From: Richard Levitte Date: Mon, 14 Sep 2020 09:21:37 +0000 (+0200) Subject: TEST: Adapt applicable tests to the changed OSSL_ENCODER_CTX_new_by_EVP_PKEY() X-Git-Tag: openssl-3.0.0-alpha7~178 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ae12eac074be92e14c11a36b90e1c95eca3723f1;p=thirdparty%2Fopenssl.git TEST: Adapt applicable tests to the changed OSSL_ENCODER_CTX_new_by_EVP_PKEY() This adds the convenience function EVP_PKEY_typenames_do_all(), which does the same as EVP_KEYMGMT_names_do_all(), but without having to expose all the internal ways to find out if the internal EVP_PKEY key is legacy or provider-native. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/12873) --- diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index f78ff73ab78..aae71b30e29 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1040,6 +1040,22 @@ int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name) return EVP_KEYMGMT_is_a(pkey->keymgmt, name); } +void EVP_PKEY_typenames_do_all(const EVP_PKEY *pkey, + void (*fn)(const char *name, void *data), + void *data) +{ + if (!evp_pkey_is_typed(pkey)) + return; + + if (!evp_pkey_is_provided(pkey)) { + const char *name = OBJ_nid2sn(EVP_PKEY_id(pkey)); + + fn(name, data); + return; + } + EVP_KEYMGMT_names_do_all(pkey->keymgmt, fn, data); +} + int EVP_PKEY_can_sign(const EVP_PKEY *pkey) { if (pkey->keymgmt == NULL) { diff --git a/doc/man3/EVP_PKEY_is_a.pod b/doc/man3/EVP_PKEY_is_a.pod index efc72ea1104..6ca64de6b34 100644 --- a/doc/man3/EVP_PKEY_is_a.pod +++ b/doc/man3/EVP_PKEY_is_a.pod @@ -2,7 +2,8 @@ =head1 NAME -EVP_PKEY_is_a, EVP_PKEY_can_sign, EVP_PKEY_get0_first_alg_name +EVP_PKEY_is_a, EVP_PKEY_can_sign, EVP_PKEY_typenames_do_all, +EVP_PKEY_get0_first_alg_name - key type and capabilities functions =head1 SYNOPSIS @@ -11,9 +12,11 @@ EVP_PKEY_is_a, EVP_PKEY_can_sign, EVP_PKEY_get0_first_alg_name int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name); int EVP_PKEY_can_sign(const EVP_PKEY *pkey); + void EVP_PKEY_typenames_do_all(const EVP_PKEY *pkey, + void (*fn)(const char *name, void *data), + void *data); const char *EVP_PKEY_get0_first_alg_name(const EVP_PKEY *key); - =head1 DESCRIPTION EVP_PKEY_is_a() checks if the key type of I is I. @@ -22,6 +25,11 @@ EVP_PKEY_can_sign() checks if the functionality for the key type of I supports signing. No other check is done, such as whether I contains a private key. +EVP_PKEY_typenames_do_all() traverses all names for I's key type, and +calls I with each name and I. For example, an RSA B may +be named both C and C. +The order of the names is undefined. + EVP_PKEY_get0_first_alg_name() returns the first algorithm name that is found for the given I. Note that the I may have multiple synonyms associated with it. In this case it is undefined which one will be returned. diff --git a/include/openssl/evp.h b/include/openssl/evp.h index d3892982e75..ff3234a9141 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1189,6 +1189,9 @@ DEPRECATEDIN_3_0(int EVP_PKEY_encrypt_old(unsigned char *enc_key, const unsigned char *key, int key_len, EVP_PKEY *pub_key)) int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name); +void EVP_PKEY_typenames_do_all(const EVP_PKEY *pkey, + void (*fn)(const char *name, void *data), + void *data); int EVP_PKEY_type(int type); int EVP_PKEY_id(const EVP_PKEY *pkey); int EVP_PKEY_base_id(const EVP_PKEY *pkey); diff --git a/test/endecode_test.c b/test/endecode_test.c index 580b7e8f35b..7f37a99a6d5 100644 --- a/test/endecode_test.c +++ b/test/endecode_test.c @@ -8,6 +8,7 @@ */ #include +#include #include #include #include @@ -88,11 +89,10 @@ static EVP_PKEY *make_key(const char *type, EVP_PKEY *template, * (TEST_strn2_eq(), for example). */ -typedef int (encoder)(void **encoded, long *encoded_len, - void *object, const char *pass, const char *pcipher, - const char *encoder_propq); -typedef int (decoder)(void **object, - void *encoded, long encoded_len, +typedef int (encoder)(void **encoded, long *encoded_len, void *object, + const char *output_type, int selection, + const char *pass, const char *pcipher); +typedef int (decoder)(void **object, void *encoded, long encoded_len, const char *pass); typedef int (tester)(const void *data1, size_t data1_len, const void *data2, size_t data2_len); @@ -100,10 +100,11 @@ typedef int (checker)(const char *type, const void *data, size_t data_len); typedef void (dumper)(const char *label, const void *data, size_t data_len); static int test_encode_decode(const char *type, EVP_PKEY *pkey, + const char *output_type, int selection, const char *pass, const char *pcipher, encoder *encode_cb, decoder *decode_cb, tester *test_cb, checker *check_cb, - dumper *dump_cb, const char *encoder_propq) + dumper *dump_cb) { void *encoded = NULL; long encoded_len = 0; @@ -112,12 +113,20 @@ static int test_encode_decode(const char *type, EVP_PKEY *pkey, long encoded2_len = 0; int ok = 0; - if (!encode_cb(&encoded, &encoded_len, pkey, - pass, pcipher, encoder_propq) + /* + * Encode |pkey|, decode the result into |pkey2|, and finish off by + * encoding |pkey2| as well. That last encoding is for checking and + * dumping purposes. + */ + if (!encode_cb(&encoded, &encoded_len, pkey, output_type, selection, + pass, pcipher) || !check_cb(type, encoded, encoded_len) - || !decode_cb((void **)&pkey2, encoded, encoded_len, - pass) - || !TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1)) + || !decode_cb((void **)&pkey2, encoded, encoded_len, pass) + || !encode_cb(&encoded2, &encoded2_len, pkey2, output_type, selection, + pass, pcipher)) + goto end; + + if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1)) goto end; /* @@ -126,19 +135,16 @@ static int test_encode_decode(const char *type, EVP_PKEY *pkey, * differ. */ if ((pass == NULL && pcipher == NULL) - && (!encode_cb(&encoded2, &encoded2_len, pkey2, - pass, pcipher, encoder_propq) - || !test_cb(encoded, encoded_len, - encoded2, encoded2_len))) + && !test_cb(encoded, encoded_len, encoded2, encoded2_len)) goto end; ok = 1; end: if (!ok) { if (encoded != NULL && encoded_len != 0) - dump_cb("encoded result", encoded, encoded_len); + dump_cb("|pkey| encoded", encoded, encoded_len); if (encoded2 != NULL && encoded2_len != 0) - dump_cb("re-encoded result", encoded2, encoded2_len); + dump_cb("|pkey2| encoded", encoded2, encoded2_len); } OPENSSL_free(encoded); @@ -151,8 +157,8 @@ static int test_encode_decode(const char *type, EVP_PKEY *pkey, static int encode_EVP_PKEY_prov(void **encoded, long *encoded_len, void *object, - const char *pass, const char *pcipher, - const char *encoder_propq) + const char *output_type, int selection, + const char *pass, const char *pcipher) { EVP_PKEY *pkey = object; OSSL_ENCODER_CTX *ectx = NULL; @@ -161,10 +167,12 @@ static int encode_EVP_PKEY_prov(void **encoded, long *encoded_len, const unsigned char *upass = (const unsigned char *)pass; int ok = 0; - if (!TEST_ptr(ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, encoder_propq)) + if (!TEST_ptr(ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, output_type, + selection, + NULL, NULL)) || (pass != NULL && !TEST_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass, - strlen(pass)))) + strlen(pass)))) || (pcipher != NULL && !TEST_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL))) || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem())) @@ -184,8 +192,7 @@ static int encode_EVP_PKEY_prov(void **encoded, long *encoded_len, return ok; } -static int decode_EVP_PKEY_prov(void **object, - void *encoded, long encoded_len, +static int decode_EVP_PKEY_prov(void **object, void *encoded, long encoded_len, const char *pass) { EVP_PKEY *pkey = NULL; @@ -195,10 +202,9 @@ static int decode_EVP_PKEY_prov(void **object, int ok = 0; if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pkey, NULL, - NULL, NULL)) + NULL, NULL)) || (pass != NULL - && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, - strlen(pass))) + && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass))) || !TEST_ptr(mem_deser = BIO_new_mem_buf(encoded, encoded_len)) || !TEST_true(OSSL_DECODER_from_bio(dctx, mem_deser))) goto end; @@ -210,11 +216,10 @@ static int decode_EVP_PKEY_prov(void **object, return ok; } -static int encode_EVP_PKEY_legacy_PEM(void **encoded, - long *encoded_len, +static int encode_EVP_PKEY_legacy_PEM(void **encoded, long *encoded_len, void *object, - const char *pass, const char *pcipher, - ossl_unused const char *encoder_propq) + const char *output_type, int selection, + const char *pass, const char *pcipher) { EVP_PKEY *pkey = object; EVP_CIPHER *cipher = NULL; @@ -252,9 +257,10 @@ static int encode_EVP_PKEY_legacy_PEM(void **encoded, #ifndef OPENSSL_NO_DSA static int encode_EVP_PKEY_MSBLOB(void **encoded, long *encoded_len, void *object, + ossl_unused const char *output_type, + ossl_unused int selection, ossl_unused const char *pass, - ossl_unused const char *pcipher, - ossl_unused const char *encoder_propq) + ossl_unused const char *pcipher) { EVP_PKEY *pkey = object; BIO *mem_ser = NULL; @@ -277,11 +283,13 @@ static int encode_EVP_PKEY_MSBLOB(void **encoded, long *encoded_len, return ok; } -static int encode_public_EVP_PKEY_MSBLOB(void **encoded, long *encoded_len, +static int encode_public_EVP_PKEY_MSBLOB(void **encoded, + long *encoded_len, void *object, + ossl_unused const char *output_type, + ossl_unused int selection, ossl_unused const char *pass, - ossl_unused const char *pcipher, - ossl_unused const char *encoder_propq) + ossl_unused const char *pcipher) { EVP_PKEY *pkey = object; BIO *mem_ser = NULL; @@ -314,9 +322,10 @@ static int pass_pw(char *buf, int size, int rwflag, void *userdata) static int encode_EVP_PKEY_PVK(void **encoded, long *encoded_len, void *object, + ossl_unused const char *output_type, + ossl_unused int selection, const char *pass, - ossl_unused const char *pcipher, - ossl_unused const char *encoder_propq) + ossl_unused const char *pcipher) { EVP_PKEY *pkey = object; BIO *mem_ser = NULL; @@ -357,6 +366,29 @@ static int test_mem(const void *data1, size_t data1_len, /* Test cases and their dumpers / checkers */ +static void collect_name(const char *name, void *arg) +{ + char **namelist = arg; + char *new_namelist; + size_t space; + + space = strlen(name); + if (*namelist != NULL) + space += strlen(*namelist) + 2 /* for comma and space */; + space++; /* for terminating null byte */ + + new_namelist = OPENSSL_realloc(*namelist, space); + if (new_namelist == NULL) + return; + if (*namelist != NULL) { + strcat(new_namelist, ", "); + strcat(new_namelist, name); + } else { + strcpy(new_namelist, name); + } + *namelist = new_namelist; +} + static void dump_der(const char *label, const void *data, size_t data_len) { test_output_memory(label, data, data_len); @@ -377,9 +409,17 @@ static int check_unprotected_PKCS8_DER(const char *type, if (TEST_ptr(p8inf)) { EVP_PKEY *pkey = EVP_PKCS82PKEY(p8inf); - - ok = (TEST_ptr(pkey) && TEST_true(EVP_PKEY_is_a(pkey, type))); - EVP_PKEY_free(pkey); + char *namelist = NULL; + + if (TEST_ptr(pkey)) { + if (!(ok = TEST_true(EVP_PKEY_is_a(pkey, type)))) { + EVP_PKEY_typenames_do_all(pkey, collect_name, &namelist); + if (namelist != NULL) + TEST_note("%s isn't any of %s", type, namelist); + OPENSSL_free(namelist); + } + EVP_PKEY_free(pkey); + } } PKCS8_PRIV_KEY_INFO_free(p8inf); return ok; @@ -387,45 +427,57 @@ static int check_unprotected_PKCS8_DER(const char *type, static int test_unprotected_via_DER(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, NULL, NULL, + return test_encode_decode(type, key, + "DER", OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, - test_mem, check_unprotected_PKCS8_DER, dump_der, - OSSL_ENCODER_PrivateKey_TO_DER_PQ); + test_mem, check_unprotected_PKCS8_DER, + dump_der); } static int check_unprotected_PKCS8_PEM(const char *type, const void *data, size_t data_len) { - static const char pem_header[] = "-----BEGIN " PEM_STRING_PKCS8INF "-----"; + static const char expected_pem_header[] = + "-----BEGIN " PEM_STRING_PKCS8INF "-----"; - return TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1); + return TEST_strn_eq(data, expected_pem_header, + sizeof(expected_pem_header) - 1); } static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, NULL, NULL, + return test_encode_decode(type, key, + "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, - test_text, check_unprotected_PKCS8_PEM, dump_pem, - OSSL_ENCODER_PrivateKey_TO_PEM_PQ); + test_text, check_unprotected_PKCS8_PEM, + dump_pem); } static int check_unprotected_legacy_PEM(const char *type, const void *data, size_t data_len) { - static char pem_header[80]; + static char expected_pem_header[80]; return - TEST_int_gt(BIO_snprintf(pem_header, sizeof(pem_header), + TEST_int_gt(BIO_snprintf(expected_pem_header, + sizeof(expected_pem_header), "-----BEGIN %s PRIVATE KEY-----", type), 0) - && TEST_strn_eq(data, pem_header, strlen(pem_header)); + && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header)); } static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, NULL, NULL, + return test_encode_decode(type, key, + "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + NULL, NULL, encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov, - test_text, check_unprotected_legacy_PEM, dump_pem, - NULL); + test_text, check_unprotected_legacy_PEM, + dump_pem); } #ifndef OPENSSL_NO_DSA @@ -441,10 +493,13 @@ static int check_MSBLOB(const char *type, const void *data, size_t data_len) static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, NULL, NULL, + return test_encode_decode(type, key, + "MSBLOB", OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + NULL, NULL, encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov, - test_mem, check_MSBLOB, dump_der, - NULL); + test_mem, check_MSBLOB, + dump_der); } # ifndef OPENSSL_NO_RC4 @@ -459,10 +514,13 @@ static int check_PVK(const char *type, const void *data, size_t data_len) static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, NULL, NULL, + return test_encode_decode(type, key, + "PVK", OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + NULL, NULL, encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov, - test_mem, check_PVK, dump_der, - NULL); + test_mem, check_PVK, + dump_der); } # endif #endif @@ -483,55 +541,69 @@ static int check_protected_PKCS8_DER(const char *type, static int test_protected_via_DER(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, pass, pass_cipher, + return test_encode_decode(type, key, + "DER", OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + pass, pass_cipher, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, - test_mem, check_protected_PKCS8_DER, dump_der, - OSSL_ENCODER_PrivateKey_TO_DER_PQ); + test_mem, check_protected_PKCS8_DER, + dump_der); } static int check_protected_PKCS8_PEM(const char *type, const void *data, size_t data_len) { - static const char pem_header[] = "-----BEGIN " PEM_STRING_PKCS8 "-----"; + static const char expected_pem_header[] = + "-----BEGIN " PEM_STRING_PKCS8 "-----"; - return TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1); + return TEST_strn_eq(data, expected_pem_header, + sizeof(expected_pem_header) - 1); } static int test_protected_via_PEM(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, pass, pass_cipher, + return test_encode_decode(type, key, + "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + pass, pass_cipher, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, - test_text, check_protected_PKCS8_PEM, dump_pem, - OSSL_ENCODER_PrivateKey_TO_PEM_PQ); + test_text, check_protected_PKCS8_PEM, + dump_pem); } static int check_protected_legacy_PEM(const char *type, const void *data, size_t data_len) { - static char pem_header[80]; + static char expected_pem_header[80]; return - TEST_int_gt(BIO_snprintf(pem_header, sizeof(pem_header), + TEST_int_gt(BIO_snprintf(expected_pem_header, + sizeof(expected_pem_header), "-----BEGIN %s PRIVATE KEY-----", type), 0) - && TEST_strn_eq(data, pem_header, strlen(pem_header)) + && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header)) && TEST_ptr(strstr(data, "\nDEK-Info: ")); } static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, pass, pass_cipher, + return test_encode_decode(type, key, + "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + pass, pass_cipher, encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov, - test_text, check_protected_legacy_PEM, dump_pem, - NULL); + test_text, check_protected_legacy_PEM, + dump_pem); } #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) static int test_protected_via_PVK(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, pass, NULL, + return test_encode_decode(type, key, + "PVK", OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + pass, NULL, encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov, - test_mem, check_PVK, dump_der, - NULL); + test_mem, check_PVK, dump_der); } #endif @@ -547,26 +619,32 @@ static int check_public_DER(const char *type, const void *data, size_t data_len) static int test_public_via_DER(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, NULL, NULL, + return test_encode_decode(type, key, + "DER", OSSL_KEYMGMT_SELECT_PUBLIC_KEY + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, - test_mem, check_public_DER, dump_der, - OSSL_ENCODER_PUBKEY_TO_DER_PQ); + test_mem, check_public_DER, dump_der); } static int check_public_PEM(const char *type, const void *data, size_t data_len) { - static const char pem_header[] = "-----BEGIN " PEM_STRING_PUBLIC "-----"; + static const char expected_pem_header[] = + "-----BEGIN " PEM_STRING_PUBLIC "-----"; return - TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1); + TEST_strn_eq(data, expected_pem_header, + sizeof(expected_pem_header) - 1); } static int test_public_via_PEM(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, NULL, NULL, + return test_encode_decode(type, key, + "PEM", OSSL_KEYMGMT_SELECT_PUBLIC_KEY + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, - test_text, check_public_PEM, dump_pem, - OSSL_ENCODER_PUBKEY_TO_PEM_PQ); + test_text, check_public_PEM, dump_pem); } #ifndef OPENSSL_NO_DSA @@ -583,11 +661,13 @@ static int check_public_MSBLOB(const char *type, static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key) { - return test_encode_decode(type, key, NULL, NULL, + return test_encode_decode(type, key, + "MSBLOB", OSSL_KEYMGMT_SELECT_PUBLIC_KEY + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + NULL, NULL, encode_public_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov, - test_mem, check_public_MSBLOB, dump_der, - NULL); + test_mem, check_public_MSBLOB, dump_der); } #endif diff --git a/test/evp_pkey_provided_test.c b/test/evp_pkey_provided_test.c index 3678dc0584f..33f39152220 100644 --- a/test/evp_pkey_provided_test.c +++ b/test/evp_pkey_provided_test.c @@ -153,36 +153,49 @@ static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk) } static int test_print_key_type_using_encoder(const char *alg, int type, - const EVP_PKEY *pk) + const EVP_PKEY *pk) { - const char *pq; + const char *output_type; + int selection; OSSL_ENCODER_CTX *ctx = NULL; BIO *membio = BIO_new(BIO_s_mem()); int ret = 0; switch (type) { case PRIV_TEXT: - pq = OSSL_ENCODER_PrivateKey_TO_TEXT_PQ; + output_type = "TEXT"; + selection = OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; break; case PRIV_PEM: - pq = OSSL_ENCODER_PrivateKey_TO_PEM_PQ; + output_type = "PEM"; + selection = OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; break; case PRIV_DER: - pq = OSSL_ENCODER_PrivateKey_TO_DER_PQ; + output_type = "DER"; + selection = OSSL_KEYMGMT_SELECT_KEYPAIR + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; break; case PUB_TEXT: - pq = OSSL_ENCODER_PUBKEY_TO_TEXT_PQ; + output_type = "TEXT"; + selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; break; case PUB_PEM: - pq = OSSL_ENCODER_PUBKEY_TO_PEM_PQ; + output_type = "PEM"; + selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; break; case PUB_DER: - pq = OSSL_ENCODER_PUBKEY_TO_DER_PQ; + output_type = "DER"; + selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY + | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; break; default: @@ -195,9 +208,11 @@ static int test_print_key_type_using_encoder(const char *alg, int type, /* Make a context, it's valid for several prints */ TEST_note("Setting up a OSSL_ENCODER context with passphrase"); - if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pk, pq)) + if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pk, output_type, + selection, + NULL, NULL)) /* Check that this operation is supported */ - || !TEST_ptr(OSSL_ENCODER_CTX_get_encoder(ctx))) + || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0)) goto err; /* Use no cipher. This should give us an unencrypted PEM */ diff --git a/util/libcrypto.num b/util/libcrypto.num index f9045e021ac..fd6fe59b53c 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5311,3 +5311,4 @@ OSSL_ENCODER_CTX_set_construct_data ? 3_0_0 EXIST::FUNCTION: OSSL_ENCODER_CTX_set_cleanup ? 3_0_0 EXIST::FUNCTION: OSSL_DECODER_INSTANCE_get_input_type ? 3_0_0 EXIST::FUNCTION: OSSL_ENCODER_CTX_set_passphrase_cb ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_typenames_do_all ? 3_0_0 EXIST::FUNCTION: