[openssl] master update

Dr. Paul Dale pauli at openssl.org
Thu Jul 15 00:54:46 UTC 2021 

The branch master has been updated
       via  11f18ef1f5ea92ba32a3efeb0eaf1af6a1f35e13 (commit)
      from  54c0480dac6c25f262d537048503a660aaa4b568 (commit)


- Log -----------------------------------------------------------------
commit 11f18ef1f5ea92ba32a3efeb0eaf1af6a1f35e13
Author: Tomas Mraz <tomas at openssl.org>
Date:   Tue Jul 13 17:41:02 2021 +0200

    Make EVP_PKEY_check() be an alias for EVP_PKEY_pairwise_check()
    
    The implementation of EVP_PKEY_pairwise_check() is also changed
    to handle the legacy keys.
    
    Fixes #16046
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16069)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/pmeth_check.c    | 20 +++-----------------
 doc/man3/EVP_PKEY_check.pod |  2 +-
 2 files changed, 4 insertions(+), 18 deletions(-)

diff --git a/crypto/evp/pmeth_check.c b/crypto/evp/pmeth_check.c
index 2ecf2d0251..7f3a2e3a1c 100644
--- a/crypto/evp/pmeth_check.c
+++ b/crypto/evp/pmeth_check.c
@@ -152,26 +152,12 @@ int EVP_PKEY_private_check(EVP_PKEY_CTX *ctx)
     return -2;
 }
 
-int EVP_PKEY_pairwise_check(EVP_PKEY_CTX *ctx)
+int EVP_PKEY_check(EVP_PKEY_CTX *ctx)
 {
-    EVP_PKEY *pkey = ctx->pkey;
-    int ok;
-
-    if (pkey == NULL) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET);
-        return 0;
-    }
-
-    if ((ok = try_provided_check(ctx, OSSL_KEYMGMT_SELECT_KEYPAIR,
-                                 OSSL_KEYMGMT_VALIDATE_FULL_CHECK)) != -1)
-        return ok;
-
-    /* not supported for legacy keys */
-    ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-    return -2;
+    return EVP_PKEY_pairwise_check(ctx);
 }
 
-int EVP_PKEY_check(EVP_PKEY_CTX *ctx)
+int EVP_PKEY_pairwise_check(EVP_PKEY_CTX *ctx)
 {
     EVP_PKEY *pkey = ctx->pkey;
     int ok;
diff --git a/doc/man3/EVP_PKEY_check.pod b/doc/man3/EVP_PKEY_check.pod
index dc03671498..1ba656fd22 100644
--- a/doc/man3/EVP_PKEY_check.pod
+++ b/doc/man3/EVP_PKEY_check.pod
@@ -44,7 +44,7 @@ EVP_PKEY_private_check() validates the private component of the key given by B<c
 EVP_PKEY_pairwise_check() validates that the public and private components have
 the correct mathematical relationship to each other for the key given by B<ctx>.
 
-EVP_PKEY_check() validates all components of a key given by B<ctx>.
+EVP_PKEY_check() is an alias for the EVP_PKEY_pairwise_check() function.
 
 =head1 NOTES

More information about the openssl-commits mailing list