[openssl] master update
tomas at openssl.org
tomas at openssl.org
Fri Mar 19 10:21:39 UTC 2021
The branch master has been updated
via 0e2f87c03e1a288f5f58627b373a25f83c59318a (commit)
from 39f6bf33e5852be55b126c3fcc56e3ef5ab1a584 (commit)
- Log -----------------------------------------------------------------
commit 0e2f87c03e1a288f5f58627b373a25f83c59318a
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Mar 16 18:29:19 2021 +0100
Added functions for printing EVP_PKEYs to FILE *
Fixes #14172
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14577)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/p_lib.c | 67 ++++++++++++++++++++++++++++---------
doc/man3/EVP_PKEY_print_private.pod | 30 +++++++++++++----
include/openssl/evp.h | 12 +++++++
util/libcrypto.num | 3 ++
4 files changed, 89 insertions(+), 23 deletions(-)
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index a2d3933700..620c828159 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -832,9 +832,7 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
return ret;
}
# endif /* OPENSSL_NO_DSA */
-#endif /* FIPS_MODULE */
-#ifndef FIPS_MODULE
# ifndef OPENSSL_NO_EC
static const ECX_KEY *evp_pkey_get0_ECX_KEY(const EVP_PKEY *pkey, int type)
{
@@ -927,7 +925,6 @@ int EVP_PKEY_base_id(const EVP_PKEY *pkey)
return EVP_PKEY_type(pkey->type);
}
-#ifndef FIPS_MODULE
/*
* These hard coded cases are pure hackery to get around the fact
* that names in crypto/objects/objects.txt are a mess. There is
@@ -981,17 +978,14 @@ const char *evp_pkey_type2name(int type)
return OBJ_nid2sn(type);
}
-#endif
int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name)
{
-#ifndef FIPS_MODULE
if (pkey->keymgmt == NULL) {
int type = evp_pkey_name2type(name);
return pkey->type == type;
}
-#endif
return EVP_KEYMGMT_is_a(pkey->keymgmt, name);
}
@@ -1017,17 +1011,17 @@ int EVP_PKEY_can_sign(const EVP_PKEY *pkey)
switch (EVP_PKEY_base_id(pkey)) {
case EVP_PKEY_RSA:
return 1;
-#ifndef OPENSSL_NO_DSA
+# ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:
return 1;
-#endif
-#ifndef OPENSSL_NO_EC
+# endif
+# ifndef OPENSSL_NO_EC
case EVP_PKEY_ED25519:
case EVP_PKEY_ED448:
return 1;
case EVP_PKEY_EC: /* Including SM2 */
return EC_KEY_can_sign(pkey->pkey.ec);
-#endif
+# endif
default:
break;
}
@@ -1150,6 +1144,47 @@ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
pctx);
}
+# ifndef OPENSSL_NO_STDIO
+int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx)
+{
+ int ret;
+ BIO *b = BIO_new_fp(fp, BIO_NOCLOSE);
+
+ if (b == NULL)
+ return 0;
+ ret = EVP_PKEY_print_public(b, pkey, indent, pctx);
+ BIO_free(b);
+ return ret;
+}
+
+int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx)
+{
+ int ret;
+ BIO *b = BIO_new_fp(fp, BIO_NOCLOSE);
+
+ if (b == NULL)
+ return 0;
+ ret = EVP_PKEY_print_private(b, pkey, indent, pctx);
+ BIO_free(b);
+ return ret;
+}
+
+int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx)
+{
+ int ret;
+ BIO *b = BIO_new_fp(fp, BIO_NOCLOSE);
+
+ if (b == NULL)
+ return 0;
+ ret = EVP_PKEY_print_params(b, pkey, indent, pctx);
+ BIO_free(b);
+ return ret;
+}
+# endif
+
static void mdname2nid(const char *mdname, void *data)
{
int *nid = (int *)data;
@@ -2186,7 +2221,7 @@ int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey)
if (pkey->keymgmt == NULL
|| pkey->keydata == NULL) {
-#ifndef OPENSSL_NO_EC
+# ifndef OPENSSL_NO_EC
/* Might work through the legacy route */
const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
@@ -2194,9 +2229,9 @@ int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey)
return 0;
return EC_KEY_get_conv_form(ec);
-#else
+# else
return 0;
-#endif
+# endif
}
if (!EVP_PKEY_get_utf8_string_param(pkey,
@@ -2226,7 +2261,7 @@ int EVP_PKEY_get_field_type(const EVP_PKEY *pkey)
if (pkey->keymgmt == NULL
|| pkey->keydata == NULL) {
-#ifndef OPENSSL_NO_EC
+# ifndef OPENSSL_NO_EC
/* Might work through the legacy route */
const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
const EC_GROUP *grp;
@@ -2238,9 +2273,9 @@ int EVP_PKEY_get_field_type(const EVP_PKEY *pkey)
return 0;
return EC_GROUP_get_field_type(grp);
-#else
+# else
return 0;
-#endif
+# endif
}
if (!EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_EC_FIELD_TYPE,
diff --git a/doc/man3/EVP_PKEY_print_private.pod b/doc/man3/EVP_PKEY_print_private.pod
index 0e8f889fce..2fe765630e 100644
--- a/doc/man3/EVP_PKEY_print_private.pod
+++ b/doc/man3/EVP_PKEY_print_private.pod
@@ -2,7 +2,9 @@
=head1 NAME
-EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public key algorithm printing routines
+EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params,
+EVP_PKEY_print_public_fp, EVP_PKEY_print_private_fp,
+EVP_PKEY_print_params_fp - public key algorithm printing routines
=head1 SYNOPSIS
@@ -10,25 +12,35 @@ EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public ke
int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
=head1 DESCRIPTION
The functions EVP_PKEY_print_public(), EVP_PKEY_print_private() and
EVP_PKEY_print_params() print out the public, private or parameter components
-of key B<pkey> respectively. The key is sent to BIO B<out> in human readable
-form. The parameter B<indent> indicated how far the printout should be indented.
+of key I<pkey> respectively. The key is sent to B<BIO> I<out> in human readable
+form. The parameter I<indent> indicates how far the printout should be indented.
-The B<pctx> parameter allows the print output to be finely tuned by using
-ASN1 printing options. If B<pctx> is set to NULL then default values will
+The I<pctx> parameter allows the print output to be finely tuned by using
+ASN1 printing options. If I<pctx> is set to NULL then default values will
be used.
+The functions EVP_PKEY_print_public_fp(), EVP_PKEY_print_private_fp() and
+EVP_PKEY_print_params_fp() do the same as the B<BIO> based functions
+but use B<FILE> I<fp> instead.
+
=head1 NOTES
-Currently no public key algorithms include any options in the B<pctx> parameter.
+Currently no public key algorithms include any options in the I<pctx> parameter.
If the key does not include all the components indicated by the function then
only those contained in the key will be printed. For example passing a public
@@ -47,7 +59,11 @@ L<EVP_PKEY_keygen(3)>
=head1 HISTORY
-These functions were added in OpenSSL 1.0.0.
+The functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
+and EVP_PKEY_print_params() were added in OpenSSL 1.0.0.
+
+The functions EVP_PKEY_print_public_fp(), EVP_PKEY_print_private_fp(),
+and EVP_PKEY_print_params_fp() were added in OpenSSL 3.0.
=head1 COPYRIGHT
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index e098bc6887..9f3efbd2f5 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -18,6 +18,10 @@
# include <stdarg.h>
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# endif
+
# include <openssl/opensslconf.h>
# include <openssl/types.h>
# include <openssl/core.h>
@@ -1354,6 +1358,14 @@ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
+# ifndef OPENSSL_NO_STDIO
+int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+# endif
int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey,
diff --git a/util/libcrypto.num b/util/libcrypto.num
index bfd44c2325..3fd2e665f2 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5324,3 +5324,6 @@ EVP_PKEY_verify_recover_init_ex ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_encrypt_init_ex ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_decrypt_init_ex ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_derive_init_ex ? 3_0_0 EXIST::FUNCTION:
+EVP_PKEY_print_public_fp ? 3_0_0 EXIST::FUNCTION:STDIO
+EVP_PKEY_print_private_fp ? 3_0_0 EXIST::FUNCTION:STDIO
+EVP_PKEY_print_params_fp ? 3_0_0 EXIST::FUNCTION:STDIO
More information about the openssl-commits
mailing list