[openssl] master update

tomas at openssl.org tomas at openssl.org
Fri Mar 19 10:21:39 UTC 2021


The branch master has been updated
       via  0e2f87c03e1a288f5f58627b373a25f83c59318a (commit)
      from  39f6bf33e5852be55b126c3fcc56e3ef5ab1a584 (commit)


- Log -----------------------------------------------------------------
commit 0e2f87c03e1a288f5f58627b373a25f83c59318a
Author: Tomas Mraz <tomas at openssl.org>
Date:   Tue Mar 16 18:29:19 2021 +0100

    Added functions for printing EVP_PKEYs to FILE *
    
    Fixes #14172
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14577)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/p_lib.c                  | 67 ++++++++++++++++++++++++++++---------
 doc/man3/EVP_PKEY_print_private.pod | 30 +++++++++++++----
 include/openssl/evp.h               | 12 +++++++
 util/libcrypto.num                  |  3 ++
 4 files changed, 89 insertions(+), 23 deletions(-)

diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index a2d3933700..620c828159 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -832,9 +832,7 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
     return ret;
 }
 # endif /*  OPENSSL_NO_DSA */
-#endif /* FIPS_MODULE */
 
-#ifndef FIPS_MODULE
 # ifndef OPENSSL_NO_EC
 static const ECX_KEY *evp_pkey_get0_ECX_KEY(const EVP_PKEY *pkey, int type)
 {
@@ -927,7 +925,6 @@ int EVP_PKEY_base_id(const EVP_PKEY *pkey)
     return EVP_PKEY_type(pkey->type);
 }
 
-#ifndef FIPS_MODULE
 /*
  * These hard coded cases are pure hackery to get around the fact
  * that names in crypto/objects/objects.txt are a mess.  There is
@@ -981,17 +978,14 @@ const char *evp_pkey_type2name(int type)
 
     return OBJ_nid2sn(type);
 }
-#endif
 
 int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name)
 {
-#ifndef FIPS_MODULE
     if (pkey->keymgmt == NULL) {
         int type = evp_pkey_name2type(name);
 
         return pkey->type == type;
     }
-#endif
     return EVP_KEYMGMT_is_a(pkey->keymgmt, name);
 }
 
@@ -1017,17 +1011,17 @@ int EVP_PKEY_can_sign(const EVP_PKEY *pkey)
         switch (EVP_PKEY_base_id(pkey)) {
         case EVP_PKEY_RSA:
             return 1;
-#ifndef OPENSSL_NO_DSA
+# ifndef OPENSSL_NO_DSA
         case EVP_PKEY_DSA:
             return 1;
-#endif
-#ifndef OPENSSL_NO_EC
+# endif
+# ifndef OPENSSL_NO_EC
         case EVP_PKEY_ED25519:
         case EVP_PKEY_ED448:
             return 1;
         case EVP_PKEY_EC:        /* Including SM2 */
             return EC_KEY_can_sign(pkey->pkey.ec);
-#endif
+# endif
         default:
             break;
         }
@@ -1150,6 +1144,47 @@ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
                       pctx);
 }
 
+# ifndef OPENSSL_NO_STDIO
+int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey,
+                             int indent, ASN1_PCTX *pctx)
+{
+    int ret;
+    BIO *b = BIO_new_fp(fp, BIO_NOCLOSE);
+
+    if (b == NULL)
+        return 0;
+    ret = EVP_PKEY_print_public(b, pkey, indent, pctx);
+    BIO_free(b);
+    return ret;
+}
+
+int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey,
+                              int indent, ASN1_PCTX *pctx)
+{
+    int ret;
+    BIO *b = BIO_new_fp(fp, BIO_NOCLOSE);
+
+    if (b == NULL)
+        return 0;
+    ret = EVP_PKEY_print_private(b, pkey, indent, pctx);
+    BIO_free(b);
+    return ret;
+}
+
+int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey,
+                             int indent, ASN1_PCTX *pctx)
+{
+    int ret;
+    BIO *b = BIO_new_fp(fp, BIO_NOCLOSE);
+
+    if (b == NULL)
+        return 0;
+    ret = EVP_PKEY_print_params(b, pkey, indent, pctx);
+    BIO_free(b);
+    return ret;
+}
+# endif
+
 static void mdname2nid(const char *mdname, void *data)
 {
     int *nid = (int *)data;
@@ -2186,7 +2221,7 @@ int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey)
 
     if (pkey->keymgmt == NULL
             || pkey->keydata == NULL) {
-#ifndef OPENSSL_NO_EC
+# ifndef OPENSSL_NO_EC
         /* Might work through the legacy route */
         const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
 
@@ -2194,9 +2229,9 @@ int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey)
             return 0;
 
         return EC_KEY_get_conv_form(ec);
-#else
+# else
         return 0;
-#endif
+# endif
     }
 
     if (!EVP_PKEY_get_utf8_string_param(pkey,
@@ -2226,7 +2261,7 @@ int EVP_PKEY_get_field_type(const EVP_PKEY *pkey)
 
     if (pkey->keymgmt == NULL
             || pkey->keydata == NULL) {
-#ifndef OPENSSL_NO_EC
+# ifndef OPENSSL_NO_EC
         /* Might work through the legacy route */
         const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
         const EC_GROUP *grp;
@@ -2238,9 +2273,9 @@ int EVP_PKEY_get_field_type(const EVP_PKEY *pkey)
             return 0;
 
         return EC_GROUP_get_field_type(grp);
-#else
+# else
         return 0;
-#endif
+# endif
     }
 
     if (!EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_EC_FIELD_TYPE,
diff --git a/doc/man3/EVP_PKEY_print_private.pod b/doc/man3/EVP_PKEY_print_private.pod
index 0e8f889fce..2fe765630e 100644
--- a/doc/man3/EVP_PKEY_print_private.pod
+++ b/doc/man3/EVP_PKEY_print_private.pod
@@ -2,7 +2,9 @@
 
 =head1 NAME
 
-EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public key algorithm printing routines
+EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params,
+EVP_PKEY_print_public_fp, EVP_PKEY_print_private_fp,
+EVP_PKEY_print_params_fp - public key algorithm printing routines
 
 =head1 SYNOPSIS
 
@@ -10,25 +12,35 @@ EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public ke
 
  int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
                            int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey,
+                              int indent, ASN1_PCTX *pctx);
  int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
                             int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey,
+                               int indent, ASN1_PCTX *pctx);
  int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
                            int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey,
+                              int indent, ASN1_PCTX *pctx);
 
 =head1 DESCRIPTION
 
 The functions EVP_PKEY_print_public(), EVP_PKEY_print_private() and
 EVP_PKEY_print_params() print out the public, private or parameter components
-of key B<pkey> respectively. The key is sent to BIO B<out> in human readable
-form. The parameter B<indent> indicated how far the printout should be indented.
+of key I<pkey> respectively. The key is sent to B<BIO> I<out> in human readable
+form. The parameter I<indent> indicates how far the printout should be indented.
 
-The B<pctx> parameter allows the print output to be finely tuned by using
-ASN1 printing options. If B<pctx> is set to NULL then default values will
+The I<pctx> parameter allows the print output to be finely tuned by using
+ASN1 printing options. If I<pctx> is set to NULL then default values will
 be used.
 
+The functions EVP_PKEY_print_public_fp(), EVP_PKEY_print_private_fp() and
+EVP_PKEY_print_params_fp() do the same as the B<BIO> based functions
+but use B<FILE> I<fp> instead.
+
 =head1 NOTES
 
-Currently no public key algorithms include any options in the B<pctx> parameter.
+Currently no public key algorithms include any options in the I<pctx> parameter.
 
 If the key does not include all the components indicated by the function then
 only those contained in the key will be printed. For example passing a public
@@ -47,7 +59,11 @@ L<EVP_PKEY_keygen(3)>
 
 =head1 HISTORY
 
-These functions were added in OpenSSL 1.0.0.
+The functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
+and EVP_PKEY_print_params() were added in OpenSSL 1.0.0.
+
+The functions EVP_PKEY_print_public_fp(), EVP_PKEY_print_private_fp(),
+and EVP_PKEY_print_params_fp() were added in OpenSSL 3.0.
 
 =head1 COPYRIGHT
 
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index e098bc6887..9f3efbd2f5 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -18,6 +18,10 @@
 
 # include <stdarg.h>
 
+# ifndef OPENSSL_NO_STDIO
+#  include <stdio.h>
+# endif
+
 # include <openssl/opensslconf.h>
 # include <openssl/types.h>
 # include <openssl/core.h>
@@ -1354,6 +1358,14 @@ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
                            int indent, ASN1_PCTX *pctx);
 int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
                           int indent, ASN1_PCTX *pctx);
+# ifndef OPENSSL_NO_STDIO
+int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey,
+                             int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey,
+                              int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey,
+                             int indent, ASN1_PCTX *pctx);
+# endif
 
 int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
 int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey,
diff --git a/util/libcrypto.num b/util/libcrypto.num
index bfd44c2325..3fd2e665f2 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5324,3 +5324,6 @@ EVP_PKEY_verify_recover_init_ex         ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_encrypt_init_ex                ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_decrypt_init_ex                ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_derive_init_ex                 ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_print_public_fp                ?	3_0_0	EXIST::FUNCTION:STDIO
+EVP_PKEY_print_private_fp               ?	3_0_0	EXIST::FUNCTION:STDIO
+EVP_PKEY_print_params_fp                ?	3_0_0	EXIST::FUNCTION:STDIO


More information about the openssl-commits mailing list