[openssl] master update
tomas at openssl.org
tomas at openssl.org
Wed Feb 24 16:55:57 UTC 2021
The branch master has been updated
via da9988e0f5371cb7e2aeed9f3c9a6433a9acc595 (commit)
via b300f1cb3d0d266eb837af2eab2cf97e5a418e56 (commit)
via 53cefef62ba7b1262374874aa8ce0aa34419d8ff (commit)
via 7415ffe36896a6cce6f83db5ec1c54e69213c5b1 (commit)
from 861f265a407d5de81c79b6917139e66cdfb0f367 (commit)
- Log -----------------------------------------------------------------
commit da9988e0f5371cb7e2aeed9f3c9a6433a9acc595
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Feb 23 16:52:49 2021 +0100
Cleanup of some of the EVP_PKEY_CTX_ctrl related TODOs
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
commit b300f1cb3d0d266eb837af2eab2cf97e5a418e56
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Feb 23 16:52:21 2021 +0100
Fix missing EOL at the end of the rsa/build.info
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
commit 53cefef62ba7b1262374874aa8ce0aa34419d8ff
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Feb 23 16:51:43 2021 +0100
Remove inclusion of unnecessary header files
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
commit 7415ffe36896a6cce6f83db5ec1c54e69213c5b1
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Feb 23 16:50:21 2021 +0100
Use strcasecmp when comparing kdf_type
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14290)
-----------------------------------------------------------------------
Summary of changes:
crypto/dsa/dsa_lib.c | 8 +++-----
crypto/evp/ctrl_params_translate.c | 2 +-
crypto/evp/dh_ctrl.c | 2 --
crypto/evp/dsa_ctrl.c | 30 +++---------------------------
crypto/evp/ec_ctrl.c | 9 ---------
crypto/rsa/build.info | 2 +-
crypto/rsa/rsa_lib.c | 7 ++-----
7 files changed, 10 insertions(+), 50 deletions(-)
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index fd56203539..7e5be3208d 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -13,15 +13,13 @@
*/
#include "internal/deprecated.h"
-#include <stdio.h>
-#include "internal/cryptlib.h"
-#include "internal/refcount.h"
#include <openssl/bn.h>
-#include <openssl/asn1.h>
#include <openssl/engine.h>
-#include "dsa_local.h"
+#include "internal/cryptlib.h"
+#include "internal/refcount.h"
#include "crypto/dsa.h"
#include "crypto/dh.h" /* required by DSA_dup_DH() */
+#include "dsa_local.h"
static DSA *dsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx);
diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c
index 1e7001809b..04f8fdbcab 100644
--- a/crypto/evp/ctrl_params_translate.c
+++ b/crypto/evp/ctrl_params_translate.c
@@ -893,7 +893,7 @@ static int fix_kdf_type(enum state state,
/* Convert KDF type strings to numbers */
for (; kdf_type_map->kdf_type_str != NULL; kdf_type_map++)
- if (strcmp(ctx->p2, kdf_type_map->kdf_type_str) == 0) {
+ if (strcasecmp(ctx->p2, kdf_type_map->kdf_type_str) == 0) {
ctx->p1 = kdf_type_map->kdf_type_num;
ret = 1;
break;
diff --git a/crypto/evp/dh_ctrl.c b/crypto/evp/dh_ctrl.c
index 7eb0a8ee48..57cd88b41b 100644
--- a/crypto/evp/dh_ctrl.c
+++ b/crypto/evp/dh_ctrl.c
@@ -9,8 +9,6 @@
#include "internal/deprecated.h"
-#include <stdio.h>
-#include <string.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/err.h>
diff --git a/crypto/evp/dsa_ctrl.c b/crypto/evp/dsa_ctrl.c
index cb7e543e02..5fa2300abb 100644
--- a/crypto/evp/dsa_ctrl.c
+++ b/crypto/evp/dsa_ctrl.c
@@ -82,13 +82,6 @@ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits)
if ((ret = dsa_paramgen_check(ctx)) <= 0)
return ret;
-#if !defined(FIPS_MODULE)
- /* TODO(3.0): Remove this eventually when no more legacy */
- if (ctx->op.keymgmt.genctx == NULL)
- return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
- EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL);
-#endif
-
*p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_PBITS, &bits);
*p++ = OSSL_PARAM_construct_end();
@@ -104,13 +97,6 @@ int EVP_PKEY_CTX_set_dsa_paramgen_q_bits(EVP_PKEY_CTX *ctx, int qbits)
if ((ret = dsa_paramgen_check(ctx)) <= 0)
return ret;
-#if !defined(FIPS_MODULE)
- /* TODO(3.0): Remove this eventually when no more legacy */
- if (ctx->op.keymgmt.genctx == NULL)
- return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
- EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits, NULL);
-#endif
-
*p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_QBITS, &bits2);
*p++ = OSSL_PARAM_construct_end();
@@ -127,16 +113,6 @@ int EVP_PKEY_CTX_set_dsa_paramgen_md_props(EVP_PKEY_CTX *ctx,
if ((ret = dsa_paramgen_check(ctx)) <= 0)
return ret;
-#if !defined(FIPS_MODULE)
- /* TODO(3.0): Remove this eventually when no more legacy */
- if (ctx->op.keymgmt.genctx == NULL) {
- const EVP_MD *md = EVP_get_digestbyname(md_name);
-
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
- EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, (void *)(md));
- }
-#endif
-
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_DIGEST,
(char *)md_name, 0);
if (md_properties != NULL)
@@ -148,10 +124,10 @@ int EVP_PKEY_CTX_set_dsa_paramgen_md_props(EVP_PKEY_CTX *ctx,
}
#if !defined(FIPS_MODULE)
+/* TODO(3.0): deprecate as this is needed only for legacy? */
int EVP_PKEY_CTX_set_dsa_paramgen_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
{
- const char *md_name = (md == NULL) ? "" : EVP_MD_name(md);
-
- return EVP_PKEY_CTX_set_dsa_paramgen_md_props(ctx, md_name, NULL);
+ return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
+ EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, (void *)(md));
}
#endif
diff --git a/crypto/evp/ec_ctrl.c b/crypto/evp/ec_ctrl.c
index ff0c55d023..b8b5434ee6 100644
--- a/crypto/evp/ec_ctrl.c
+++ b/crypto/evp/ec_ctrl.c
@@ -9,8 +9,6 @@
#include "internal/deprecated.h"
-#include <string.h>
-
#include <openssl/core_names.h>
#include <openssl/err.h>
#include <openssl/ec.h>
@@ -254,13 +252,6 @@ int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **pukm)
if (ret != 1)
return ret;
- /* TODO(3.0): Remove this eventually when no more legacy */
- if (ctx->op.kex.exchprovctx == NULL)
- return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
- EVP_PKEY_OP_DERIVE,
- EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0,
- (void *)(pukm));
-
*p++ = OSSL_PARAM_construct_octet_ptr(OSSL_EXCHANGE_PARAM_KDF_UKM,
(void **)pukm, 0);
*p++ = OSSL_PARAM_construct_end();
diff --git a/crypto/rsa/build.info b/crypto/rsa/build.info
index d97e07fa4c..f0c7668bf2 100644
--- a/crypto/rsa/build.info
+++ b/crypto/rsa/build.info
@@ -19,4 +19,4 @@ SOURCE[../../providers/libfips.a]=$COMMON
IF[{- !$disabled{'acvp-tests'} -}]
SOURCE[../../providers/libfips.a]=rsa_acvp_test_params.c
-ENDIF
\ No newline at end of file
+ENDIF
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 817372cbb7..530fdaa035 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -13,14 +13,13 @@
*/
#include "internal/deprecated.h"
-#include <stdio.h>
#include <openssl/crypto.h>
#include <openssl/core_names.h>
#include <openssl/engine.h>
#include <openssl/evp.h>
+#include <openssl/param_build.h>
#include "internal/cryptlib.h"
#include "internal/refcount.h"
-#include "openssl/param_build.h"
#include "crypto/bn.h"
#include "crypto/evp.h"
#include "crypto/rsa.h"
@@ -1067,8 +1066,6 @@ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label, int llen)
if (!EVP_PKEY_CTX_is_a(ctx, "RSA"))
return -1;
- /* TODO(3.0) Shouldn't a set0 translate into setting an OCTET_PTR? */
-
/* Cast away the const. This is read only so should be safe */
*p++ = OSSL_PARAM_construct_octet_string(OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL,
(void *)label, (size_t)llen);
@@ -1077,7 +1074,7 @@ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label, int llen)
if (!evp_pkey_ctx_set_params_strict(ctx, rsa_params))
return 0;
- /* TODO(3.0) ????? */
+ /* Ownership is supposed to be transfered to the callee. */
OPENSSL_free(label);
return 1;
}
More information about the openssl-commits
mailing list