[openssl-dev] [openssl.org #3894] AutoReply: PATCH: EVP_PKEY_get_type (new function)
Kurt Roeckx
kurt at roeckx.be
Sat Jun 6 01:48:55 UTC 2015
On Thu, Jun 04, 2015 at 04:52:22PM -0400, Jeffrey Walton wrote:
> Thanks Kurt. I think I'll need to think about this some more because I
> don't recall EVP_PKEY_id.
>
> I think I never considered it because I could not find it when
> searching for something to return the inner type ('id' does not make a
> lot of sense to me, even now).
>
> Maybe I should back up a bit. What is 'id' supposed to do above and
> beyond providing the 'type'?
>
> *****
>
> > I don't know if there are plans to run the EVP_PKEY into a opaque
> > struct soon, but it probably should.
>
> That's fine as long as we have an accessor to ensure we are working
> with what we expect. Otherwise, we can't validate which means we can't
> use the value.
>
> *****
>
> > This doesn't make sense. You're discouraging the function you
> > add? Maybe you mean EVP_PKEY_type(pkey->type)?
>
> Yeah, you're kind of right. On one hand, its lower level and its use
> is discouraged (see the NOTES in evp,h). On the other hand, we need it
> for use.
>
> *****
>
> According to the man pages for EVP_PKEY_type:
>
> EVP_PKEY_type() returns the type of key corresponding to the value
> type. The type of a key can be obtained with EVP_PKEY_type(pkey->type).
>
> Reading the man pages, it appears there's no accessor for
> `pkey->type`. Otherwise, we would have been told to use `EVP_PKEY_id`.
>
> *****
>
> > This seems to do almost exactly the same as EVP_PKEY_base_id().
>
> Actually, I think its closer to EVP_PKEY_id().
>
> Also, we have a NULL pointer dereference in the existing function:
>
> int EVP_PKEY_id(const EVP_PKEY *pkey)
> {
> return pkey->type;
> }
>
> (Sorry, I did not recall seeing that function).
I think you're getting confused. There is:
int EVP_PKEY_id(const EVP_PKEY *pkey)
{
return pkey->type;
}
int EVP_PKEY_base_id(const EVP_PKEY *pkey)
{
return EVP_PKEY_type(pkey->type);
}
And you had:
int EVP_PKEY_get_type(EVP_PKEY *pkey)
{
if (!pkey)
return EVP_PKEY_NONE;
return EVP_PKEY_type(pkey->type);
}
Kurt
More information about the openssl-dev
mailing list