->pkey_id;
271	pkey->save_type = type;	255	pkey->save_type = type;
272	}	256	}
		257
273	return 1;	258	return 1;
274	}	259	}
275		260
276	int	261	int
277	EVP_PKEY_set_type(EVP_PKEY *pkey, int type)	262	EVP_PKEY_set_type_str(EVP_PKEY pkey, const char str, int len)
278	{	263	{
279	return pkey_set_type(pkey, type, NULL, -1);	264	const EVP_PKEY_ASN1_METHOD *ameth;
		265
		266	evp_pkey_free_pkey_ptr(pkey);
		267
		268	if ((ameth = EVP_PKEY_asn1_find_str(NULL, str, len)) == NULL) {
		269	EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
		270	return 0;
		271	}
		272	if (pkey != NULL) {
		273	pkey->ameth = ameth;
		274	pkey->type = pkey->ameth->pkey_id;
		275	pkey->save_type = EVP_PKEY_NONE;
		276	}
		277
		278	return 1;
280	}	279	}
281		280
282	EVP_PKEY *	281	EVP_PKEY *
@@ -288,7 +287,7 @@ EVP_PKEY_new_raw_private_key(int type, ENGINE *engine,
288	if ((ret = EVP_PKEY_new()) == NULL)	287	if ((ret = EVP_PKEY_new()) == NULL)
289	goto err;	288	goto err;
290		289
291	if (!pkey_set_type(ret, type, NULL, -1))	290	if (!EVP_PKEY_set_type(ret, type))
292	goto err;	291	goto err;
293		292
294	if (ret->ameth->set_priv_key == NULL) {	293	if (ret->ameth->set_priv_key == NULL) {
@@ -317,7 +316,7 @@ EVP_PKEY_new_raw_public_key(int type, ENGINE *engine,
317	if ((ret = EVP_PKEY_new()) == NULL)	316	if ((ret = EVP_PKEY_new()) == NULL)
318	goto err;	317	goto err;
319		318
320	if (!pkey_set_type(ret, type, NULL, -1))	319	if (!EVP_PKEY_set_type(ret, type))
321	goto err;	320	goto err;
322		321
323	if (ret->ameth->set_pub_key == NULL) {	322	if (ret->ameth->set_pub_key == NULL) {
@@ -381,7 +380,7 @@ EVP_PKEY_new_CMAC_key(ENGINE e, const unsigned char priv, size_t len,
381	if ((cmctx = CMAC_CTX_new()) == NULL)	380	if ((cmctx = CMAC_CTX_new()) == NULL)
382	goto err;	381	goto err;
383		382
384	if (!pkey_set_type(ret, EVP_PKEY_CMAC, NULL, -1))	383	if (!EVP_PKEY_set_type(ret, EVP_PKEY_CMAC))
385	goto err;	384	goto err;
386		385
387	if (!CMAC_Init(cmctx, priv, len, cipher, NULL)) {	386	if (!CMAC_Init(cmctx, priv, len, cipher, NULL)) {
@@ -400,12 +399,6 @@ EVP_PKEY_new_CMAC_key(ENGINE e, const unsigned char priv, size_t len,
400	}	399	}
401		400
402	int	401	int
403	EVP_PKEY_set_type_str(EVP_PKEY pkey, const char str, int len)
404	{
405	return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
406	}
407
408	int
409	EVP_PKEY_assign(EVP_PKEY pkey, int type, void key)	402	EVP_PKEY_assign(EVP_PKEY pkey, int type, void key)
410	{	403	{
411	if (!EVP_PKEY_set_type(pkey, type))	404	if (!EVP_PKEY_set_type(pkey, type))