fprintf(stdout, "Modulus=");
#ifndef OPENSSL_NO_RSA
if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA)
- BN_print(out, tpubkey->pkey.rsa->n);
+ BN_print(out, EVP_PKEY_get0_RSA(tpubkey)->n);
else
#endif
fprintf(stdout, "Wrong Algorithm type");
}
BIO_printf(out, "Modulus=");
#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
- BN_print(out, pkey->pkey.rsa->n);
+ if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA)
+ BN_print(out, EVP_PKEY_get0_RSA(pkey)->n);
else
#endif
#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- BN_print(out, pkey->pkey.dsa->pub_key);
+ if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA)
+ BN_print(out, EVP_PKEY_get0_DSA(pkey)->pub_key);
else
#endif
BIO_printf(out, "Wrong Algorithm type");
#include <openssl/buffer.h>
#include <openssl/evp.h>
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
#ifndef NO_ASN1_OLD
# include <openssl/engine.h>
#endif
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
/* Keep this sorted in type order !! */
static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
# include <openssl/ec.h>
#endif
+#include "internal/evp_int.h"
+
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
{
switch (EVP_PKEY_id(ret)) {
#ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
- /* TMP UGLY CAST */
- if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL,
- (const unsigned char **)pp,
- length)) == NULL) {
+ if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) {
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
goto err;
}
#ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:
/* TMP UGLY CAST */
- if (!d2i_DSAPublicKey(&(ret->pkey.dsa),
- (const unsigned char **)pp, length)) {
+ if (!d2i_DSAPublicKey(&ret->pkey.dsa, pp, length)) {
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
goto err;
}
#endif
#ifndef OPENSSL_NO_EC
case EVP_PKEY_EC:
- if (!o2i_ECPublicKey(&(ret->pkey.ec),
- (const unsigned char **)pp, length)) {
+ if (!o2i_ECPublicKey(&ret->pkey.ec, pp, length)) {
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
goto err;
}
#include <openssl/evp.h>
#include <openssl/x509.h>
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
{
int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
{
- switch (a->type) {
+ switch (EVP_PKEY_id(a)) {
#ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
- return (i2d_RSAPublicKey(a->pkey.rsa, pp));
+ return i2d_RSAPublicKey(EVP_PKEY_get0_RSA(a), pp);
#endif
#ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:
- return (i2d_DSAPublicKey(a->pkey.dsa, pp));
+ return i2d_DSAPublicKey(EVP_PKEY_get0_DSA(a), pp);
#endif
#ifndef OPENSSL_NO_EC
case EVP_PKEY_EC:
- return (i2o_ECPublicKey(a->pkey.ec, pp));
+ return i2o_ECPublicKey(EVP_PKEY_get0_EC_KEY(a), pp);
#endif
default:
ASN1err(ASN1_F_I2D_PUBLICKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
- return (-1);
+ return -1;
}
}
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
#ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
#endif
static void cmac_key_free(EVP_PKEY *pkey)
{
- CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr;
+ CMAC_CTX *cmctx = EVP_PKEY_get0(pkey);
CMAC_CTX_free(cmctx);
}
#include <openssl/aes.h>
#include "cms_lcl.h"
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
/* CMS EnvelopedData Utilities */
if (!cms_kari_create_ephemeral_key(kari, pk))
return 0;
- CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
+ EVP_PKEY_up_ref(pk);
rek->pkey = pk;
return 1;
}
#include <openssl/cms.h>
#include "cms_lcl.h"
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
/* CMS SignedData Utilities */
#include <openssl/dh.h>
#include <openssl/bn.h>
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
#ifndef OPENSSL_NO_CMS
# include <openssl/cms.h>
#endif
# include <openssl/cms.h>
#endif
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
{
#endif
#include <openssl/asn1t.h>
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
#ifndef OPENSSL_NO_CMS
static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
#include <openssl/x509.h>
#include <openssl/rand.h>
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
/* Extract a private key from a PKCS8 structure */
int ret = -1;
#ifndef OPENSSL_NO_RSA
- if (priv->type != EVP_PKEY_RSA) {
+ if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) {
#endif
EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
#ifndef OPENSSL_NO_RSA
}
ret =
- RSA_private_decrypt(ekl, ek, key, priv->pkey.rsa, RSA_PKCS1_PADDING);
+ RSA_private_decrypt(ekl, ek, key, EVP_PKEY_get0_RSA(priv),
+ RSA_PKCS1_PADDING);
err:
#endif
return (ret);
int ret = 0;
#ifndef OPENSSL_NO_RSA
- if (pubk->type != EVP_PKEY_RSA) {
+ if (EVP_PKEY_id(pubk) != EVP_PKEY_RSA) {
#endif
EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
#ifndef OPENSSL_NO_RSA
goto err;
}
ret =
- RSA_public_encrypt(key_len, key, ek, pubk->pkey.rsa,
+ RSA_public_encrypt(key_len, key, ek, EVP_PKEY_get0_RSA(pubk),
RSA_PKCS1_PADDING);
err:
#endif
#endif
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
static void EVP_PKEY_free_it(EVP_PKEY *x);
return (key != NULL);
}
-void *EVP_PKEY_get0(EVP_PKEY *pkey)
+void *EVP_PKEY_get0(const EVP_PKEY *pkey)
{
return pkey->pkey.ptr;
}
if (!priv)
return 1;
- if (priv->type != EVP_PKEY_RSA) {
+ if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) {
EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA);
goto err;
}
- size = RSA_size(priv->pkey.rsa);
+ size = EVP_PKEY_size(priv);
key = OPENSSL_malloc(size + 2);
if (key == NULL) {
/* ERROR */
static void hmac_key_free(EVP_PKEY *pkey)
{
- ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
+ ASN1_OCTET_STRING *os = EVP_PKEY_get0(pkey);
if (os) {
if (os->data)
OPENSSL_cleanse(os->data, os->length);
static int old_hmac_encode(const EVP_PKEY *pkey, unsigned char **pder)
{
int inc;
- ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
+ ASN1_OCTET_STRING *os = EVP_PKEY_get0(pkey);
if (pder) {
if (!*pder) {
*pder = OPENSSL_malloc(os->length);
(fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
cipher##_init_key, NULL, NULL, NULL, NULL)
+
+/*
+ * Type needs to be a bit field Sub-type needs to be for variations on the
+ * method, as in, can it do arbitrary encryption....
+ */
+struct evp_pkey_st {
+ int type;
+ int save_type;
+ int references;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ENGINE *engine;
+ union {
+ char *ptr;
+# ifndef OPENSSL_NO_RSA
+ struct rsa_st *rsa; /* RSA */
+# endif
+# ifndef OPENSSL_NO_DSA
+ struct dsa_st *dsa; /* DSA */
+# endif
+# ifndef OPENSSL_NO_DH
+ struct dh_st *dh; /* DH */
+# endif
+# ifndef OPENSSL_NO_EC
+ struct ec_key_st *ec; /* ECC */
+# endif
+ } pkey;
+ int save_parameters;
+ STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
+} /* EVP_PKEY */ ;
#ifndef OPENSSL_NO_RSA
/* normal optionally encrypted stuff */
if (PEM_write_bio_RSAPrivateKey(bp,
- xi->x_pkey->dec_pkey->pkey.rsa,
+ EVP_PKEY_get0_RSA(xi->x_pkey->dec_pkey),
enc, kstr, klen, cb, u) <= 0)
goto err;
#endif
# include <openssl/dh.h>
#endif
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
int pem_check_suffix(const char *pem_str, const char *suffix);
unsigned char *p;
unsigned int bitlen, magic = 0, keyalg;
int outlen, noinc = 0;
- if (pk->type == EVP_PKEY_DSA) {
- bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic);
+ int pktype = EVP_PKEY_id(pk);
+ if (pktype == EVP_PKEY_DSA) {
+ bitlen = check_bitlen_dsa(EVP_PKEY_get0_DSA(pk), ispub, &magic);
keyalg = MS_KEYALG_DSS_SIGN;
- } else if (pk->type == EVP_PKEY_RSA) {
- bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic);
+ } else if (pktype == EVP_PKEY_RSA) {
+ bitlen = check_bitlen_rsa(EVP_PKEY_get0_RSA(pk), ispub, &magic);
keyalg = MS_KEYALG_RSA_KEYX;
} else
return -1;
write_ledword(&p, magic);
write_ledword(&p, bitlen);
if (keyalg == MS_KEYALG_DSS_SIGN)
- write_dsa(&p, pk->pkey.dsa, ispub);
+ write_dsa(&p, EVP_PKEY_get0_DSA(pk), ispub);
else
- write_rsa(&p, pk->pkey.rsa, ispub);
+ write_rsa(&p, EVP_PKEY_get0_RSA(pk), ispub);
if (!noinc)
*out += outlen;
return outlen;
write_ledword(&p, MS_PVKMAGIC);
write_ledword(&p, 0);
- if (pk->type == EVP_PKEY_DSA)
+ if (EVP_PKEY_id(pk) == EVP_PKEY_DSA)
write_ledword(&p, MS_KEYTYPE_SIGN);
else
write_ledword(&p, MS_KEYTYPE_KEYX);
#include <openssl/objects.h>
#include <openssl/x509.h>
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
{
goto err;
/* lets keep the pkey around for a while */
- CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+ EVP_PKEY_up_ref(pkey);
p7i->pkey = pkey;
/* Set the algorithms */
# include <openssl/cms.h>
#endif
#include "internal/asn1_int.h"
+#include "internal/evp_int.h"
#ifndef OPENSSL_NO_CMS
static int rsa_cms_sign(CMS_SignerInfo *si);
{
EVP_PKEY_free(ctx->signer_key);
ctx->signer_key = key;
- CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY);
+ EVP_PKEY_up_ref(ctx->signer_key);
return 1;
}
{
const EC_GROUP *grp = NULL;
int curve_nid;
- if (pkey && pkey->type == EVP_PKEY_EC)
- grp = EC_KEY_get0_group(pkey->pkey.ec);
+ if (pkey && EVP_PKEY_id(pkey) == EVP_PKEY_EC)
+ grp = EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey));
if (!grp)
return X509_V_ERR_SUITE_B_INVALID_ALGORITHM;
curve_nid = EC_GROUP_get_curve_name(grp);
break;
case -2:
#ifndef OPENSSL_NO_EC
- if (k->type == EVP_PKEY_EC) {
+ if (EVP_PKEY_id(k) == EVP_PKEY_EC) {
X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, ERR_R_EC_LIB);
break;
}
#endif
#ifndef OPENSSL_NO_DH
- if (k->type == EVP_PKEY_DH) {
+ if (EVP_PKEY_id(k) == EVP_PKEY_DH) {
/* No idea */
X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
X509_R_CANT_CHECK_DH_KEY);
if (pk == NULL)
return (0);
- switch (pk->type) {
+ switch (EVP_PKEY_id(pk)) {
case EVP_PKEY_RSA:
ret = EVP_PK_RSA | EVP_PKT_SIGN;
/* if (!sign only extension) */
extern "C" {
#endif
-/*
- * Type needs to be a bit field Sub-type needs to be for variations on the
- * method, as in, can it do arbitrary encryption....
- */
-struct evp_pkey_st {
- int type;
- int save_type;
- int references;
- const EVP_PKEY_ASN1_METHOD *ameth;
- ENGINE *engine;
- union {
- char *ptr;
-# ifndef OPENSSL_NO_RSA
- struct rsa_st *rsa; /* RSA */
-# endif
-# ifndef OPENSSL_NO_DSA
- struct dsa_st *dsa; /* DSA */
-# endif
-# ifndef OPENSSL_NO_DH
- struct dh_st *dh; /* DH */
-# endif
-# ifndef OPENSSL_NO_EC
- struct ec_key_st *ec; /* ECC */
-# endif
- } pkey;
- int save_parameters;
- STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-} /* EVP_PKEY */ ;
-
# define EVP_PKEY_MO_SIGN 0x0001
# define EVP_PKEY_MO_VERIFY 0x0002
# define EVP_PKEY_MO_ENCRYPT 0x0004
int EVP_PKEY_set_type(EVP_PKEY *pkey, int type);
int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);
-void *EVP_PKEY_get0(EVP_PKEY *pkey);
+void *EVP_PKEY_get0(const EVP_PKEY *pkey);
# ifndef OPENSSL_NO_RSA
struct rsa_st;
if (cpk->privatekey != NULL) {
rpk->privatekey = cpk->privatekey;
- CRYPTO_add(&cpk->privatekey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+ EVP_PKEY_up_ref(cpk->privatekey);
}
if (cpk->chain) {
* Don't check the public/private key, this is mostly for smart
* cards.
*/
- if ((pkey->type == EVP_PKEY_RSA) &&
- (RSA_flags(pkey->pkey.rsa) & RSA_METHOD_FLAG_NO_CHECK)) ;
+ if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA
+ && RSA_flags(EVP_PKEY_get0_RSA(pkey)) & RSA_METHOD_FLAG_NO_CHECK);
else
#endif
if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
}
EVP_PKEY_free(c->pkeys[i].privatekey);
- CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+ EVP_PKEY_up_ref(pkey);
c->pkeys[i].privatekey = pkey;
c->key = &(c->pkeys[i]);
return (1);
* Don't check the public/private key, this is mostly for smart
* cards.
*/
- if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
- (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
- RSA_METHOD_FLAG_NO_CHECK)) ;
+ if (EVP_PKEY_id(c->pkeys[i].privatekey) == EVP_PKEY_RSA
+ && RSA_flags(EVP_PKEY_get0_RSA(c->pkeys[i].privatekey)) &
+ RSA_METHOD_FLAG_NO_CHECK) ;
else
#endif /* OPENSSL_NO_RSA */
if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
#ifdef SSL_DEBUG
fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
#endif
- } else if (pkey->type == EVP_PKEY_RSA) {
+ } else if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) {
md = EVP_md5_sha1();
} else {
md = EVP_sha1();
}
pkey = X509_get0_pubkey(s->session->peer);
- if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA)
- || (pkey->pkey.rsa == NULL)) {
+ if (EVP_PKEY_get0_RSA(pkey) == NULL) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR);
goto err;
} else {
/* Get the Server Public Key from Cert */
skey = X509_get0_pubkey(s->session->peer);
- if ((skey == NULL)
- || (skey->type != EVP_PKEY_EC)
- || (skey->pkey.ec == NULL)) {
+ if ((skey == NULL) || EVP_PKEY_get0_EC_KEY(skey) == NULL) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR);
goto err;
goto err;
}
#ifndef OPENSSL_NO_GOST
- if (pkey->type == NID_id_GostR3410_2001
- || pkey->type == NID_id_GostR3410_2012_256
- || pkey->type == NID_id_GostR3410_2012_512) {
- BUF_reverse(p + 2, NULL, u);
+ {
+ int pktype = EVP_PKEY_id(pkey);
+ if (pktype == NID_id_GostR3410_2001
+ || pktype == NID_id_GostR3410_2012_256
+ || pktype == NID_id_GostR3410_2012_512)
+ BUF_reverse(p + 2, NULL, u);
}
#endif
if (pk == NULL)
goto err;
- i = pk->type;
+ i = EVP_PKEY_id(pk);
if (i == EVP_PKEY_RSA) {
ret = SSL_PKEY_RSA_ENC;
} else if (i == EVP_PKEY_DSA) {
unsigned long alg_k;
#ifndef OPENSSL_NO_RSA
RSA *rsa = NULL;
- EVP_PKEY *pkey = NULL;
#endif
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
EVP_PKEY *ckey = NULL;
size_t j;
/* FIX THIS UP EAY EAY EAY EAY */
- pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
- if ((pkey == NULL) ||
- (pkey->type != EVP_PKEY_RSA) || (pkey->pkey.rsa == NULL)) {
+ rsa = EVP_PKEY_get0_RSA(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey);
+ if (rsa == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE,
SSL_R_MISSING_RSA_CERTIFICATE);
goto f_err;
}
- rsa = pkey->pkey.rsa;
/* SSLv3 and pre-standard DTLS omit the length bytes. */
if (s->version == SSL3_VERSION || s->version == DTLS1_BAD_VER) {
* length field (CryptoPro implementations at least till CSP 4.0)
*/
#ifndef OPENSSL_NO_GOST
- if (PACKET_remaining(pkt) == 64 && pkey->type == NID_id_GostR3410_2001) {
+ if (PACKET_remaining(pkt) == 64
+ && EVP_PKEY_id(pkey) == NID_id_GostR3410_2001) {
len = 64;
} else
#endif
}
#ifndef OPENSSL_NO_GOST
- if (pkey->type == NID_id_GostR3410_2001
- || pkey->type == NID_id_GostR3410_2012_256
- || pkey->type == NID_id_GostR3410_2012_512) {
- BUF_reverse(data, NULL, len);
+ {
+ int pktype = EVP_PKEY_id(pkey);
+ if (pktype == NID_id_GostR3410_2001
+ || pktype == NID_id_GostR3410_2012_256
+ || pktype == NID_id_GostR3410_2012_512)
+ BUF_reverse(data, NULL, len);
}
#endif
if (!pkey)
return 0;
/* If not EC nothing to do */
- if (pkey->type != EVP_PKEY_EC)
+ if (EVP_PKEY_id(pkey) != EVP_PKEY_EC)
return 1;
- rv = tls1_set_ec_id(curve_id, &comp_id, pkey->pkey.ec);
+ rv = tls1_set_ec_id(curve_id, &comp_id, EVP_PKEY_get0_EC_KEY(pkey));
if (!rv)
return 0;
/*
return 0;
}
#ifndef OPENSSL_NO_EC
- if (pkey->type == EVP_PKEY_EC) {
+ if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) {
unsigned char curve_id[2], comp_id;
/* Check compression and curve matches extensions */
- if (!tls1_set_ec_id(curve_id, &comp_id, pkey->pkey.ec))
+ if (!tls1_set_ec_id(curve_id, &comp_id, EVP_PKEY_get0_EC_KEY(pkey)))
return 0;
if (!s->server && !tls1_check_ec_key(s, curve_id, &comp_id)) {
SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_CURVE);
int tls12_get_sigid(const EVP_PKEY *pk)
{
- return tls12_find_id(pk->type, tls12_sig, OSSL_NELEM(tls12_sig));
+ return tls12_find_id(EVP_PKEY_id(pk), tls12_sig, OSSL_NELEM(tls12_sig));
}
typedef struct {
if (!s->server && strict_mode) {
STACK_OF(X509_NAME) *ca_dn;
int check_type = 0;
- switch (pk->type) {
+ switch (EVP_PKEY_id(pk)) {
case EVP_PKEY_RSA:
check_type = TLS_CT_RSA_SIGN;
break;
projects / thirdparty / openssl.git / commitdiff
