[openssl-dev] [openssl.org #3894] PATCH: EVP_PKEY_get_type (new function)

noloader@gmail.com via RT rt at openssl.org
Wed Jun 3 19:00:58 UTC 2015 

I've found this to be a useful function over the years. I shared it
with others, too (see, for example,
http://stackoverflow.com/a/30626251/608639).

I understand opacity is preferred and this is discouraged, and the
additional documentation reflects the sentiment.

For me (and the the programmers under me), this is completely about
validating state; and not about encapsulation. I do not allow a
transition from one state to the next without control. That means
EVP_PKEY_get1_RSA cannot be called *unless* they actually have an RSA
key. Otherwise, the operation must hard fail.

I have similar requirements for freeing pointers. To call free, a
pointer must be non-NULL. Otherwise, its a logic error since its not
possible to free a NULL pointer. So EVP_PKEY_get_type is about both
form and function. Not everyone has the same opinions, so we need a
choice. EVP_PKEY_get_type provides that choice.

*****

Attached is both the `git diff` and the new documentation. The new
documentation was not included in the diff, even after a `git add`.
Git is such a miserable tool at times....

-------------- next part --------------
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 1fdde9a..0cd8a42 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -61,6 +61,15 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 
+/* Returns the key type or EVP_PKEY_NONE if pkey is NULL */
+int EVP_PKEY_get_type(EVP_PKEY *pkey)
+{
+    if (!pkey)
+        return EVP_PKEY_NONE;
+
+    return EVP_PKEY_type(pkey->type);
+}
+
 int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
 {
     int ret;
diff --git a/doc/crypto/evp.pod b/doc/crypto/evp.pod
index 29fab9f..288f373 100644
--- a/doc/crypto/evp.pod
+++ b/doc/crypto/evp.pod
@@ -97,6 +97,7 @@ L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
 L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
 L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>,
 L<EVP_BytesToKey(3)|EVP_BytesToKey(3)>,
+L<EVP_PKEY_get_type(3)|EVP_PKEY_get_type(3)>,
 L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>,
 L<engine(3)|engine(3)>
 
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index dff81b0..7b25313 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -109,6 +109,9 @@
 # define EVP_PKEY_HMAC   NID_hmac
 # define EVP_PKEY_CMAC   NID_cmac
 
+/* Returns the key type or EVP_PKEY_NONE if pkey is NULL */
+int EVP_PKEY_get_type(EVP_PKEY *pkey);
+
 #ifdef  __cplusplus
 extern "C" {
 #endif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: EVP_PKEY_get_type.pod
Type: application/octet-stream
Size: 1408 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150603/a30ba6c4/attachment.obj>
-------------- next part --------------
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod

More information about the openssl-dev mailing list