Rename SSL_CERT_LOOKUP.nid to pkey_nid

author Richard Levitte <levitte@openssl.org>

Wed, 29 Oct 2025 09:12:33 +0000 (10:12 +0100)

committer Richard Levitte <levitte@openssl.org>

Thu, 30 Oct 2025 18:09:26 +0000 (19:09 +0100)
author Richard Levitte <levitte@openssl.org>
Wed, 29 Oct 2025 09:12:33 +0000 (10:12 +0100)
committer Richard Levitte <levitte@openssl.org>
Thu, 30 Oct 2025 18:09:26 +0000 (19:09 +0100)
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c

index f40d369794ab87bab5238377e57c94664e02ea74..27a0cf2ba4fe94d32e612e434a70511f9a0dcd60 100644 (file)
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -1229,13 +1229,13 @@ int ssl_cert_lookup_by_nid(int nid, size_t *pidx, SSL_CTX *ctx)
      size_t i;
  
      for (i = 0; i < OSSL_NELEM(ssl_cert_info); i++) {
-        if (ssl_cert_info[i].nid == nid) {
+        if (ssl_cert_info[i].pkey_nid == nid) {
              *pidx = i;
              return 1;
          }
      }
      for (i = 0; i < ctx->sigalg_list_len; i++) {
-        if (ctx->ssl_cert_info[i].nid == nid) {
+        if (ctx->ssl_cert_info[i].pkey_nid == nid) {
              *pidx = SSL_PKEY_NUM + i;
              return 1;
          }
@@ -1251,8 +1251,8 @@ SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk, size_t *pidx, SSL_C
      for (i = 0; i < OSSL_NELEM(ssl_cert_info); i++) {
          SSL_CERT_LOOKUP *tmp_lu = &ssl_cert_info[i];
  
-        if (EVP_PKEY_is_a(pk, OBJ_nid2sn(tmp_lu->nid))
-            || EVP_PKEY_is_a(pk, OBJ_nid2ln(tmp_lu->nid))) {
+        if (EVP_PKEY_is_a(pk, OBJ_nid2sn(tmp_lu->pkey_nid))
+            || EVP_PKEY_is_a(pk, OBJ_nid2ln(tmp_lu->pkey_nid))) {
              if (pidx != NULL)
                  *pidx = i;
              return tmp_lu;
@@ -1262,8 +1262,8 @@ SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk, size_t *pidx, SSL_C
      for (i = 0; i < ctx->sigalg_list_len; i++) {
          SSL_CERT_LOOKUP *tmp_lu = &(ctx->ssl_cert_info[i]);
  
-        if (EVP_PKEY_is_a(pk, OBJ_nid2sn(tmp_lu->nid))
-            || EVP_PKEY_is_a(pk, OBJ_nid2ln(tmp_lu->nid))) {
+        if (EVP_PKEY_is_a(pk, OBJ_nid2sn(tmp_lu->pkey_nid))
+            || EVP_PKEY_is_a(pk, OBJ_nid2ln(tmp_lu->pkey_nid))) {
              if (pidx != NULL)
                  *pidx = SSL_PKEY_NUM + i;
              return &ctx->ssl_cert_info[i];
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h

index 5f19e679fc099379c6f8bd3aa765e570928e49dc..df9d877ac61aa6acb3793c7f4a30ee282acebca5 100644 (file)
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -791,7 +791,7 @@ typedef struct tls_sigalg_info_st {
   * CERT_PKEY entries
   */
  typedef struct {
-    int nid; /* NID of public key algorithm */
+    int pkey_nid; /* NID of public key algorithm */
      uint32_t amask; /* authmask corresponding to key type */
  } SSL_CERT_LOOKUP;
  
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c

index bb936df27e3080306b40ebde97ddf5673750faa1..5362b9fbd4fe15b2f82ca60efde41cc7a24cf846 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -725,7 +725,7 @@ int ssl_load_sigalgs(SSL_CTX *ctx)
              return 0;
          for(i = 0; i < ctx->sigalg_list_len; i++) {
              const char *keytype = inferred_keytype(&ctx->sigalg_list[i]);
-            ctx->ssl_cert_info[i].nid = OBJ_txt2nid(keytype);
+            ctx->ssl_cert_info[i].pkey_nid = OBJ_txt2nid(keytype);
              ctx->ssl_cert_info[i].amask = SSL_aANY;
          }
      }
@@ -3567,7 +3567,7 @@ static int tls12_get_cert_sigalg_idx(const SSL_CONNECTION *s,
      /* If not recognised or not supported by cipher mask it is not suitable */
      if (clu == NULL
              || (clu->amask & s->s3.tmp.new_cipher->algorithm_auth) == 0
-            || (clu->nid == EVP_PKEY_RSA_PSS
+            || (clu->pkey_nid == EVP_PKEY_RSA_PSS
                  && (s->s3.tmp.new_cipher->algorithm_mkey & SSL_kRSA) != 0))
          return -1;
  
diff --git a/test/ssl_cert_table_internal_test.c b/test/ssl_cert_table_internal_test.c

index 397834a8f1a349e84de7b684ebe0bcc01d8d98d5..2b2449980f6e6a3aa6b85ea02fd7e1cdd2715c79 100644 (file)
--- a/test/ssl_cert_table_internal_test.c
+++ b/test/ssl_cert_table_internal_test.c
@@ -26,14 +26,14 @@ static int do_test_cert_table(int nid, uint32_t amask, size_t idx,
  {
      const SSL_CERT_LOOKUP *clu = &ssl_cert_info[idx];
  
-    if (clu->nid == nid && clu->amask == amask)
+    if (clu->pkey_nid == nid && clu->amask == amask)
          return 1;
  
      TEST_error("Invalid table entry for certificate type %s, index %zu",
                 idxname, idx);
-    if (clu->nid != nid)
+    if (clu->pkey_nid != nid)
          TEST_note("Expected %s, got %s\n", OBJ_nid2sn(nid),
-                  OBJ_nid2sn(clu->nid));
+                  OBJ_nid2sn(clu->pkey_nid));
      if (clu->amask != amask)
          TEST_note("Expected auth mask 0x%x, got 0x%x\n",
                    (unsigned int)amask, (unsigned int)clu->amask);
author	Richard Levitte <levitte@openssl.org>
	Wed, 29 Oct 2025 09:12:33 +0000 (10:12 +0100)
committer	Richard Levitte <levitte@openssl.org>
	Thu, 30 Oct 2025 18:09:26 +0000 (19:09 +0100)
ssl/ssl_cert.c		patch \| blob \| blame \| history
ssl/ssl_local.h		patch \| blob \| blame \| history
ssl/t1_lib.c		patch \| blob \| blame \| history
test/ssl_cert_table_internal_test.c		patch \| blob \| blame \| history