From: Matt Caswell Date: Wed, 7 Oct 2020 14:59:28 +0000 (+0100) Subject: Remove CMS recipient info information out of the algorithm implementations X-Git-Tag: openssl-3.0.0-alpha7~7 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7022d9b9032794330cd2d753f077670db95d33d4;p=thirdparty%2Fopenssl.git Remove CMS recipient info information out of the algorithm implementations Low level algorithm implementations have no business knowing about details of the higher level CMS concept. This knowledge is therefore moved into the CMS layer. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13088) --- diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index 84d9e5b9487..8f3e2db3392 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -1303,6 +1303,20 @@ err: */ int cms_pkey_get_ri_type(EVP_PKEY *pk) { + /* Check types that we know about */ + if (EVP_PKEY_is_a(pk, "DH")) + return CMS_RECIPINFO_AGREE; + else if (EVP_PKEY_is_a(pk, "DSA")) + return CMS_RECIPINFO_NONE; + else if (EVP_PKEY_is_a(pk, "EC")) + return CMS_RECIPINFO_AGREE; + else if (EVP_PKEY_is_a(pk, "RSA")) + return CMS_RECIPINFO_TRANS; + + /* + * Otherwise this might ben an engine implementation, so see if we can get + * the type from the ameth. + */ if (pk->ameth && pk->ameth->pkey_ctrl) { int i, r; i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_RI_TYPE, 0, &r); diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 46a2fdd881b..9ad75d20926 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -19,7 +19,6 @@ #include #include #include -#include #include "internal/ffc.h" #include "internal/cryptlib.h" #include "crypto/asn1.h" @@ -449,11 +448,6 @@ static int dh_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) static int dhx_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) { switch (op) { -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - *(int *)arg2 = CMS_RECIPINFO_AGREE; - return 1; -#endif default: return -2; } diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index d9b4a3fae71..98b531ea24b 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -17,7 +17,6 @@ #include #include #include -#include #include #include #include "internal/cryptlib.h" @@ -481,11 +480,6 @@ static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0); } return 1; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - *(int *)arg2 = CMS_RECIPINFO_NONE; - return 1; -#endif case ASN1_PKEY_CTRL_DEFAULT_MD_NID: *(int *)arg2 = NID_sha256; diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 864402ab186..caeb7f70cc0 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -18,7 +18,6 @@ #include #include #include -#include #include #include "crypto/asn1.h" #include "crypto/evp.h" @@ -489,11 +488,6 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0); } return 1; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - *(int *)arg2 = CMS_RECIPINFO_AGREE; - return 1; -#endif case ASN1_PKEY_CTRL_DEFAULT_MD_NID: if (EVP_PKEY_id(pkey) == EVP_PKEY_SM2) { diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index fc76a0e103f..c693ca7e212 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -18,7 +18,6 @@ #include #include #include -#include #include #include #include "crypto/asn1.h" @@ -505,13 +504,6 @@ static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) if (arg1 == 0) PKCS7_RECIP_INFO_get0_alg(arg2, &alg); break; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - if (pkey_is_pss(pkey)) - return -2; - *(int *)arg2 = CMS_RECIPINFO_TRANS; - return 1; -#endif case ASN1_PKEY_CTRL_DEFAULT_MD_NID: if (pkey->pkey.rsa->pss != NULL) {