Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
3aeb9348
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
3aeb9348
编写于
1月 19, 2016
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
make EVP_PKEY opaque
Reviewed-by:
N
Richard Levitte
<
levitte@openssl.org
>
上级
a8eda431
变更
39
隐藏空白更改
内联
并排
Showing
39 changed file
with
121 addition
and
108 deletion
+121
-108
apps/req.c
apps/req.c
+1
-1
apps/x509.c
apps/x509.c
+4
-4
crypto/asn1/a_verify.c
crypto/asn1/a_verify.c
+1
-0
crypto/asn1/ameth_lib.c
crypto/asn1/ameth_lib.c
+1
-0
crypto/asn1/d2i_pr.c
crypto/asn1/d2i_pr.c
+1
-0
crypto/asn1/d2i_pu.c
crypto/asn1/d2i_pu.c
+5
-8
crypto/asn1/i2d_pr.c
crypto/asn1/i2d_pr.c
+1
-0
crypto/asn1/i2d_pu.c
crypto/asn1/i2d_pu.c
+5
-5
crypto/asn1/x_pubkey.c
crypto/asn1/x_pubkey.c
+1
-0
crypto/cmac/cm_ameth.c
crypto/cmac/cm_ameth.c
+1
-1
crypto/cms/cms_env.c
crypto/cms/cms_env.c
+1
-0
crypto/cms/cms_kari.c
crypto/cms/cms_kari.c
+1
-1
crypto/cms/cms_sd.c
crypto/cms/cms_sd.c
+1
-0
crypto/dh/dh_ameth.c
crypto/dh/dh_ameth.c
+1
-0
crypto/dsa/dsa_ameth.c
crypto/dsa/dsa_ameth.c
+1
-0
crypto/ec/ec_ameth.c
crypto/ec/ec_ameth.c
+1
-0
crypto/evp/evp_pkey.c
crypto/evp/evp_pkey.c
+1
-0
crypto/evp/p_dec.c
crypto/evp/p_dec.c
+3
-2
crypto/evp/p_enc.c
crypto/evp/p_enc.c
+2
-2
crypto/evp/p_lib.c
crypto/evp/p_lib.c
+2
-1
crypto/evp/p_open.c
crypto/evp/p_open.c
+2
-2
crypto/hmac/hm_ameth.c
crypto/hmac/hm_ameth.c
+2
-2
crypto/include/internal/evp_int.h
crypto/include/internal/evp_int.h
+29
-0
crypto/pem/pem_info.c
crypto/pem/pem_info.c
+1
-1
crypto/pem/pem_pkey.c
crypto/pem/pem_pkey.c
+1
-0
crypto/pem/pvkfmt.c
crypto/pem/pvkfmt.c
+8
-7
crypto/pkcs7/pk7_lib.c
crypto/pkcs7/pk7_lib.c
+2
-1
crypto/rsa/rsa_ameth.c
crypto/rsa/rsa_ameth.c
+1
-0
crypto/ts/ts_rsp_sign.c
crypto/ts/ts_rsp_sign.c
+1
-1
crypto/x509/x509_cmp.c
crypto/x509/x509_cmp.c
+2
-2
crypto/x509/x509_req.c
crypto/x509/x509_req.c
+2
-2
crypto/x509/x509type.c
crypto/x509/x509type.c
+1
-1
include/openssl/evp.h
include/openssl/evp.h
+1
-30
ssl/ssl_cert.c
ssl/ssl_cert.c
+1
-1
ssl/ssl_rsa.c
ssl/ssl_rsa.c
+6
-6
ssl/statem/statem_clnt.c
ssl/statem/statem_clnt.c
+9
-10
ssl/statem/statem_lib.c
ssl/statem/statem_lib.c
+1
-1
ssl/statem/statem_srvr.c
ssl/statem/statem_srvr.c
+10
-10
ssl/t1_lib.c
ssl/t1_lib.c
+6
-6
未找到文件。
apps/req.c
浏览文件 @
3aeb9348
...
...
@@ -811,7 +811,7 @@ int req_main(int argc, char **argv)
fprintf
(
stdout
,
"Modulus="
);
#ifndef OPENSSL_NO_RSA
if
(
EVP_PKEY_base_id
(
tpubkey
)
==
EVP_PKEY_RSA
)
BN_print
(
out
,
tpubkey
->
pkey
.
rsa
->
n
);
BN_print
(
out
,
EVP_PKEY_get0_RSA
(
tpubkey
)
->
n
);
else
#endif
fprintf
(
stdout
,
"Wrong Algorithm type"
);
...
...
apps/x509.c
浏览文件 @
3aeb9348
...
...
@@ -731,13 +731,13 @@ int x509_main(int argc, char **argv)
}
BIO_printf
(
out
,
"Modulus="
);
#ifndef OPENSSL_NO_RSA
if
(
pkey
->
type
==
EVP_PKEY_RSA
)
BN_print
(
out
,
pkey
->
pkey
.
rsa
->
n
);
if
(
EVP_PKEY_id
(
pkey
)
==
EVP_PKEY_RSA
)
BN_print
(
out
,
EVP_PKEY_get0_RSA
(
pkey
)
->
n
);
else
#endif
#ifndef OPENSSL_NO_DSA
if
(
pkey
->
type
==
EVP_PKEY_DSA
)
BN_print
(
out
,
pkey
->
pkey
.
dsa
->
pub_key
);
if
(
EVP_PKEY_id
(
pkey
)
==
EVP_PKEY_DSA
)
BN_print
(
out
,
EVP_PKEY_get0_DSA
(
pkey
)
->
pub_key
);
else
#endif
BIO_printf
(
out
,
"Wrong Algorithm type"
);
...
...
crypto/asn1/a_verify.c
浏览文件 @
3aeb9348
...
...
@@ -71,6 +71,7 @@
#include <openssl/buffer.h>
#include <openssl/evp.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#ifndef NO_ASN1_OLD
...
...
crypto/asn1/ameth_lib.c
浏览文件 @
3aeb9348
...
...
@@ -64,6 +64,7 @@
# include <openssl/engine.h>
#endif
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
/* Keep this sorted in type order !! */
static
const
EVP_PKEY_ASN1_METHOD
*
standard_methods
[]
=
{
...
...
crypto/asn1/d2i_pr.c
浏览文件 @
3aeb9348
...
...
@@ -67,6 +67,7 @@
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
EVP_PKEY
*
d2i_PrivateKey
(
int
type
,
EVP_PKEY
**
a
,
const
unsigned
char
**
pp
,
long
length
)
...
...
crypto/asn1/d2i_pu.c
浏览文件 @
3aeb9348
...
...
@@ -72,6 +72,8 @@
# include <openssl/ec.h>
#endif
#include "internal/evp_int.h"
EVP_PKEY
*
d2i_PublicKey
(
int
type
,
EVP_PKEY
**
a
,
const
unsigned
char
**
pp
,
long
length
)
{
...
...
@@ -93,10 +95,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
switch
(
EVP_PKEY_id
(
ret
))
{
#ifndef OPENSSL_NO_RSA
case
EVP_PKEY_RSA
:
/* TMP UGLY CAST */
if
((
ret
->
pkey
.
rsa
=
d2i_RSAPublicKey
(
NULL
,
(
const
unsigned
char
**
)
pp
,
length
))
==
NULL
)
{
if
((
ret
->
pkey
.
rsa
=
d2i_RSAPublicKey
(
NULL
,
pp
,
length
))
==
NULL
)
{
ASN1err
(
ASN1_F_D2I_PUBLICKEY
,
ERR_R_ASN1_LIB
);
goto
err
;
}
...
...
@@ -105,8 +104,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
#ifndef OPENSSL_NO_DSA
case
EVP_PKEY_DSA
:
/* TMP UGLY CAST */
if
(
!
d2i_DSAPublicKey
(
&
(
ret
->
pkey
.
dsa
),
(
const
unsigned
char
**
)
pp
,
length
))
{
if
(
!
d2i_DSAPublicKey
(
&
ret
->
pkey
.
dsa
,
pp
,
length
))
{
ASN1err
(
ASN1_F_D2I_PUBLICKEY
,
ERR_R_ASN1_LIB
);
goto
err
;
}
...
...
@@ -114,8 +112,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
#endif
#ifndef OPENSSL_NO_EC
case
EVP_PKEY_EC
:
if
(
!
o2i_ECPublicKey
(
&
(
ret
->
pkey
.
ec
),
(
const
unsigned
char
**
)
pp
,
length
))
{
if
(
!
o2i_ECPublicKey
(
&
ret
->
pkey
.
ec
,
pp
,
length
))
{
ASN1err
(
ASN1_F_D2I_PUBLICKEY
,
ERR_R_ASN1_LIB
);
goto
err
;
}
...
...
crypto/asn1/i2d_pr.c
浏览文件 @
3aeb9348
...
...
@@ -61,6 +61,7 @@
#include <openssl/evp.h>
#include <openssl/x509.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
int
i2d_PrivateKey
(
EVP_PKEY
*
a
,
unsigned
char
**
pp
)
{
...
...
crypto/asn1/i2d_pu.c
浏览文件 @
3aeb9348
...
...
@@ -73,21 +73,21 @@
int
i2d_PublicKey
(
EVP_PKEY
*
a
,
unsigned
char
**
pp
)
{
switch
(
a
->
type
)
{
switch
(
EVP_PKEY_id
(
a
)
)
{
#ifndef OPENSSL_NO_RSA
case
EVP_PKEY_RSA
:
return
(
i2d_RSAPublicKey
(
a
->
pkey
.
rsa
,
pp
)
);
return
i2d_RSAPublicKey
(
EVP_PKEY_get0_RSA
(
a
),
pp
);
#endif
#ifndef OPENSSL_NO_DSA
case
EVP_PKEY_DSA
:
return
(
i2d_DSAPublicKey
(
a
->
pkey
.
dsa
,
pp
)
);
return
i2d_DSAPublicKey
(
EVP_PKEY_get0_DSA
(
a
),
pp
);
#endif
#ifndef OPENSSL_NO_EC
case
EVP_PKEY_EC
:
return
(
i2o_ECPublicKey
(
a
->
pkey
.
ec
,
pp
)
);
return
i2o_ECPublicKey
(
EVP_PKEY_get0_EC_KEY
(
a
),
pp
);
#endif
default:
ASN1err
(
ASN1_F_I2D_PUBLICKEY
,
ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE
);
return
(
-
1
)
;
return
-
1
;
}
}
crypto/asn1/x_pubkey.c
浏览文件 @
3aeb9348
...
...
@@ -61,6 +61,7 @@
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
#endif
...
...
crypto/cmac/cm_ameth.c
浏览文件 @
3aeb9348
...
...
@@ -69,7 +69,7 @@ static int cmac_size(const EVP_PKEY *pkey)
static
void
cmac_key_free
(
EVP_PKEY
*
pkey
)
{
CMAC_CTX
*
cmctx
=
(
CMAC_CTX
*
)
pkey
->
pkey
.
ptr
;
CMAC_CTX
*
cmctx
=
EVP_PKEY_get0
(
pkey
)
;
CMAC_CTX_free
(
cmctx
);
}
...
...
crypto/cms/cms_env.c
浏览文件 @
3aeb9348
...
...
@@ -62,6 +62,7 @@
#include <openssl/aes.h>
#include "cms_lcl.h"
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
/* CMS EnvelopedData Utilities */
...
...
crypto/cms/cms_kari.c
浏览文件 @
3aeb9348
...
...
@@ -367,7 +367,7 @@ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
if
(
!
cms_kari_create_ephemeral_key
(
kari
,
pk
))
return
0
;
CRYPTO_add
(
&
pk
->
references
,
1
,
CRYPTO_LOCK_EVP_PKEY
);
EVP_PKEY_up_ref
(
pk
);
rek
->
pkey
=
pk
;
return
1
;
}
...
...
crypto/cms/cms_sd.c
浏览文件 @
3aeb9348
...
...
@@ -61,6 +61,7 @@
#include <openssl/cms.h>
#include "cms_lcl.h"
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
/* CMS SignedData Utilities */
...
...
crypto/dh/dh_ameth.c
浏览文件 @
3aeb9348
...
...
@@ -63,6 +63,7 @@
#include <openssl/dh.h>
#include <openssl/bn.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#ifndef OPENSSL_NO_CMS
# include <openssl/cms.h>
#endif
...
...
crypto/dsa/dsa_ameth.c
浏览文件 @
3aeb9348
...
...
@@ -66,6 +66,7 @@
# include <openssl/cms.h>
#endif
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
static
int
dsa_pub_decode
(
EVP_PKEY
*
pkey
,
X509_PUBKEY
*
pubkey
)
{
...
...
crypto/ec/ec_ameth.c
浏览文件 @
3aeb9348
...
...
@@ -66,6 +66,7 @@
#endif
#include <openssl/asn1t.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#ifndef OPENSSL_NO_CMS
static
int
ecdh_cms_decrypt
(
CMS_RecipientInfo
*
ri
);
...
...
crypto/evp/evp_pkey.c
浏览文件 @
3aeb9348
...
...
@@ -63,6 +63,7 @@
#include <openssl/x509.h>
#include <openssl/rand.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
/* Extract a private key from a PKCS8 structure */
...
...
crypto/evp/p_dec.c
浏览文件 @
3aeb9348
...
...
@@ -72,7 +72,7 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
int
ret
=
-
1
;
#ifndef OPENSSL_NO_RSA
if
(
priv
->
type
!=
EVP_PKEY_RSA
)
{
if
(
EVP_PKEY_id
(
priv
)
!=
EVP_PKEY_RSA
)
{
#endif
EVPerr
(
EVP_F_EVP_PKEY_DECRYPT_OLD
,
EVP_R_PUBLIC_KEY_NOT_RSA
);
#ifndef OPENSSL_NO_RSA
...
...
@@ -80,7 +80,8 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
}
ret
=
RSA_private_decrypt
(
ekl
,
ek
,
key
,
priv
->
pkey
.
rsa
,
RSA_PKCS1_PADDING
);
RSA_private_decrypt
(
ekl
,
ek
,
key
,
EVP_PKEY_get0_RSA
(
priv
),
RSA_PKCS1_PADDING
);
err:
#endif
return
(
ret
);
...
...
crypto/evp/p_enc.c
浏览文件 @
3aeb9348
...
...
@@ -72,14 +72,14 @@ int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key,
int
ret
=
0
;
#ifndef OPENSSL_NO_RSA
if
(
pubk
->
type
!=
EVP_PKEY_RSA
)
{
if
(
EVP_PKEY_id
(
pubk
)
!=
EVP_PKEY_RSA
)
{
#endif
EVPerr
(
EVP_F_EVP_PKEY_ENCRYPT_OLD
,
EVP_R_PUBLIC_KEY_NOT_RSA
);
#ifndef OPENSSL_NO_RSA
goto
err
;
}
ret
=
RSA_public_encrypt
(
key_len
,
key
,
ek
,
pubk
->
pkey
.
rsa
,
RSA_public_encrypt
(
key_len
,
key
,
ek
,
EVP_PKEY_get0_RSA
(
pubk
)
,
RSA_PKCS1_PADDING
);
err:
#endif
...
...
crypto/evp/p_lib.c
浏览文件 @
3aeb9348
...
...
@@ -78,6 +78,7 @@
#endif
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
static
void
EVP_PKEY_free_it
(
EVP_PKEY
*
x
);
...
...
@@ -275,7 +276,7 @@ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
return
(
key
!=
NULL
);
}
void
*
EVP_PKEY_get0
(
EVP_PKEY
*
pkey
)
void
*
EVP_PKEY_get0
(
const
EVP_PKEY
*
pkey
)
{
return
pkey
->
pkey
.
ptr
;
}
...
...
crypto/evp/p_open.c
浏览文件 @
3aeb9348
...
...
@@ -82,12 +82,12 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
if
(
!
priv
)
return
1
;
if
(
priv
->
type
!=
EVP_PKEY_RSA
)
{
if
(
EVP_PKEY_id
(
priv
)
!=
EVP_PKEY_RSA
)
{
EVPerr
(
EVP_F_EVP_OPENINIT
,
EVP_R_PUBLIC_KEY_NOT_RSA
);
goto
err
;
}
size
=
RSA_size
(
priv
->
pkey
.
rsa
);
size
=
EVP_PKEY_size
(
priv
);
key
=
OPENSSL_malloc
(
size
+
2
);
if
(
key
==
NULL
)
{
/* ERROR */
...
...
crypto/hmac/hm_ameth.c
浏览文件 @
3aeb9348
...
...
@@ -75,7 +75,7 @@ static int hmac_size(const EVP_PKEY *pkey)
static
void
hmac_key_free
(
EVP_PKEY
*
pkey
)
{
ASN1_OCTET_STRING
*
os
=
(
ASN1_OCTET_STRING
*
)
pkey
->
pkey
.
ptr
;
ASN1_OCTET_STRING
*
os
=
EVP_PKEY_get0
(
pkey
)
;
if
(
os
)
{
if
(
os
->
data
)
OPENSSL_cleanse
(
os
->
data
,
os
->
length
);
...
...
@@ -121,7 +121,7 @@ static int old_hmac_decode(EVP_PKEY *pkey,
static
int
old_hmac_encode
(
const
EVP_PKEY
*
pkey
,
unsigned
char
**
pder
)
{
int
inc
;
ASN1_OCTET_STRING
*
os
=
(
ASN1_OCTET_STRING
*
)
pkey
->
pkey
.
ptr
;
ASN1_OCTET_STRING
*
os
=
EVP_PKEY_get0
(
pkey
)
;
if
(
pder
)
{
if
(
!*
pder
)
{
*
pder
=
OPENSSL_malloc
(
os
->
length
);
...
...
crypto/include/internal/evp_int.h
浏览文件 @
3aeb9348
...
...
@@ -387,3 +387,32 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
(fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
cipher##_init_key, NULL, NULL, NULL, NULL)
/*
* Type needs to be a bit field Sub-type needs to be for variations on the
* method, as in, can it do arbitrary encryption....
*/
struct
evp_pkey_st
{
int
type
;
int
save_type
;
int
references
;
const
EVP_PKEY_ASN1_METHOD
*
ameth
;
ENGINE
*
engine
;
union
{
char
*
ptr
;
# ifndef OPENSSL_NO_RSA
struct
rsa_st
*
rsa
;
/* RSA */
# endif
# ifndef OPENSSL_NO_DSA
struct
dsa_st
*
dsa
;
/* DSA */
# endif
# ifndef OPENSSL_NO_DH
struct
dh_st
*
dh
;
/* DH */
# endif
# ifndef OPENSSL_NO_EC
struct
ec_key_st
*
ec
;
/* ECC */
# endif
}
pkey
;
int
save_parameters
;
STACK_OF
(
X509_ATTRIBUTE
)
*
attributes
;
/* [ 0 ] */
}
/* EVP_PKEY */
;
crypto/pem/pem_info.c
浏览文件 @
3aeb9348
...
...
@@ -362,7 +362,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
#ifndef OPENSSL_NO_RSA
/* normal optionally encrypted stuff */
if
(
PEM_write_bio_RSAPrivateKey
(
bp
,
xi
->
x_pkey
->
dec_pkey
->
pkey
.
rsa
,
EVP_PKEY_get0_RSA
(
xi
->
x_pkey
->
dec_pkey
)
,
enc
,
kstr
,
klen
,
cb
,
u
)
<=
0
)
goto
err
;
#endif
...
...
crypto/pem/pem_pkey.c
浏览文件 @
3aeb9348
...
...
@@ -72,6 +72,7 @@
# include <openssl/dh.h>
#endif
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
int
pem_check_suffix
(
const
char
*
pem_str
,
const
char
*
suffix
);
...
...
crypto/pem/pvkfmt.c
浏览文件 @
3aeb9348
...
...
@@ -450,11 +450,12 @@ static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub)
unsigned
char
*
p
;
unsigned
int
bitlen
,
magic
=
0
,
keyalg
;
int
outlen
,
noinc
=
0
;
if
(
pk
->
type
==
EVP_PKEY_DSA
)
{
bitlen
=
check_bitlen_dsa
(
pk
->
pkey
.
dsa
,
ispub
,
&
magic
);
int
pktype
=
EVP_PKEY_id
(
pk
);
if
(
pktype
==
EVP_PKEY_DSA
)
{
bitlen
=
check_bitlen_dsa
(
EVP_PKEY_get0_DSA
(
pk
),
ispub
,
&
magic
);
keyalg
=
MS_KEYALG_DSS_SIGN
;
}
else
if
(
pk
->
type
==
EVP_PKEY_RSA
)
{
bitlen
=
check_bitlen_rsa
(
pk
->
pkey
.
rsa
,
ispub
,
&
magic
);
}
else
if
(
pktype
==
EVP_PKEY_RSA
)
{
bitlen
=
check_bitlen_rsa
(
EVP_PKEY_get0_RSA
(
pk
)
,
ispub
,
&
magic
);
keyalg
=
MS_KEYALG_RSA_KEYX
;
}
else
return
-
1
;
...
...
@@ -484,9 +485,9 @@ static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub)
write_ledword
(
&
p
,
magic
);
write_ledword
(
&
p
,
bitlen
);
if
(
keyalg
==
MS_KEYALG_DSS_SIGN
)
write_dsa
(
&
p
,
pk
->
pkey
.
dsa
,
ispub
);
write_dsa
(
&
p
,
EVP_PKEY_get0_DSA
(
pk
)
,
ispub
);
else
write_rsa
(
&
p
,
pk
->
pkey
.
rsa
,
ispub
);
write_rsa
(
&
p
,
EVP_PKEY_get0_RSA
(
pk
)
,
ispub
);
if
(
!
noinc
)
*
out
+=
outlen
;
return
outlen
;
...
...
@@ -797,7 +798,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
write_ledword
(
&
p
,
MS_PVKMAGIC
);
write_ledword
(
&
p
,
0
);
if
(
pk
->
type
==
EVP_PKEY_DSA
)
if
(
EVP_PKEY_id
(
pk
)
==
EVP_PKEY_DSA
)
write_ledword
(
&
p
,
MS_KEYTYPE_SIGN
);
else
write_ledword
(
&
p
,
MS_KEYTYPE_KEYX
);
...
...
crypto/pkcs7/pk7_lib.c
浏览文件 @
3aeb9348
...
...
@@ -61,6 +61,7 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
long
PKCS7_ctrl
(
PKCS7
*
p7
,
int
cmd
,
long
larg
,
char
*
parg
)
{
...
...
@@ -371,7 +372,7 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
goto
err
;
/* lets keep the pkey around for a while */
CRYPTO_add
(
&
pkey
->
references
,
1
,
CRYPTO_LOCK_EVP_PKEY
);
EVP_PKEY_up_ref
(
pkey
);
p7i
->
pkey
=
pkey
;
/* Set the algorithms */
...
...
crypto/rsa/rsa_ameth.c
浏览文件 @
3aeb9348
...
...
@@ -67,6 +67,7 @@
# include <openssl/cms.h>
#endif
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#ifndef OPENSSL_NO_CMS
static
int
rsa_cms_sign
(
CMS_SignerInfo
*
si
);
...
...
crypto/ts/ts_rsp_sign.c
浏览文件 @
3aeb9348
...
...
@@ -212,7 +212,7 @@ int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
{
EVP_PKEY_free
(
ctx
->
signer_key
);
ctx
->
signer_key
=
key
;
CRYPTO_add
(
&
ctx
->
signer_key
->
references
,
+
1
,
CRYPTO_LOCK_EVP_PKEY
);
EVP_PKEY_up_ref
(
ctx
->
signer_key
);
return
1
;
}
...
...
crypto/x509/x509_cmp.c
浏览文件 @
3aeb9348
...
...
@@ -367,8 +367,8 @@ static int check_suite_b(EVP_PKEY *pkey, int sign_nid, unsigned long *pflags)
{
const
EC_GROUP
*
grp
=
NULL
;
int
curve_nid
;
if
(
pkey
&&
pkey
->
type
==
EVP_PKEY_EC
)
grp
=
EC_KEY_get0_group
(
pkey
->
pkey
.
ec
);
if
(
pkey
&&
EVP_PKEY_id
(
pkey
)
==
EVP_PKEY_EC
)
grp
=
EC_KEY_get0_group
(
EVP_PKEY_get0_EC_KEY
(
pkey
)
);
if
(
!
grp
)
return
X509_V_ERR_SUITE_B_INVALID_ALGORITHM
;
curve_nid
=
EC_GROUP_get_curve_name
(
grp
);
...
...
crypto/x509/x509_req.c
浏览文件 @
3aeb9348
...
...
@@ -140,13 +140,13 @@ int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k)
break
;
case
-
2
:
#ifndef OPENSSL_NO_EC
if
(
k
->
type
==
EVP_PKEY_EC
)
{
if
(
EVP_PKEY_id
(
k
)
==
EVP_PKEY_EC
)
{
X509err
(
X509_F_X509_REQ_CHECK_PRIVATE_KEY
,
ERR_R_EC_LIB
);
break
;
}
#endif
#ifndef OPENSSL_NO_DH
if
(
k
->
type
==
EVP_PKEY_DH
)
{
if
(
EVP_PKEY_id
(
k
)
==
EVP_PKEY_DH
)
{
/* No idea */
X509err
(
X509_F_X509_REQ_CHECK_PRIVATE_KEY
,
X509_R_CANT_CHECK_DH_KEY
);
...
...
crypto/x509/x509type.c
浏览文件 @
3aeb9348
...
...
@@ -78,7 +78,7 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
if
(
pk
==
NULL
)
return
(
0
);
switch
(
pk
->
type
)
{
switch
(
EVP_PKEY_id
(
pk
)
)
{
case
EVP_PKEY_RSA
:
ret
=
EVP_PK_RSA
|
EVP_PKT_SIGN
;
/* if (!sign only extension) */
...
...
include/openssl/evp.h
浏览文件 @
3aeb9348
...
...
@@ -114,35 +114,6 @@
extern
"C"
{
#endif
/*
* Type needs to be a bit field Sub-type needs to be for variations on the
* method, as in, can it do arbitrary encryption....
*/
struct
evp_pkey_st
{
int
type
;
int
save_type
;
int
references
;
const
EVP_PKEY_ASN1_METHOD
*
ameth
;
ENGINE
*
engine
;
union
{
char
*
ptr
;
# ifndef OPENSSL_NO_RSA
struct
rsa_st
*
rsa
;
/* RSA */
# endif
# ifndef OPENSSL_NO_DSA
struct
dsa_st
*
dsa
;
/* DSA */
# endif
# ifndef OPENSSL_NO_DH
struct
dh_st
*
dh
;
/* DH */
# endif
# ifndef OPENSSL_NO_EC
struct
ec_key_st
*
ec
;
/* ECC */
# endif
}
pkey
;
int
save_parameters
;
STACK_OF
(
X509_ATTRIBUTE
)
*
attributes
;
/* [ 0 ] */
}
/* EVP_PKEY */
;
# define EVP_PKEY_MO_SIGN 0x0001
# define EVP_PKEY_MO_VERIFY 0x0002
# define EVP_PKEY_MO_ENCRYPT 0x0004
...
...
@@ -959,7 +930,7 @@ int EVP_PKEY_size(EVP_PKEY *pkey);
int
EVP_PKEY_set_type
(
EVP_PKEY
*
pkey
,
int
type
);
int
EVP_PKEY_set_type_str
(
EVP_PKEY
*
pkey
,
const
char
*
str
,
int
len
);
int
EVP_PKEY_assign
(
EVP_PKEY
*
pkey
,
int
type
,
void
*
key
);
void
*
EVP_PKEY_get0
(
EVP_PKEY
*
pkey
);
void
*
EVP_PKEY_get0
(
const
EVP_PKEY
*
pkey
);
# ifndef OPENSSL_NO_RSA
struct
rsa_st
;
...
...
ssl/ssl_cert.c
浏览文件 @
3aeb9348
...
...
@@ -214,7 +214,7 @@ CERT *ssl_cert_dup(CERT *cert)
if
(
cpk
->
privatekey
!=
NULL
)
{
rpk
->
privatekey
=
cpk
->
privatekey
;
CRYPTO_add
(
&
cpk
->
privatekey
->
references
,
1
,
CRYPTO_LOCK_EVP_PKEY
);
EVP_PKEY_up_ref
(
cpk
->
privatekey
);
}
if
(
cpk
->
chain
)
{
...
...
ssl/ssl_rsa.c
浏览文件 @
3aeb9348
...
...
@@ -196,8 +196,8 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
* Don't check the public/private key, this is mostly for smart
* cards.
*/
if
(
(
pkey
->
type
==
EVP_PKEY_RSA
)
&&
(
RSA_flags
(
pkey
->
pkey
.
rsa
)
&
RSA_METHOD_FLAG_NO_CHECK
))
;
if
(
EVP_PKEY_id
(
pkey
)
==
EVP_PKEY_RSA
&&
RSA_flags
(
EVP_PKEY_get0_RSA
(
pkey
))
&
RSA_METHOD_FLAG_NO_CHECK
)
;
else
#endif
if
(
!
X509_check_private_key
(
c
->
pkeys
[
i
].
x509
,
pkey
))
{
...
...
@@ -208,7 +208,7 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
}
EVP_PKEY_free
(
c
->
pkeys
[
i
].
privatekey
);
CRYPTO_add
(
&
pkey
->
references
,
1
,
CRYPTO_LOCK_EVP_PKEY
);
EVP_PKEY_up_ref
(
pkey
);
c
->
pkeys
[
i
].
privatekey
=
pkey
;
c
->
key
=
&
(
c
->
pkeys
[
i
]);
return
(
1
);
...
...
@@ -392,9 +392,9 @@ static int ssl_set_cert(CERT *c, X509 *x)
* Don't check the public/private key, this is mostly for smart
* cards.
*/
if
(
(
c
->
pkeys
[
i
].
privatekey
->
type
==
EVP_PKEY_RSA
)
&&
(
RSA_flags
(
c
->
pkeys
[
i
].
privatekey
->
pkey
.
rsa
)
&
RSA_METHOD_FLAG_NO_CHECK
)
)
;
if
(
EVP_PKEY_id
(
c
->
pkeys
[
i
].
privatekey
)
==
EVP_PKEY_RSA
&&
RSA_flags
(
EVP_PKEY_get0_RSA
(
c
->
pkeys
[
i
].
privatekey
)
)
&
RSA_METHOD_FLAG_NO_CHECK
)
;
else
#endif
/* OPENSSL_NO_RSA */
if
(
!
X509_check_private_key
(
x
,
c
->
pkeys
[
i
].
privatekey
))
{
...
...
ssl/statem/statem_clnt.c
浏览文件 @
3aeb9348
...
...
@@ -1683,7 +1683,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
#ifdef SSL_DEBUG
fprintf
(
stderr
,
"USING TLSv1.2 HASH %s
\n
"
,
EVP_MD_name
(
md
));
#endif
}
else
if
(
pkey
->
type
==
EVP_PKEY_RSA
)
{
}
else
if
(
EVP_PKEY_id
(
pkey
)
==
EVP_PKEY_RSA
)
{
md
=
EVP_md5_sha1
();
}
else
{
md
=
EVP_sha1
();
...
...
@@ -2191,8 +2191,7 @@ psk_err:
}
pkey
=
X509_get0_pubkey
(
s
->
session
->
peer
);
if
((
pkey
==
NULL
)
||
(
pkey
->
type
!=
EVP_PKEY_RSA
)
||
(
pkey
->
pkey
.
rsa
==
NULL
))
{
if
(
EVP_PKEY_get0_RSA
(
pkey
)
==
NULL
)
{
SSLerr
(
SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE
,
ERR_R_INTERNAL_ERROR
);
goto
err
;
...
...
@@ -2273,9 +2272,7 @@ psk_err:
}
else
{
/* Get the Server Public Key from Cert */
skey
=
X509_get0_pubkey
(
s
->
session
->
peer
);
if
((
skey
==
NULL
)
||
(
skey
->
type
!=
EVP_PKEY_EC
)
||
(
skey
->
pkey
.
ec
==
NULL
))
{
if
((
skey
==
NULL
)
||
EVP_PKEY_get0_EC_KEY
(
skey
)
==
NULL
)
{
SSLerr
(
SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE
,
ERR_R_INTERNAL_ERROR
);
goto
err
;
...
...
@@ -2609,10 +2606,12 @@ int tls_construct_client_verify(SSL *s)
goto
err
;
}
#ifndef OPENSSL_NO_GOST
if
(
pkey
->
type
==
NID_id_GostR3410_2001
||
pkey
->
type
==
NID_id_GostR3410_2012_256
||
pkey
->
type
==
NID_id_GostR3410_2012_512
)
{
BUF_reverse
(
p
+
2
,
NULL
,
u
);
{
int
pktype
=
EVP_PKEY_id
(
pkey
);
if
(
pktype
==
NID_id_GostR3410_2001
||
pktype
==
NID_id_GostR3410_2012_256
||
pktype
==
NID_id_GostR3410_2012_512
)
BUF_reverse
(
p
+
2
,
NULL
,
u
);
}
#endif
...
...
ssl/statem/statem_lib.c
浏览文件 @
3aeb9348
...
...
@@ -612,7 +612,7 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
if
(
pk
==
NULL
)
goto
err
;
i
=
pk
->
type
;
i
=
EVP_PKEY_id
(
pk
)
;
if
(
i
==
EVP_PKEY_RSA
)
{
ret
=
SSL_PKEY_RSA_ENC
;
}
else
if
(
i
==
EVP_PKEY_DSA
)
{
...
...
ssl/statem/statem_srvr.c
浏览文件 @
3aeb9348
...
...
@@ -2080,7 +2080,6 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
unsigned
long
alg_k
;
#ifndef OPENSSL_NO_RSA
RSA
*
rsa
=
NULL
;
EVP_PKEY
*
pkey
=
NULL
;
#endif
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
EVP_PKEY
*
ckey
=
NULL
;
...
...
@@ -2173,15 +2172,13 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
size_t
j
;
/* FIX THIS UP EAY EAY EAY EAY */
pkey
=
s
->
cert
->
pkeys
[
SSL_PKEY_RSA_ENC
].
privatekey
;
if
((
pkey
==
NULL
)
||
(
pkey
->
type
!=
EVP_PKEY_RSA
)
||
(
pkey
->
pkey
.
rsa
==
NULL
))
{
rsa
=
EVP_PKEY_get0_RSA
(
s
->
cert
->
pkeys
[
SSL_PKEY_RSA_ENC
].
privatekey
);
if
(
rsa
==
NULL
)
{
al
=
SSL_AD_HANDSHAKE_FAILURE
;
SSLerr
(
SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE
,
SSL_R_MISSING_RSA_CERTIFICATE
);
goto
f_err
;
}
rsa
=
pkey
->
pkey
.
rsa
;
/* SSLv3 and pre-standard DTLS omit the length bytes. */
if
(
s
->
version
==
SSL3_VERSION
||
s
->
version
==
DTLS1_BAD_VER
)
{
...
...
@@ -2694,7 +2691,8 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
* length field (CryptoPro implementations at least till CSP 4.0)
*/
#ifndef OPENSSL_NO_GOST
if
(
PACKET_remaining
(
pkt
)
==
64
&&
pkey
->
type
==
NID_id_GostR3410_2001
)
{
if
(
PACKET_remaining
(
pkt
)
==
64
&&
EVP_PKEY_id
(
pkey
)
==
NID_id_GostR3410_2001
)
{
len
=
64
;
}
else
#endif
...
...
@@ -2764,10 +2762,12 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
}
#ifndef OPENSSL_NO_GOST
if
(
pkey
->
type
==
NID_id_GostR3410_2001
||
pkey
->
type
==
NID_id_GostR3410_2012_256
||
pkey
->
type
==
NID_id_GostR3410_2012_512
)
{
BUF_reverse
(
data
,
NULL
,
len
);
{
int
pktype
=
EVP_PKEY_id
(
pkey
);
if
(
pktype
==
NID_id_GostR3410_2001
||
pktype
==
NID_id_GostR3410_2012_256
||
pktype
==
NID_id_GostR3410_2012_512
)
BUF_reverse
(
data
,
NULL
,
len
);
}
#endif
...
...
ssl/t1_lib.c
浏览文件 @
3aeb9348
...
...
@@ -793,9 +793,9 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
if
(
!
pkey
)
return
0
;
/* If not EC nothing to do */
if
(
pkey
->
type
!=
EVP_PKEY_EC
)
if
(
EVP_PKEY_id
(
pkey
)
!=
EVP_PKEY_EC
)
return
1
;
rv
=
tls1_set_ec_id
(
curve_id
,
&
comp_id
,
pkey
->
pkey
.
ec
);
rv
=
tls1_set_ec_id
(
curve_id
,
&
comp_id
,
EVP_PKEY_get0_EC_KEY
(
pkey
)
);
if
(
!
rv
)
return
0
;
/*
...
...
@@ -990,10 +990,10 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
return
0
;
}
#ifndef OPENSSL_NO_EC
if
(
pkey
->
type
==
EVP_PKEY_EC
)
{
if
(
EVP_PKEY_id
(
pkey
)
==
EVP_PKEY_EC
)
{
unsigned
char
curve_id
[
2
],
comp_id
;
/* Check compression and curve matches extensions */
if
(
!
tls1_set_ec_id
(
curve_id
,
&
comp_id
,
pkey
->
pkey
.
ec
))
if
(
!
tls1_set_ec_id
(
curve_id
,
&
comp_id
,
EVP_PKEY_get0_EC_KEY
(
pkey
)
))
return
0
;
if
(
!
s
->
server
&&
!
tls1_check_ec_key
(
s
,
curve_id
,
&
comp_id
))
{
SSLerr
(
SSL_F_TLS12_CHECK_PEER_SIGALG
,
SSL_R_WRONG_CURVE
);
...
...
@@ -3227,7 +3227,7 @@ int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
int
tls12_get_sigid
(
const
EVP_PKEY
*
pk
)
{
return
tls12_find_id
(
pk
->
type
,
tls12_sig
,
OSSL_NELEM
(
tls12_sig
));
return
tls12_find_id
(
EVP_PKEY_id
(
pk
)
,
tls12_sig
,
OSSL_NELEM
(
tls12_sig
));
}
typedef
struct
{
...
...
@@ -4110,7 +4110,7 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
if
(
!
s
->
server
&&
strict_mode
)
{
STACK_OF
(
X509_NAME
)
*
ca_dn
;
int
check_type
=
0
;
switch
(
pk
->
type
)
{
switch
(
EVP_PKEY_id
(
pk
)
)
{
case
EVP_PKEY_RSA
:
check_type
=
TLS_CT_RSA_SIGN
;
break
;
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录