Rename SSL_CERT_LOOKUP.nid to pkey_nid

author Richard Levitte <levitte@openssl.org>

Wed, 29 Oct 2025 09:12:33 +0000 (10:12 +0100)

committer Richard Levitte <levitte@openssl.org>

Thu, 30 Oct 2025 18:03:25 +0000 (19:03 +0100)
author Richard Levitte <levitte@openssl.org>
Wed, 29 Oct 2025 09:12:33 +0000 (10:12 +0100)
committer Richard Levitte <levitte@openssl.org>
Thu, 30 Oct 2025 18:03:25 +0000 (19:03 +0100)
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c

index ae65d43196bc1e48d23d5e456fc3b60acecbf7c4..06beef60e821bb96befdc9ee7dfde58d78677711 100644 (file)
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -1332,13 +1332,13 @@ int ssl_cert_lookup_by_nid(int nid, size_t *pidx, SSL_CTX *ctx)
      size_t i;
  
      for (i = 0; i < OSSL_NELEM(ssl_cert_info); i++) {
-        if (ssl_cert_info[i].nid == nid) {
+        if (ssl_cert_info[i].pkey_nid == nid) {
              *pidx = i;
              return 1;
          }
      }
      for (i = 0; i < ctx->sigalg_list_len; i++) {
-        if (ctx->ssl_cert_info[i].nid == nid) {
+        if (ctx->ssl_cert_info[i].pkey_nid == nid) {
              *pidx = SSL_PKEY_NUM + i;
              return 1;
          }
@@ -1354,8 +1354,8 @@ const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk, size_t *pidx,
      for (i = 0; i < OSSL_NELEM(ssl_cert_info); i++) {
          const SSL_CERT_LOOKUP *tmp_lu = &ssl_cert_info[i];
  
-        if (EVP_PKEY_is_a(pk, OBJ_nid2sn(tmp_lu->nid))
-            || EVP_PKEY_is_a(pk, OBJ_nid2ln(tmp_lu->nid))) {
+        if (EVP_PKEY_is_a(pk, OBJ_nid2sn(tmp_lu->pkey_nid))
+            || EVP_PKEY_is_a(pk, OBJ_nid2ln(tmp_lu->pkey_nid))) {
              if (pidx != NULL)
                  *pidx = i;
              return tmp_lu;
@@ -1365,8 +1365,8 @@ const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk, size_t *pidx,
      for (i = 0; i < ctx->sigalg_list_len; i++) {
          SSL_CERT_LOOKUP *tmp_lu = &(ctx->ssl_cert_info[i]);
  
-        if (EVP_PKEY_is_a(pk, OBJ_nid2sn(tmp_lu->nid))
-            || EVP_PKEY_is_a(pk, OBJ_nid2ln(tmp_lu->nid))) {
+        if (EVP_PKEY_is_a(pk, OBJ_nid2sn(tmp_lu->pkey_nid))
+            || EVP_PKEY_is_a(pk, OBJ_nid2ln(tmp_lu->pkey_nid))) {
              if (pidx != NULL)
                  *pidx = SSL_PKEY_NUM + i;
              return &ctx->ssl_cert_info[i];
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h

index 104379e990b1c670237f350d4f8cd0a98e1ac650..5cf7368a82ccba6d09bb12597ff2f13773d09506 100644 (file)
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -773,7 +773,7 @@ typedef struct tls_sigalg_info_st {
   * CERT_PKEY entries
   */
  typedef struct {
-    int nid; /* NID of public key algorithm */
+    int pkey_nid; /* NID of public key algorithm */
      uint32_t amask; /* authmask corresponding to key type */
  } SSL_CERT_LOOKUP;
  
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c

index dc22b4dbd42b3c267e06796acaaf1ad8f76f046c..d965d46498987ad9ba7fe2dd2a0edf3eb840365f 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -698,7 +698,7 @@ int ssl_load_sigalgs(SSL_CTX *ctx)
              return 0;
          for(i = 0; i < ctx->sigalg_list_len; i++) {
              const char *keytype = inferred_keytype(&ctx->sigalg_list[i]);
-            ctx->ssl_cert_info[i].nid = OBJ_txt2nid(keytype);
+            ctx->ssl_cert_info[i].pkey_nid = OBJ_txt2nid(keytype);
              ctx->ssl_cert_info[i].amask = SSL_aANY;
          }
      }
@@ -4473,7 +4473,7 @@ static int tls12_get_cert_sigalg_idx(const SSL_CONNECTION *s,
      /* If not recognised or not supported by cipher mask it is not suitable */
      if (clu == NULL
              || (clu->amask & s->s3.tmp.new_cipher->algorithm_auth) == 0
-            || (clu->nid == EVP_PKEY_RSA_PSS
+            || (clu->pkey_nid == EVP_PKEY_RSA_PSS
                  && (s->s3.tmp.new_cipher->algorithm_mkey & SSL_kRSA) != 0))
          return -1;
  
diff --git a/test/ssl_cert_table_internal_test.c b/test/ssl_cert_table_internal_test.c

index 397834a8f1a349e84de7b684ebe0bcc01d8d98d5..2b2449980f6e6a3aa6b85ea02fd7e1cdd2715c79 100644 (file)
--- a/test/ssl_cert_table_internal_test.c
+++ b/test/ssl_cert_table_internal_test.c
@@ -26,14 +26,14 @@ static int do_test_cert_table(int nid, uint32_t amask, size_t idx,
  {
      const SSL_CERT_LOOKUP *clu = &ssl_cert_info[idx];
  
-    if (clu->nid == nid && clu->amask == amask)
+    if (clu->pkey_nid == nid && clu->amask == amask)
          return 1;
  
      TEST_error("Invalid table entry for certificate type %s, index %zu",
                 idxname, idx);
-    if (clu->nid != nid)
+    if (clu->pkey_nid != nid)
          TEST_note("Expected %s, got %s\n", OBJ_nid2sn(nid),
-                  OBJ_nid2sn(clu->nid));
+                  OBJ_nid2sn(clu->pkey_nid));
      if (clu->amask != amask)
          TEST_note("Expected auth mask 0x%x, got 0x%x\n",
                    (unsigned int)amask, (unsigned int)clu->amask);
author	Richard Levitte <levitte@openssl.org>
	Wed, 29 Oct 2025 09:12:33 +0000 (10:12 +0100)
committer	Richard Levitte <levitte@openssl.org>
	Thu, 30 Oct 2025 18:03:25 +0000 (19:03 +0100)
ssl/ssl_cert.c		patch \| blob \| blame \| history
ssl/ssl_local.h		patch \| blob \| blame \| history
ssl/t1_lib.c		patch \| blob \| blame \| history
test/ssl_cert_table_internal_test.c		patch \| blob \| blame \| history