Rewrite EVP_PKEY_add1_attr_by_NID()

Instead of jumping through many layers that cause headache, we can achieve the same in an entirely straightforward way without losing clarity. ok jsing
author: tb <> 2024-07-14 16:06:31 +0000
committer: tb <> 2024-07-14 16:06:31 +0000
commit: af6f53ce34e25fae6da69e0ff987be9d0cfbebe8 (patch)
tree: 4f9db2a9c4d2139d596628ff29034af3b7fe03a4 /src
parent: 068d0f16a0c01c1282b13eee497c555ff6c37d01 (diff)
download: openbsd-af6f53ce34e25fae6da69e0ff987be9d0cfbebe8.tar.gz
openbsd-af6f53ce34e25fae6da69e0ff987be9d0cfbebe8.tar.bz2
openbsd-af6f53ce34e25fae6da69e0ff987be9d0cfbebe8.zip
1 files changed, 41 insertions, 11 deletions
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
index 655ec107ff..f9100e2268 100644
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_pkey.c,v 1.29 2024/07/14 16:04:10 tb Exp $ */
+/* $OpenBSD: evp_pkey.c,v 1.30 2024/07/14 16:06:31 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -142,6 +142,46 @@ error:
 LCRYPTO_ALIAS(EVP_PKEY2PKCS8);
 /*
+ * XXX - This is only used by openssl(1) pkcs12 for the Microsoft-specific
+ * NID_ms_csp_name and NID_LocalKeySet. This turns out to be the only reason
+ * why attributes hangs off the EVP_PKEY struct.
+ */
+int
+EVP_PKEY_add1_attr_by_NID(EVP_PKEY *pkey, int nid, int type,
+    const unsigned char *bytes, int len)
+{
+        STACK_OF(X509_ATTRIBUTE) *attrs = NULL;
+        X509_ATTRIBUTE *attr = NULL;
+        int ret = 0;
+        if ((attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type,
+            bytes, len)) == NULL)
+                goto err;
+        if ((attrs = pkey->attributes) == NULL)
+                attrs = sk_X509_ATTRIBUTE_new_null();
+        if (attrs == NULL)
+                goto err;
+        if (sk_X509_ATTRIBUTE_push(attrs, attr) <= 0)
+                goto err;
+        attr = NULL;
+        pkey->attributes = attrs;
+        attrs = NULL;
+        ret = 1;
+ err:
+        X509_ATTRIBUTE_free(attr);
+        if (attrs != pkey->attributes)
+                sk_X509_ATTRIBUTE_pop_free(attrs, X509_ATTRIBUTE_free);
+        return ret;
+}
+LCRYPTO_ALIAS(EVP_PKEY_add1_attr_by_NID);
+/*
 * XXX - delete all the garbage below in the next bump.
 */
@@ -204,16 +244,6 @@ EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, const ASN1_OBJECT *obj, int type,
 LCRYPTO_ALIAS(EVP_PKEY_add1_attr_by_OBJ);
 int
-EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, int nid, int type,
-    const unsigned char *bytes, int len)
-{
-        if (X509at_add1_attr_by_NID(&key->attributes, nid, type, bytes, len))
-                return 1;
-        return 0;
-}
-LCRYPTO_ALIAS(EVP_PKEY_add1_attr_by_NID);
-int
 EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, const char *attrname, int type,
    const unsigned char *bytes, int len)
 {
author	tb <>	2024-07-14 16:06:31 +0000
committer	tb <>	2024-07-14 16:06:31 +0000
commit	af6f53ce34e25fae6da69e0ff987be9d0cfbebe8 (patch)
tree	4f9db2a9c4d2139d596628ff29034af3b7fe03a4 /src
parent	068d0f16a0c01c1282b13eee497c555ff6c37d01 (diff)
download	openbsd-af6f53ce34e25fae6da69e0ff987be9d0cfbebe8.tar.gz openbsd-af6f53ce34e25fae6da69e0ff987be9d0cfbebe8.tar.bz2 openbsd-af6f53ce34e25fae6da69e0ff987be9d0cfbebe8.zip

diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c index 655ec107ff..f9100e2268 100644 --- a/src/lib/libcrypto/evp/evp_pkey.c +++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: evp_pkey.c,v 1.29 2024/07/14 16:04:10 tb Exp $ */	1	/* $OpenBSD: evp_pkey.c,v 1.30 2024/07/14 16:06:31 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -142,6 +142,46 @@ error:
142	LCRYPTO_ALIAS(EVP_PKEY2PKCS8);	142	LCRYPTO_ALIAS(EVP_PKEY2PKCS8);
143		143
144	/*	144	/*
		145	* XXX - This is only used by openssl(1) pkcs12 for the Microsoft-specific
		146	* NID_ms_csp_name and NID_LocalKeySet. This turns out to be the only reason
		147	* why attributes hangs off the EVP_PKEY struct.
		148	*/
		149	int
		150	EVP_PKEY_add1_attr_by_NID(EVP_PKEY *pkey, int nid, int type,
		151	const unsigned char *bytes, int len)
		152	{
		153	STACK_OF(X509_ATTRIBUTE) *attrs = NULL;
		154	X509_ATTRIBUTE *attr = NULL;
		155	int ret = 0;
		156
		157	if ((attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type,
		158	bytes, len)) == NULL)
		159	goto err;
		160
		161	if ((attrs = pkey->attributes) == NULL)
		162	attrs = sk_X509_ATTRIBUTE_new_null();
		163	if (attrs == NULL)
		164	goto err;
		165
		166	if (sk_X509_ATTRIBUTE_push(attrs, attr) <= 0)
		167	goto err;
		168	attr = NULL;
		169
		170	pkey->attributes = attrs;
		171	attrs = NULL;
		172
		173	ret = 1;
		174
		175	err:
		176	X509_ATTRIBUTE_free(attr);
		177	if (attrs != pkey->attributes)
		178	sk_X509_ATTRIBUTE_pop_free(attrs, X509_ATTRIBUTE_free);
		179
		180	return ret;
		181	}
		182	LCRYPTO_ALIAS(EVP_PKEY_add1_attr_by_NID);
		183
		184	/*
145	* XXX - delete all the garbage below in the next bump.	185	* XXX - delete all the garbage below in the next bump.
146	*/	186	*/
147		187
@@ -204,16 +244,6 @@ EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY key, const ASN1_OBJECT obj, int type,
204	LCRYPTO_ALIAS(EVP_PKEY_add1_attr_by_OBJ);	244	LCRYPTO_ALIAS(EVP_PKEY_add1_attr_by_OBJ);
205		245
206	int	246	int
207	EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, int nid, int type,
208	const unsigned char *bytes, int len)
209	{
210	if (X509at_add1_attr_by_NID(&key->attributes, nid, type, bytes, len))
211	return 1;
212	return 0;
213	}
214	LCRYPTO_ALIAS(EVP_PKEY_add1_attr_by_NID);
215
216	int
217	EVP_PKEY_add1_attr_by_txt(EVP_PKEY key, const char attrname, int type,	247	EVP_PKEY_add1_attr_by_txt(EVP_PKEY key, const char attrname, int type,
218	const unsigned char *bytes, int len)	248	const unsigned char *bytes, int len)
219	{	249	{