1 files changed, 0 insertions, 344 deletions
diff --git a/src/lib/libcrypto/evp/pmeth_fn.c b/src/lib/libcrypto/evp/pmeth_fn.c
deleted file mode 100644
index 308c434f0d..0000000000
--- a/src/lib/libcrypto/evp/pmeth_fn.c
+++ /dev/null
@@ -1,344 +0,0 @@
-/* $OpenBSD: pmeth_fn.c,v 1.11 2024/04/12 09:41:39 tb Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include "evp_local.h"
-#define M_check_autoarg(ctx, arg, arglen, err) \
-        if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
-                { \
-                size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
-                if (!arg) \
-                        { \
-                        *arglen = pksize; \
-                        return 1; \
-                        } \
-                else if (*arglen < pksize) \
-                        { \
-                        EVPerror(EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
-                        return 0; \
-                        } \
-                }
-int
-EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
-{
-        int ret;
-        if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        ctx->operation = EVP_PKEY_OP_SIGN;
-        if (!ctx->pmeth->sign_init)
-                return 1;
-        ret = ctx->pmeth->sign_init(ctx);
-        if (ret <= 0)
-                ctx->operation = EVP_PKEY_OP_UNDEFINED;
-        return ret;
-}
-LCRYPTO_ALIAS(EVP_PKEY_sign_init);
-int
-EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-        if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        if (ctx->operation != EVP_PKEY_OP_SIGN) {
-                EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
-                return -1;
-        }
-        M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
-        return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
-}
-LCRYPTO_ALIAS(EVP_PKEY_sign);
-int
-EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
-{
-        int ret;
-        if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        ctx->operation = EVP_PKEY_OP_VERIFY;
-        if (!ctx->pmeth->verify_init)
-                return 1;
-        ret = ctx->pmeth->verify_init(ctx);
-        if (ret <= 0)
-                ctx->operation = EVP_PKEY_OP_UNDEFINED;
-        return ret;
-}
-LCRYPTO_ALIAS(EVP_PKEY_verify_init);
-int
-EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-        if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        if (ctx->operation != EVP_PKEY_OP_VERIFY) {
-                EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
-                return -1;
-        }
-        return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
-}
-LCRYPTO_ALIAS(EVP_PKEY_verify);
-int
-EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
-{
-        if (ctx == NULL || ctx->pmeth == NULL ||
-            ctx->pmeth->verify_recover == NULL) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
-        return 1;
-}
-LCRYPTO_ALIAS(EVP_PKEY_verify_recover_init);
-int
-EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen,
-    const unsigned char *sig, size_t siglen)
-{
-        if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
-                EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
-                return -1;
-        }
-        M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
-        return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
-}
-LCRYPTO_ALIAS(EVP_PKEY_verify_recover);
-int
-EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
-{
-        if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->encrypt == NULL) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        ctx->operation = EVP_PKEY_OP_ENCRYPT;
-        return 1;
-}
-LCRYPTO_ALIAS(EVP_PKEY_encrypt_init);
-int
-EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen)
-{
-        if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
-                EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
-                return -1;
-        }
-        M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
-        return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
-}
-LCRYPTO_ALIAS(EVP_PKEY_encrypt);
-int
-EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
-{
-        if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->decrypt == NULL) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        ctx->operation = EVP_PKEY_OP_DECRYPT;
-        return 1;
-}
-LCRYPTO_ALIAS(EVP_PKEY_decrypt_init);
-int
-EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen)
-{
-        if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
-                EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
-                return -1;
-        }
-        M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
-        return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
-}
-LCRYPTO_ALIAS(EVP_PKEY_decrypt);
-int
-EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
-{
-        int ret;
-        if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        ctx->operation = EVP_PKEY_OP_DERIVE;
-        if (!ctx->pmeth->derive_init)
-                return 1;
-        ret = ctx->pmeth->derive_init(ctx);
-        if (ret <= 0)
-                ctx->operation = EVP_PKEY_OP_UNDEFINED;
-        return ret;
-}
-LCRYPTO_ALIAS(EVP_PKEY_derive_init);
-int
-EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
-{
-        int ret;
-        if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive ||
-            ctx->pmeth->encrypt || ctx->pmeth->decrypt) ||
-            !ctx->pmeth->ctrl) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        if (ctx->operation != EVP_PKEY_OP_DERIVE &&
-            ctx->operation != EVP_PKEY_OP_ENCRYPT &&
-            ctx->operation != EVP_PKEY_OP_DECRYPT) {
-                EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
-                return -1;
-        }
-        ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
-        if (ret <= 0)
-                return ret;
-        if (ret == 2)
-                return 1;
-        if (!ctx->pkey) {
-                EVPerror(EVP_R_NO_KEY_SET);
-                return -1;
-        }
-        if (ctx->pkey->type != peer->type) {
-                EVPerror(EVP_R_DIFFERENT_KEY_TYPES);
-                return -1;
-        }
-        /* ran@cryptocom.ru: For clarity.  The error is if parameters in peer are
-         * present (!missing) but don't match.  EVP_PKEY_cmp_parameters may return
-         * 1 (match), 0 (don't match) and -2 (comparison is not defined).  -1
-         * (different key types) is impossible here because it is checked earlier.
-         * -2 is OK for us here, as well as 1, so we can check for 0 only. */
-        if (!EVP_PKEY_missing_parameters(peer) &&
-            !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
-                EVPerror(EVP_R_DIFFERENT_PARAMETERS);
-                return -1;
-        }
-        EVP_PKEY_free(ctx->peerkey);
-        ctx->peerkey = peer;
-        ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
-        if (ret <= 0) {
-                ctx->peerkey = NULL;
-                return ret;
-        }
-        CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY);
-        return 1;
-}
-LCRYPTO_ALIAS(EVP_PKEY_derive_set_peer);
-int
-EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
-{
-        if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
-                EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-                return -2;
-        }
-        if (ctx->operation != EVP_PKEY_OP_DERIVE) {
-                EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
-                return -1;
-        }
-        M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
-        return ctx->pmeth->derive(ctx, key, pkeylen);
-}
-LCRYPTO_ALIAS(EVP_PKEY_derive);

diff --git a/src/lib/libcrypto/evp/pmeth_fn.c b/src/lib/libcrypto/evp/pmeth_fn.c deleted file mode 100644 index 308c434f0d..0000000000 --- a/src/lib/libcrypto/evp/pmeth_fn.c +++ /dev/null
@@ -1,344 +0,0 @@
1	/* $OpenBSD: pmeth_fn.c,v 1.11 2024/04/12 09:41:39 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.
4	*/
5	/* ====================================================================
6	* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7	*
8	* Redistribution and use in source and binary forms, with or without
9	* modification, are permitted provided that the following conditions
10	* are met:
11	*
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	*
15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in
17	* the documentation and/or other materials provided with the
18	* distribution.
19	*
20	* 3. All advertising materials mentioning features or use of this
21	* software must display the following acknowledgment:
22	* "This product includes software developed by the OpenSSL Project
23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24	*
25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26	* endorse or promote products derived from this software without
27	* prior written permission. For written permission, please contact
28	* licensing@OpenSSL.org.
29	*
30	* 5. Products derived from this software may not be called "OpenSSL"
31	* nor may "OpenSSL" appear in their names without prior written
32	* permission of the OpenSSL Project.
33	*
34	* 6. Redistributions of any form whatsoever must retain the following
35	* acknowledgment:
36	* "This product includes software developed by the OpenSSL Project
37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38	*
39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	* OF THE POSSIBILITY OF SUCH DAMAGE.
51	* ====================================================================
52	*
53	* This product includes cryptographic software written by Eric Young
54	* (eay@cryptsoft.com). This product includes software written by Tim
55	* Hudson (tjh@cryptsoft.com).
56	*
57	*/
58
59	#include <stdio.h>
60	#include <stdlib.h>
61
62	#include <openssl/err.h>
63	#include <openssl/evp.h>
64	#include <openssl/objects.h>
65
66	#include "evp_local.h"
67
68	#define M_check_autoarg(ctx, arg, arglen, err) \
69	if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
70	{ \
71	size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
72	if (!arg) \
73	{ \
74	*arglen = pksize; \
75	return 1; \
76	} \
77	else if (*arglen < pksize) \
78	{ \
79	EVPerror(EVP_R_BUFFER_TOO_SMALL); /ckerr_ignore/\
80	return 0; \
81	} \
82	}
83
84	int
85	EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
86	{
87	int ret;
88
89	if (!ctx \|\| !ctx->pmeth \|\| !ctx->pmeth->sign) {
90	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
91	return -2;
92	}
93	ctx->operation = EVP_PKEY_OP_SIGN;
94	if (!ctx->pmeth->sign_init)
95	return 1;
96	ret = ctx->pmeth->sign_init(ctx);
97	if (ret <= 0)
98	ctx->operation = EVP_PKEY_OP_UNDEFINED;
99	return ret;
100	}
101	LCRYPTO_ALIAS(EVP_PKEY_sign_init);
102
103	int
104	EVP_PKEY_sign(EVP_PKEY_CTX ctx, unsigned char sig, size_t *siglen,
105	const unsigned char *tbs, size_t tbslen)
106	{
107	if (!ctx \|\| !ctx->pmeth \|\| !ctx->pmeth->sign) {
108	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
109	return -2;
110	}
111	if (ctx->operation != EVP_PKEY_OP_SIGN) {
112	EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
113	return -1;
114	}
115	M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
116	return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
117	}
118	LCRYPTO_ALIAS(EVP_PKEY_sign);
119
120	int
121	EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
122	{
123	int ret;
124
125	if (!ctx \|\| !ctx->pmeth \|\| !ctx->pmeth->verify) {
126	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
127	return -2;
128	}
129	ctx->operation = EVP_PKEY_OP_VERIFY;
130	if (!ctx->pmeth->verify_init)
131	return 1;
132	ret = ctx->pmeth->verify_init(ctx);
133	if (ret <= 0)
134	ctx->operation = EVP_PKEY_OP_UNDEFINED;
135	return ret;
136	}
137	LCRYPTO_ALIAS(EVP_PKEY_verify_init);
138
139	int
140	EVP_PKEY_verify(EVP_PKEY_CTX ctx, const unsigned char sig, size_t siglen,
141	const unsigned char *tbs, size_t tbslen)
142	{
143	if (!ctx \|\| !ctx->pmeth \|\| !ctx->pmeth->verify) {
144	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
145	return -2;
146	}
147	if (ctx->operation != EVP_PKEY_OP_VERIFY) {
148	EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
149	return -1;
150	}
151	return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
152	}
153	LCRYPTO_ALIAS(EVP_PKEY_verify);
154
155	int
156	EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
157	{
158	if (ctx == NULL \|\| ctx->pmeth == NULL \|\|
159	ctx->pmeth->verify_recover == NULL) {
160	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
161	return -2;
162	}
163
164	ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
165
166	return 1;
167	}
168	LCRYPTO_ALIAS(EVP_PKEY_verify_recover_init);
169
170	int
171	EVP_PKEY_verify_recover(EVP_PKEY_CTX ctx, unsigned char rout, size_t *routlen,
172	const unsigned char *sig, size_t siglen)
173	{
174	if (!ctx \|\| !ctx->pmeth \|\| !ctx->pmeth->verify_recover) {
175	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
176	return -2;
177	}
178	if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
179	EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
180	return -1;
181	}
182	M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
183	return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
184	}
185	LCRYPTO_ALIAS(EVP_PKEY_verify_recover);
186
187	int
188	EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
189	{
190	if (ctx == NULL \|\| ctx->pmeth == NULL \|\| ctx->pmeth->encrypt == NULL) {
191	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
192	return -2;
193	}
194
195	ctx->operation = EVP_PKEY_OP_ENCRYPT;
196
197	return 1;
198	}
199	LCRYPTO_ALIAS(EVP_PKEY_encrypt_init);
200
201	int
202	EVP_PKEY_encrypt(EVP_PKEY_CTX ctx, unsigned char out, size_t *outlen,
203	const unsigned char *in, size_t inlen)
204	{
205	if (!ctx \|\| !ctx->pmeth \|\| !ctx->pmeth->encrypt) {
206	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
207	return -2;
208	}
209	if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
210	EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
211	return -1;
212	}
213	M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
214	return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
215	}
216	LCRYPTO_ALIAS(EVP_PKEY_encrypt);
217
218	int
219	EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
220	{
221	if (ctx == NULL \|\| ctx->pmeth == NULL \|\| ctx->pmeth->decrypt == NULL) {
222	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
223	return -2;
224	}
225
226	ctx->operation = EVP_PKEY_OP_DECRYPT;
227
228	return 1;
229	}
230	LCRYPTO_ALIAS(EVP_PKEY_decrypt_init);
231
232	int
233	EVP_PKEY_decrypt(EVP_PKEY_CTX ctx, unsigned char out, size_t *outlen,
234	const unsigned char *in, size_t inlen)
235	{
236	if (!ctx \|\| !ctx->pmeth \|\| !ctx->pmeth->decrypt) {
237	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
238	return -2;
239	}
240	if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
241	EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
242	return -1;
243	}
244	M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
245	return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
246	}
247	LCRYPTO_ALIAS(EVP_PKEY_decrypt);
248
249	int
250	EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
251	{
252	int ret;
253
254	if (!ctx \|\| !ctx->pmeth \|\| !ctx->pmeth->derive) {
255	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
256	return -2;
257	}
258	ctx->operation = EVP_PKEY_OP_DERIVE;
259	if (!ctx->pmeth->derive_init)
260	return 1;
261	ret = ctx->pmeth->derive_init(ctx);
262	if (ret <= 0)
263	ctx->operation = EVP_PKEY_OP_UNDEFINED;
264	return ret;
265	}
266	LCRYPTO_ALIAS(EVP_PKEY_derive_init);
267
268	int
269	EVP_PKEY_derive_set_peer(EVP_PKEY_CTX ctx, EVP_PKEY peer)
270	{
271	int ret;
272
273	if (!ctx \|\| !ctx->pmeth \|\| !(ctx->pmeth->derive \|\|
274	ctx->pmeth->encrypt \|\| ctx->pmeth->decrypt) \|\|
275	!ctx->pmeth->ctrl) {
276	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
277	return -2;
278	}
279	if (ctx->operation != EVP_PKEY_OP_DERIVE &&
280	ctx->operation != EVP_PKEY_OP_ENCRYPT &&
281	ctx->operation != EVP_PKEY_OP_DECRYPT) {
282	EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
283	return -1;
284	}
285
286	ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
287
288	if (ret <= 0)
289	return ret;
290
291	if (ret == 2)
292	return 1;
293
294	if (!ctx->pkey) {
295	EVPerror(EVP_R_NO_KEY_SET);
296	return -1;
297	}
298
299	if (ctx->pkey->type != peer->type) {
300	EVPerror(EVP_R_DIFFERENT_KEY_TYPES);
301	return -1;
302	}
303
304	/* ran@cryptocom.ru: For clarity. The error is if parameters in peer are
305	* present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
306	* 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
307	* (different key types) is impossible here because it is checked earlier.
308	* -2 is OK for us here, as well as 1, so we can check for 0 only. */
309	if (!EVP_PKEY_missing_parameters(peer) &&
310	!EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
311	EVPerror(EVP_R_DIFFERENT_PARAMETERS);
312	return -1;
313	}
314
315	EVP_PKEY_free(ctx->peerkey);
316	ctx->peerkey = peer;
317
318	ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
319
320	if (ret <= 0) {
321	ctx->peerkey = NULL;
322	return ret;
323	}
324
325	CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY);
326	return 1;
327	}
328	LCRYPTO_ALIAS(EVP_PKEY_derive_set_peer);
329
330	int
331	EVP_PKEY_derive(EVP_PKEY_CTX ctx, unsigned char key, size_t *pkeylen)
332	{
333	if (!ctx \|\| !ctx->pmeth \|\| !ctx->pmeth->derive) {
334	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
335	return -2;
336	}
337	if (ctx->operation != EVP_PKEY_OP_DERIVE) {
338	EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
339	return -1;
340	}
341	M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
342	return ctx->pmeth->derive(ctx, key, pkeylen);
343	}
344	LCRYPTO_ALIAS(EVP_PKEY_derive);