From: Richard Levitte Date: Wed, 10 Feb 2021 15:55:19 +0000 (+0100) Subject: EVP: Implement EVP_PKEY_CTX_is_a() X-Git-Tag: openssl-3.0.0-alpha13~233 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6179dfc7c4bd850004c3b4b8220f3559573130d5;p=thirdparty%2Fopenssl.git EVP: Implement EVP_PKEY_CTX_is_a() This does what was previously done by looking at pctx->pmeth->pkey_id, but handles both legacy and provider side contexts, and is supposed to become a replacement for the old way. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13913) --- diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index a933752071f..73f44c46cb0 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -649,6 +649,15 @@ const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx) } #endif +int EVP_PKEY_CTX_is_a(EVP_PKEY_CTX *ctx, const char *keytype) +{ +#ifndef FIPS_MODULE + if (evp_pkey_ctx_is_legacy(ctx)) + return (ctx->pmeth->pkey_id == evp_pkey_name2type(keytype)); +#endif + return EVP_KEYMGMT_is_a(ctx->keymgmt, keytype); +} + int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params) { if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx) diff --git a/doc/man3/EVP_PKEY_CTX_new.pod b/doc/man3/EVP_PKEY_CTX_new.pod index 3342386d94e..cb203dbd712 100644 --- a/doc/man3/EVP_PKEY_CTX_new.pod +++ b/doc/man3/EVP_PKEY_CTX_new.pod @@ -3,7 +3,8 @@ =head1 NAME EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_new_from_name, -EVP_PKEY_CTX_new_from_pkey, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free +EVP_PKEY_CTX_new_from_pkey, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free, +EVP_PKEY_CTX_is_a - public key algorithm context functions =head1 SYNOPSIS @@ -20,6 +21,7 @@ EVP_PKEY_CTX_new_from_pkey, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free const char *propquery); EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx); void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); + int EVP_PKEY_CTX_is_a(EVP_PKEY_CTX *ctx, const char *keytype); =head1 DESCRIPTION @@ -53,6 +55,8 @@ keygen operation. EVP_PKEY_CTX_free() frees up the context I. If I is NULL, nothing is done. +EVP_PKEY_is_a() checks if the key type associated with I is I. + =head1 NOTES =head2 On B @@ -102,6 +106,8 @@ the newly allocated B structure or B if an error occurred. EVP_PKEY_CTX_free() does not return a value. +EVP_PKEY_CTX_is_a() returns 1 for true and 0 for false. + =head1 SEE ALSO L diff --git a/include/crypto/evp.h b/include/crypto/evp.h index 7f28edd6c25..cc74f11548e 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -23,7 +23,7 @@ #define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400 /* - * An EVP_PKEY can have the following support states: + * An EVP_PKEY_CTX can have the following support states: * * Supports legacy implementations only: * diff --git a/include/openssl/evp.h b/include/openssl/evp.h index bdce18c5ee8..1bf244322e4 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1649,6 +1649,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey, const char *propquery); EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx); void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); +int EVP_PKEY_CTX_is_a(EVP_PKEY_CTX *ctx, const char *keytype); int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params); const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(EVP_PKEY_CTX *ctx); diff --git a/util/libcrypto.num b/util/libcrypto.num index b602ee4978c..a16b6e17eb4 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5300,3 +5300,4 @@ EVP_PKEY_fromdata_init ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_fromdata_settable ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_param_check_quick ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_public_check_quick ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_CTX_is_a ? 3_0_0 EXIST::FUNCTION: