The branch master has been updated
via f21c9c64f53484d4abe25b76d29350ed683db855 (commit)
from 7d80985e178d77226392f9c35c36f3f885b884d7 (commit)
- Log -----------------------------------------------------------------
commit f21c9c64f53484d4abe25b76d29350ed683db855
Author: Richard Levitte <levi...@openssl.org>
Date: Wed Sep 30 17:22:27 2020 +0200
EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use
We've had explicit checks for when to fall back to legacy code for
operations that use an EVP_PKEY. Unfortunately, the checks were
radically different in different spots, so we refactor that into a
macro that gets used everywhere.
Reviewed-by: Matt Caswell <m...@openssl.org>
Reviewed-by: Paul Dale <paul.d...@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13043)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/asymcipher.c | 2 +-
crypto/evp/exchange.c | 2 +-
crypto/evp/m_sigver.c | 2 +-
crypto/evp/signature.c | 2 +-
include/crypto/evp.h | 16 ++++++++++++++++
5 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/crypto/evp/asymcipher.c b/crypto/evp/asymcipher.c
index a80398782c..f28bfe6aef 100644
--- a/crypto/evp/asymcipher.c
+++ b/crypto/evp/asymcipher.c
@@ -38,7 +38,7 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int
operation)
*/
ERR_set_mark();
- if (ctx->engine != NULL || ctx->keytype == NULL)
+ if (evp_pkey_ctx_is_legacy(ctx))
goto legacy;
/*
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index ccd75099ad..ea1f771d6f 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -197,7 +197,7 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
*/
ERR_set_mark();
- if (ctx->keymgmt == NULL)
+ if (evp_pkey_ctx_is_legacy(ctx))
goto legacy;
/*
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index faf5191234..783225b6f7 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -80,7 +80,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX
**pctx,
*/
ERR_set_mark();
- if (locpctx->engine != NULL || locpctx->keytype == NULL)
+ if (evp_pkey_ctx_is_legacy(locpctx))
goto legacy;
/*
diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index 7a2af1b5a2..c0126501f8 100644
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -381,7 +381,7 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int
operation)
*/
ERR_set_mark();
- if (ctx->keymgmt == NULL)
+ if (evp_pkey_ctx_is_legacy(ctx))
goto legacy;
/*
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 986e11705b..9ca1a6062f 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -18,6 +18,22 @@
*/
#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
+/*
+ * An EVP_PKEY can have the following support states:
+ *
+ * Supports legacy implementations only:
+ *
+ * engine != NULL || keytype == NULL
+ *
+ * Supports provided implementations:
+ *
+ * engine == NULL && keytype != NULL
+ */
+#define evp_pkey_ctx_is_legacy(ctx) \
+ ((ctx)->engine != NULL || (ctx)->keytype == NULL)
+#define evp_pkey_ctx_is_provided(ctx) \
+ (!evp_pkey_ctx_is_legacy(ctx))
+
struct evp_pkey_ctx_st {
/* Actual operation */
int operation;
