From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Wed, 19 Feb 2025 14:40:00 +0000 (+0100)
Subject: EVP_SKEY_get_raw_key => EVP_SKEY_get0_raw_key
X-Git-Tag: openssl-3.5.0-alpha1~113
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=17bbc163831e4a936e4cca730d4fcc78e51922e4;p=thirdparty%2Fopenssl.git

EVP_SKEY_get_raw_key => EVP_SKEY_get0_raw_key

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26832)
---

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index b0060ec9e5b..69a1c8f08b2 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -586,7 +586,7 @@ static int evp_cipher_init_skey_internal(EVP_CIPHER_CTX *ctx,
             const unsigned char *keydata = NULL;
             size_t keylen = 0;
 
-            if (skey != NULL && !EVP_SKEY_get_raw_key(skey, &keydata, &keylen)) {
+            if (skey != NULL && !EVP_SKEY_get0_raw_key(skey, &keydata, &keylen)) {
                 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
                 return 0;
             }
@@ -607,7 +607,7 @@ static int evp_cipher_init_skey_internal(EVP_CIPHER_CTX *ctx,
             const unsigned char *keydata = NULL;
             size_t keylen = 0;
 
-            if (skey != NULL && !EVP_SKEY_get_raw_key(skey, &keydata, &keylen)) {
+            if (skey != NULL && !EVP_SKEY_get0_raw_key(skey, &keydata, &keylen)) {
                 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
                 return 0;
             }
diff --git a/crypto/evp/s_lib.c b/crypto/evp/s_lib.c
index 85480b5b151..f8d132a666f 100644
--- a/crypto/evp/s_lib.c
+++ b/crypto/evp/s_lib.c
@@ -138,8 +138,8 @@ static int get_secret_key(const OSSL_PARAM params[], void *arg)
     return 0;
 }
 
-int EVP_SKEY_get_raw_key(const EVP_SKEY *skey, const unsigned char **key,
-                         size_t *len)
+int EVP_SKEY_get0_raw_key(const EVP_SKEY *skey, const unsigned char **key,
+                          size_t *len)
 {
     struct raw_key_details_st raw_key;
 
diff --git a/doc/man3/EVP_SKEY.pod b/doc/man3/EVP_SKEY.pod
index 8ff05e6645e..27ad844d7ed 100644
--- a/doc/man3/EVP_SKEY.pod
+++ b/doc/man3/EVP_SKEY.pod
@@ -4,7 +4,7 @@
 
 EVP_SKEY, EVP_SKEY_generate,
 EVP_SKEY_import, EVP_SKEY_import_raw_key, EVP_SKEY_up_ref,
-EVP_SKEY_export, EVP_SKEY_get_raw_key, EVP_SKEY_get0_key_id,
+EVP_SKEY_export, EVP_SKEY_get0_raw_key, EVP_SKEY_get0_key_id,
 EVP_SKEY_get0_skeymgmt_name, EVP_SKEY_get0_provider_name,
 EVP_SKEY_free, EVP_SKEY_is_a, EVP_SKEY_to_provider
 - opaque symmetric key allocation and handling functions
@@ -25,7 +25,7 @@ EVP_SKEY_free, EVP_SKEY_is_a, EVP_SKEY_to_provider
                                    const char *propquery);
  int EVP_SKEY_export(const EVP_SKEY *skey, int selection,
                      OSSL_CALLBACK *export_cb, void *export_cbarg);
- int EVP_SKEY_get_raw_key(const EVP_SKEY *skey, const unsigned char **key,
+ int EVP_SKEY_get0_raw_key(const EVP_SKEY *skey, const unsigned char **key,
                           size_t *len);
  const char *EVP_SKEY_get0_key_id(const EVP_SKEY *skey);
 
@@ -65,9 +65,10 @@ that gets passed the value of I<export_cbarg>.  See L<openssl-core.h(7)> for
 more information about the callback. Note that the L<OSSL_PARAM(3)> array that
 is passed to the callback is not persistent after the callback returns.
 
-The EVP_SKEY_get_raw_key() function copies raw key bytes to the passed buffer
-and sets the key len. The operation can fail when the underlying key
-management doesn't support export of the secret key.
+The EVP_SKEY_get0_raw_key() returns a pointer to a raw key bytes to the passed
+address and sets the key len. The returned address is managed by the internal
+key management and shouldn't be freed explicitly.  The operation can fail when
+the underlying key management doesn't support export of the secret key.
 
 The EVP_SKEY_get0_key_id() returns a NUL-terminated string providing some
 human-readable identifier of the key if provided by the underlying key
@@ -125,7 +126,7 @@ EVP_SKEY_get0_key_id() returns either a valid pointer or NULL.
 
 EVP_SKEY_up_ref() returns 1 for success and 0 on failure.
 
-EVP_SKEY_export() and EVP_SKEY_get_raw_key() return 1 for success and 0 on failure.
+EVP_SKEY_export() and EVP_SKEY_get0_raw_key() return 1 for success and 0 on failure.
 
 EVP_SKEY_get0_skeymgmt_name() and EVP_SKEY_get0_provider_name() return the
 names of the associated EVP_SKEYMGMT object and its provider correspondigly.
@@ -143,7 +144,7 @@ L<EVP_SKEYMGMT(3)>, L<provider(7)>, L<OSSL_PARAM(3)>
 =head1 HISTORY
 
 The B<EVP_SKEY> API and functions EVP_SKEY_export(),
-EVP_SKEY_free(), EVP_SKEY_get_raw_key(), EVP_SKEY_import(),
+EVP_SKEY_free(), EVP_SKEY_get0_raw_key(), EVP_SKEY_import(),
 EVP_SKEY_import_raw_key(), EVP_SKEY_up_ref(), EVP_SKEY_generate(),
 EVP_SKEY_get0_key_id(), EVP_SKEY_get0_provider_name(),
 EVP_SKEY_get0_skeymgmt_name(), EVP_SKEY_is_a(), EVP_SKEY_to_provider()
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 0cbb38aad89..c8be0201535 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -2292,8 +2292,8 @@ EVP_SKEY *EVP_SKEY_generate(OSSL_LIB_CTX *libctx, const char *skeymgmtname,
 EVP_SKEY *EVP_SKEY_import_raw_key(OSSL_LIB_CTX *libctx, const char *skeymgmtname,
                                   unsigned char *key, size_t keylen,
                                   const char *propquery);
-int EVP_SKEY_get_raw_key(const EVP_SKEY *skey, const unsigned char **key,
-                         size_t *len);
+int EVP_SKEY_get0_raw_key(const EVP_SKEY *skey, const unsigned char **key,
+                          size_t *len);
 const char *EVP_SKEY_get0_key_id(const EVP_SKEY *skey);
 int EVP_SKEY_export(const EVP_SKEY *skey, int selection,
                     OSSL_CALLBACK *export_cb, void *export_cbarg);
diff --git a/test/evp_skey_test.c b/test/evp_skey_test.c
index 92e435471da..774b84ef135 100644
--- a/test/evp_skey_test.c
+++ b/test/evp_skey_test.c
@@ -76,7 +76,7 @@ static int test_skey_cipher(void)
         goto end;
 
     /* Export raw key */
-    if (!TEST_int_gt(EVP_SKEY_get_raw_key(key, &export, &export_len), 0)
+    if (!TEST_int_gt(EVP_SKEY_get0_raw_key(key, &export, &export_len), 0)
         || !TEST_mem_eq(export, export_len, import_key, sizeof(import_key)))
         goto end;
 
@@ -134,7 +134,7 @@ static int test_aes_raw_skey(void)
     if (!TEST_ptr(skey))
         goto end;
 
-    if (!TEST_int_gt(EVP_SKEY_get_raw_key(skey, &export_key, &export_length), 0)
+    if (!TEST_int_gt(EVP_SKEY_get0_raw_key(skey, &export_key, &export_length), 0)
         || !TEST_mem_eq(aes_key, KEY_SIZE, export_key, export_length))
         goto end;
 
@@ -211,7 +211,7 @@ static int test_des_raw_skey(void)
     if (!TEST_ptr(skey))
         goto end;
 
-    if (!TEST_int_gt(EVP_SKEY_get_raw_key(skey, &export_key, &export_length), 0)
+    if (!TEST_int_gt(EVP_SKEY_get0_raw_key(skey, &export_key, &export_length), 0)
         || !TEST_mem_eq(des_key, DES_KEY_SIZE, export_key, export_length))
         goto end;
 
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 25f20e40655..07c81191465 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5894,7 +5894,7 @@ EVP_CipherInit_SKEY                     ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEY_import                         ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEY_generate                       ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEY_import_raw_key                 ?	3_5_0	EXIST::FUNCTION:
-EVP_SKEY_get_raw_key                    ?	3_5_0	EXIST::FUNCTION:
+EVP_SKEY_get0_raw_key                   ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEY_export                         ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEY_up_ref                         ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEY_free                           ?	3_5_0	EXIST::FUNCTION: