From e84f8ffa4a738212bdc72ac70cde22346dc369dd Mon Sep 17 00:00:00 2001 From: tb <> Date: Fri, 26 Nov 2021 16:41:42 +0000 Subject: Stop reaching into EVP_PKEY in the rest of libssl. ok inoguchi jsing --- src/lib/libssl/ssl_sigalgs.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'src/lib/libssl/ssl_sigalgs.c') diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c index 765f39d4a9..95c624af9c 100644 --- a/src/lib/libssl/ssl_sigalgs.c +++ b/src/lib/libssl/ssl_sigalgs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_sigalgs.c,v 1.37 2021/06/29 19:36:14 jsing Exp $ */ +/* $OpenBSD: ssl_sigalgs.c,v 1.38 2021/11/26 16:41:42 tb Exp $ */ /* * Copyright (c) 2018-2020 Bob Beck * Copyright (c) 2021 Joel Sing @@ -246,7 +246,7 @@ static const struct ssl_sigalg * ssl_sigalg_for_legacy(SSL *s, EVP_PKEY *pkey) { /* Default signature algorithms used for TLSv1.2 and earlier. */ - switch (pkey->type) { + switch (EVP_PKEY_id(pkey)) { case EVP_PKEY_RSA: if (S3I(s)->hs.negotiated_tls_version < TLS1_2_VERSION) return ssl_sigalg_lookup(SIGALG_RSA_PKCS1_MD5_SHA1); @@ -267,12 +267,12 @@ ssl_sigalg_pkey_ok(SSL *s, const struct ssl_sigalg *sigalg, EVP_PKEY *pkey) { if (sigalg == NULL || pkey == NULL) return 0; - if (sigalg->key_type != pkey->type) + if (sigalg->key_type != EVP_PKEY_id(pkey)) return 0; /* RSA PSS must have a sufficiently large RSA key. */ if ((sigalg->flags & SIGALG_FLAG_RSA_PSS)) { - if (pkey->type != EVP_PKEY_RSA || + if (EVP_PKEY_id(pkey) != EVP_PKEY_RSA || EVP_PKEY_size(pkey) < (2 * EVP_MD_size(sigalg->md()) + 2)) return 0; } @@ -286,7 +286,7 @@ ssl_sigalg_pkey_ok(SSL *s, const struct ssl_sigalg *sigalg, EVP_PKEY *pkey) return 0; /* Ensure that curve matches for EC keys. */ - if (pkey->type == EVP_PKEY_EC) { + if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) { if (sigalg->curve_nid == 0) return 0; if (EC_GROUP_get_curve_name(EC_KEY_get0_group( -- cgit v1.2.3-55-g6feb