Make OpenSSL keypair comparation a generic helper function

diff --git a/lib/dns/dst_openssl.h b/lib/dns/dst_openssl.h
index 188e72cd160ffc4d67578d0e0c8c23a2a85b7f3d..4380d36364cf58b6ac695aa9e0f6ea4ef66ec177 100644 (file)
--- a/lib/dns/dst_openssl.h
+++ b/lib/dns/dst_openssl.h
@@ -45,4 +45,7 @@ isc_result_t
 dst__openssl_fromlabel(int key_base_id, const char *engine, const char *label,
                       const char *pin, EVP_PKEY **ppub, EVP_PKEY **ppriv);
 
+bool
+dst__openssl_compare_keypair(const dst_key_t *key1, const dst_key_t *key2);
+
 ISC_LANG_ENDDECLS

diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c
index f23f86443ec20a89f14cff526e2c27efd3062fa5..c10a978cefce073a74eb614f5976e347427a6e0f 100644 (file)
--- a/lib/dns/openssl_link.c
+++ b/lib/dns/openssl_link.c
@@ -353,4 +353,28 @@ dst__openssl_fromlabel(int key_base_id, const char *engine, const char *label,
                                              ppub, ppriv));
 }
 
+bool
+dst__openssl_compare_keypair(const dst_key_t *key1, const dst_key_t *key2) {
+       EVP_PKEY *pkey1 = key1->keydata.pkeypair.pub;
+       EVP_PKEY *pkey2 = key2->keydata.pkeypair.pub;
+
+       if (pkey1 == NULL && pkey2 == NULL) {
+               return (true);
+       } else if (pkey1 == NULL || pkey2 == NULL) {
+               return (false);
+       }
+
+       /* `EVP_PKEY_eq` checks only the public components and parameters. */
+       if (EVP_PKEY_eq(pkey1, pkey2) != 1) {
+               return (false);
+       }
+       /* The private key presence must be same for keys to match. */
+       if ((key1->keydata.pkeypair.priv != NULL) !=
+           (key2->keydata.pkeypair.priv != NULL))
+       {
+               return (false);
+       }
+       return (true);
+}
+
 /*! \file */

diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c
index efef7fe14a93d92ef92f3c871b45dcd2bd101905..2d657993f7678b2bd020bbf53fce11d16090360e 100644 (file)
--- a/lib/dns/opensslrsa_link.c
+++ b/lib/dns/opensslrsa_link.c
@@ -343,30 +343,6 @@ opensslrsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
        return (opensslrsa_verify2(dctx, 0, sig));
 }
 
-static bool
-opensslrsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
-       EVP_PKEY *pkey1 = key1->keydata.pkeypair.pub;
-       EVP_PKEY *pkey2 = key2->keydata.pkeypair.pub;
-
-       if (pkey1 == NULL && pkey2 == NULL) {
-               return (true);
-       } else if (pkey1 == NULL || pkey2 == NULL) {
-               return (false);
-       }
-
-       /* `EVP_PKEY_eq` checks only the public components and parameters. */
-       if (EVP_PKEY_eq(pkey1, pkey2) != 1) {
-               return (false);
-       }
-       /* The private key presence must be same for keys to match. */
-       if ((key1->keydata.pkeypair.priv != NULL) !=
-           (key2->keydata.pkeypair.priv != NULL))
-       {
-               return (false);
-       }
-       return (true);
-}
-
 #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000
 static int
 progress_cb(int p, int n, BN_GENCB *cb) {
@@ -1139,7 +1115,7 @@ static dst_func_t opensslrsa_functions = {
        opensslrsa_verify,
        opensslrsa_verify2,
        NULL, /*%< computesecret */
-       opensslrsa_compare,
+       dst__openssl_compare_keypair,
        NULL, /*%< paramcompare */
        opensslrsa_generate,
        opensslrsa_isprivate,