Use EVP_PKEY_X25519, EVP_PKEY_ED25519 instead of NIDs where appropriate.

Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3585)

crypto/ec/ecx_meth.c

@@ -78,7 +78,7 @@ static int ecx_key_op(EVP_PKEY *pkey, int id, const X509_ALGOR *palg,
                 OPENSSL_free(xkey);
                 return 0;
             }
-            if (id == NID_X25519) {
+            if (id == EVP_PKEY_X25519) {
                 xkey->privkey[0] &= 248;
                 xkey->privkey[31] &= 127;
                 xkey->privkey[31] |= 64;
@@ -86,7 +86,7 @@ static int ecx_key_op(EVP_PKEY *pkey, int id, const X509_ALGOR *palg,
         } else {
             memcpy(xkey->privkey, p, X25519_KEYLEN);
         }
-        if (id == NID_X25519)
+        if (id == EVP_PKEY_X25519)
             X25519_public_from_private(xkey->pubkey, xkey->privkey);
         else
             ED25519_public_from_private(xkey->pubkey, xkey->privkey);
@@ -282,7 +282,8 @@ static int ecx_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
     switch (op) {
 
     case ASN1_PKEY_CTRL_SET1_TLS_ENCPT:
-        return ecx_key_op(pkey, NID_X25519, NULL, arg2, arg1, X25519_PUBLIC);
+        return ecx_key_op(pkey, EVP_PKEY_X25519, NULL, arg2, arg1,
+                          X25519_PUBLIC);
 
     case ASN1_PKEY_CTRL_GET1_TLS_ENCPT:
         if (pkey->pkey.ptr != NULL) {
@@ -305,8 +306,8 @@ static int ecx_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 }
 
 const EVP_PKEY_ASN1_METHOD ecx25519_asn1_meth = {
-    NID_X25519,
-    NID_X25519,
+    EVP_PKEY_X25519,
+    EVP_PKEY_X25519,
     0,
     "X25519",
     "OpenSSL X25519 algorithm",
@@ -380,8 +381,8 @@ static int ecd_sig_info_set(X509_SIG_INFO *siginf, const X509_ALGOR *alg,
 }
 
 const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth = {
-    NID_ED25519,
-    NID_ED25519,
+    EVP_PKEY_ED25519,
+    EVP_PKEY_ED25519,
     0,
     "ED25519",
     "OpenSSL ED25519 algorithm",
@@ -451,7 +452,7 @@ static int pkey_ecx_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 }
 
 const EVP_PKEY_METHOD ecx25519_pkey_meth = {
-    NID_X25519,
+    EVP_PKEY_X25519,
     0, 0, 0, 0, 0, 0, 0,
     pkey_ecx_keygen,
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
@@ -510,7 +511,7 @@ static int pkey_ecd_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 }
 
 const EVP_PKEY_METHOD ed25519_pkey_meth = {
-    NID_ED25519, EVP_PKEY_FLAG_SIGCTX_CUSTOM,
+    EVP_PKEY_ED25519, EVP_PKEY_FLAG_SIGCTX_CUSTOM,
     0, 0, 0, 0, 0, 0,
     pkey_ecx_keygen,
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,

crypto/x509/x509type.c

@@ -41,7 +41,7 @@ int X509_certificate_type(const X509 *x, const EVP_PKEY *pkey)
     case EVP_PKEY_EC:
         ret = EVP_PK_EC | EVP_PKT_SIGN | EVP_PKT_EXCH;
         break;
-    case NID_ED25519:
+    case EVP_PKEY_ED25519:
         ret = EVP_PKT_SIGN;
         break;
     case EVP_PKEY_DH:

doc/man7/Ed25519.pod

@@ -31,7 +31,7 @@ or X509_sign_ctx() in the usual way.
 
 A context for the B<Ed25519> algorithm can be obtained by calling:
 
- EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(NID_ED25519, NULL);
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
 
 =head1 EXAMPLE
 
@@ -42,7 +42,7 @@ output in PEM format:
  #include <openssl/pem.h>
  ...
  EVP_PKEY *pkey = NULL;
- EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(NID_ED25519, NULL);
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
  EVP_PKEY_keygen_init(pctx);
  EVP_PKEY_keygen(pctx, &pkey);
  EVP_PKEY_CTX_free(pctx);

doc/man7/X25519.pod

@@ -19,7 +19,7 @@ performing key derivation.
 
 A context for the B<X25519> algorithm can be obtained by calling:
 
- EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(NID_X25519, NULL);
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);
 
 =head1 EXAMPLE
 
@@ -30,7 +30,7 @@ output in PEM format:
  #include <openssl/pem.h>
  ...
  EVP_PKEY *pkey = NULL;
- EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(NID_X25519, NULL);
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);
  EVP_PKEY_keygen_init(pctx);
  EVP_PKEY_keygen(pctx, &pkey);
  EVP_PKEY_CTX_free(pctx);

include/openssl/evp.h

@@ -56,6 +56,8 @@
 # define EVP_PKEY_HKDF   NID_hkdf
 # define EVP_PKEY_POLY1305 NID_poly1305
 # define EVP_PKEY_SIPHASH NID_siphash
+# define EVP_PKEY_X25519 NID_X25519
+# define EVP_PKEY_ED25519 NID_ED25519
 
 #ifdef  __cplusplus
 extern "C" {

ssl/statem/statem_lib.c

@@ -1251,7 +1251,7 @@ int ssl_cert_type(const X509 *x, const EVP_PKEY *pk)
 #ifndef OPENSSL_NO_EC
     case EVP_PKEY_EC:
         return SSL_PKEY_ECC;
-    case NID_ED25519:
+    case EVP_PKEY_ED25519:
         return SSL_PKEY_ED25519;
 #endif
 #ifndef OPENSSL_NO_GOST

ssl/t1_lib.c

@@ -169,7 +169,7 @@ static const tls_curve_info nid_list[] = {
     {NID_brainpoolP256r1, 128, TLS_CURVE_PRIME}, /* brainpoolP256r1 (26) */
     {NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */
     {NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */
-    {NID_X25519, 128, TLS_CURVE_CUSTOM}, /* X25519 (29) */
+    {EVP_PKEY_X25519, 128, TLS_CURVE_CUSTOM}, /* X25519 (29) */
 };
 
 static const unsigned char ecformats_default[] = {
@@ -719,7 +719,7 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
      NID_sha512, SSL_MD_SHA512_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
      NID_ecdsa_with_SHA512, NID_secp521r1},
     {"ed25519", TLSEXT_SIGALG_ed25519,
-     NID_undef, -1, NID_ED25519, SSL_PKEY_ED25519,
+     NID_undef, -1, EVP_PKEY_ED25519, SSL_PKEY_ED25519,
      NID_undef, NID_undef},
     {NULL, TLSEXT_SIGALG_ecdsa_sha224,
      NID_sha224, SSL_MD_SHA224_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
@@ -1418,7 +1418,7 @@ static int tls12_get_pkey_idx(int sig_nid)
 #ifndef OPENSSL_NO_EC
     case EVP_PKEY_EC:
         return SSL_PKEY_ECC;
-    case NID_ED25519:
+    case EVP_PKEY_ED25519:
         return SSL_PKEY_ED25519;
 #endif
 #ifndef OPENSSL_NO_GOST
@@ -1498,7 +1498,7 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op)
             break;
 #endif
 #ifndef OPENSSL_NO_EC
-        case NID_ED25519:
+        case EVP_PKEY_ED25519:
         case EVP_PKEY_EC:
             if (!have_ecdsa && tls12_sigalg_allowed(s, op, lu))
                 have_ecdsa = 1;
@@ -2427,7 +2427,7 @@ int tls_choose_sigalg(SSL *s, int *al)
                     if (lu->sig_idx == idx
                         && (curve == -1 || lu->curve == curve))
                         break;
-                    if (idx == SSL_PKEY_ECC && lu->sig == NID_ED25519) {
+                    if (idx == SSL_PKEY_ECC && lu->sig == EVP_PKEY_ED25519) {
                         idx = SSL_PKEY_ED25519;
                         break;
                     }