[openssl] master update

Richard Levitte levitte at openssl.org
Thu Oct 1 17:56:37 UTC 2020


The branch master has been updated
       via  f21c9c64f53484d4abe25b76d29350ed683db855 (commit)
      from  7d80985e178d77226392f9c35c36f3f885b884d7 (commit)


- Log -----------------------------------------------------------------
commit f21c9c64f53484d4abe25b76d29350ed683db855
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Sep 30 17:22:27 2020 +0200

    EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use
    
    We've had explicit checks for when to fall back to legacy code for
    operations that use an EVP_PKEY.  Unfortunately, the checks were
    radically different in different spots, so we refactor that into a
    macro that gets used everywhere.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/13043)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/asymcipher.c |  2 +-
 crypto/evp/exchange.c   |  2 +-
 crypto/evp/m_sigver.c   |  2 +-
 crypto/evp/signature.c  |  2 +-
 include/crypto/evp.h    | 16 ++++++++++++++++
 5 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/crypto/evp/asymcipher.c b/crypto/evp/asymcipher.c
index a80398782c..f28bfe6aef 100644
--- a/crypto/evp/asymcipher.c
+++ b/crypto/evp/asymcipher.c
@@ -38,7 +38,7 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation)
      */
     ERR_set_mark();
 
-    if (ctx->engine != NULL || ctx->keytype == NULL)
+    if (evp_pkey_ctx_is_legacy(ctx))
         goto legacy;
 
     /*
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index ccd75099ad..ea1f771d6f 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -197,7 +197,7 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
      */
     ERR_set_mark();
 
-    if (ctx->keymgmt == NULL)
+    if (evp_pkey_ctx_is_legacy(ctx))
         goto legacy;
 
     /*
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index faf5191234..783225b6f7 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -80,7 +80,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
      */
     ERR_set_mark();
 
-    if (locpctx->engine != NULL || locpctx->keytype == NULL)
+    if (evp_pkey_ctx_is_legacy(locpctx))
         goto legacy;
 
     /*
diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index 7a2af1b5a2..c0126501f8 100644
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -381,7 +381,7 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation)
      */
     ERR_set_mark();
 
-    if (ctx->keymgmt == NULL)
+    if (evp_pkey_ctx_is_legacy(ctx))
         goto legacy;
 
     /*
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 986e11705b..9ca1a6062f 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -18,6 +18,22 @@
  */
 #define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX   0x0400
 
+/*
+ * An EVP_PKEY can have the following support states:
+ *
+ * Supports legacy implementations only:
+ *
+ *      engine != NULL || keytype == NULL
+ *
+ * Supports provided implementations:
+ *
+ *      engine == NULL && keytype != NULL
+ */
+#define evp_pkey_ctx_is_legacy(ctx)                             \
+    ((ctx)->engine != NULL || (ctx)->keytype == NULL)
+#define evp_pkey_ctx_is_provided(ctx)                           \
+    (!evp_pkey_ctx_is_legacy(ctx))
+
 struct evp_pkey_ctx_st {
     /* Actual operation */
     int operation;


More information about the openssl-commits mailing list