提交 f929439f 编写于 作者: M Matt Caswell

Rename EVP_PKEY_new_private_key()/EVP_PKEY_new_public_key()

Renamed to EVP_PKEY_new_raw_private_key()/EVP_new_raw_public_key() as per
feedback.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5520)
上级 e8f9f08f
......@@ -277,8 +277,8 @@ int dgst_main(int argc, char **argv)
}
if (hmac_key != NULL) {
sigkey = EVP_PKEY_new_private_key(EVP_PKEY_HMAC, impl,
(unsigned char *)hmac_key, -1);
sigkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, impl,
(unsigned char *)hmac_key, -1);
if (sigkey == NULL)
goto end;
}
......
......@@ -704,8 +704,8 @@ EVP_F_EVP_PKEY_KEYGEN:146:EVP_PKEY_keygen
EVP_F_EVP_PKEY_KEYGEN_INIT:147:EVP_PKEY_keygen_init
EVP_F_EVP_PKEY_NEW:106:EVP_PKEY_new
EVP_F_EVP_PKEY_NEW_CMAC_KEY:193:EVP_PKEY_new_CMAC_key
EVP_F_EVP_PKEY_NEW_PRIVATE_KEY:191:EVP_PKEY_new_private_key
EVP_F_EVP_PKEY_NEW_PUBLIC_KEY:192:EVP_PKEY_new_public_key
EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY:191:EVP_PKEY_new_raw_private_key
EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY:192:EVP_PKEY_new_raw_public_key
EVP_F_EVP_PKEY_PARAMGEN:148:EVP_PKEY_paramgen
EVP_F_EVP_PKEY_PARAMGEN_INIT:149:EVP_PKEY_paramgen_init
EVP_F_EVP_PKEY_PARAM_CHECK:189:EVP_PKEY_param_check
......
......@@ -95,10 +95,10 @@ static const ERR_STRING_DATA EVP_str_functs[] = {
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW, 0), "EVP_PKEY_new"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW_CMAC_KEY, 0),
"EVP_PKEY_new_CMAC_key"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW_PRIVATE_KEY, 0),
"EVP_PKEY_new_private_key"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW_PUBLIC_KEY, 0),
"EVP_PKEY_new_public_key"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY, 0),
"EVP_PKEY_new_raw_private_key"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY, 0),
"EVP_PKEY_new_raw_public_key"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_PARAMGEN, 0), "EVP_PKEY_paramgen"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_PARAMGEN_INIT, 0),
"EVP_PKEY_paramgen_init"},
......
......@@ -220,9 +220,9 @@ static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str,
return 1;
}
EVP_PKEY *EVP_PKEY_new_private_key(int type, ENGINE *e,
const unsigned char *priv,
size_t len)
EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
const unsigned char *priv,
size_t len)
{
EVP_PKEY *ret = EVP_PKEY_new();
......@@ -233,13 +233,13 @@ EVP_PKEY *EVP_PKEY_new_private_key(int type, ENGINE *e,
}
if (ret->ameth->set_priv_key == NULL) {
EVPerr(EVP_F_EVP_PKEY_NEW_PRIVATE_KEY,
EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY,
EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
goto err;
}
if (!ret->ameth->set_priv_key(ret, priv, len)) {
EVPerr(EVP_F_EVP_PKEY_NEW_PRIVATE_KEY, EVP_R_KEY_SETUP_FAILED);
EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY, EVP_R_KEY_SETUP_FAILED);
goto err;
}
......@@ -250,9 +250,9 @@ EVP_PKEY *EVP_PKEY_new_private_key(int type, ENGINE *e,
return NULL;
}
EVP_PKEY *EVP_PKEY_new_public_key(int type, ENGINE *e,
const unsigned char *pub,
size_t len)
EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
const unsigned char *pub,
size_t len)
{
EVP_PKEY *ret = EVP_PKEY_new();
......@@ -263,13 +263,13 @@ EVP_PKEY *EVP_PKEY_new_public_key(int type, ENGINE *e,
}
if (ret->ameth->set_pub_key == NULL) {
EVPerr(EVP_F_EVP_PKEY_NEW_PUBLIC_KEY,
EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY,
EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
goto err;
}
if (!ret->ameth->set_pub_key(ret, pub, len)) {
EVPerr(EVP_F_EVP_PKEY_NEW_PUBLIC_KEY, EVP_R_KEY_SETUP_FAILED);
EVPerr(EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY, EVP_R_KEY_SETUP_FAILED);
goto err;
}
......
......@@ -193,7 +193,7 @@ static int tls1_prf_P_hash(const EVP_MD *md,
if (ctx == NULL || ctx_tmp == NULL || ctx_init == NULL)
goto err;
EVP_MD_CTX_set_flags(ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
mac_key = EVP_PKEY_new_private_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
mac_key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
if (mac_key == NULL)
goto err;
if (!EVP_DigestSignInit(ctx_init, NULL, md, NULL, mac_key))
......
......@@ -345,8 +345,8 @@ L<EVP_PKEY_param_check(3)> respectively.
The set_priv_key() and set_pub_key() methods are used to set the raw private and
public key data for an EVP_PKEY. They MUST return 0 on error, or 1 on success.
They are called by L<EVP_PKEY_new_private_key(3)>, and
L<EVP_PKEY_new_public_key(3)> respectively.
They are called by L<EVP_PKEY_new_raw_private_key(3)>, and
L<EVP_PKEY_new_raw_public_key(3)> respectively.
=head2 Functions
......
......@@ -88,10 +88,10 @@ allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key()
macro. In this case key generation is simply the process of setting up the
parameters for the key and then setting the raw key data to the value explicitly
provided by that macro. Normally applications would call
L<EVP_PKEY_new_private_key(3)> or similar functions instead of this macro.
L<EVP_PKEY_new_raw_private_key(3)> or similar functions instead of this macro.
The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms
supported by the L<EVP_PKEY_new_private_key(3)> function.
supported by the L<EVP_PKEY_new_raw_private_key(3)> function.
The macro EVP_PKEY_CTX_set_rsa_padding() sets the RSA padding mode for B<ctx>.
The B<pad> parameter can take the value RSA_PKCS1_PADDING for PKCS#1 padding,
......
......@@ -5,8 +5,8 @@
EVP_PKEY_new,
EVP_PKEY_up_ref,
EVP_PKEY_free,
EVP_PKEY_new_private_key,
EVP_PKEY_new_public_key,
EVP_PKEY_new_raw_private_key,
EVP_PKEY_new_raw_public_key,
EVP_PKEY_new_CMAC_key,
EVP_PKEY_new_mac_key
- public/private key allocation functions
......@@ -19,10 +19,10 @@ EVP_PKEY_new_mac_key
int EVP_PKEY_up_ref(EVP_PKEY *key);
void EVP_PKEY_free(EVP_PKEY *key);
EVP_PKEY *EVP_PKEY_new_private_key(int type, ENGINE *e,
const unsigned char *key, size_t keylen);
EVP_PKEY *EVP_PKEY_new_public_key(int type, ENGINE *e,
const unsigned char *key, size_t keylen);
EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
const unsigned char *key, size_t keylen);
EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
const unsigned char *key, size_t keylen);
EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
size_t len, const EVP_CIPHER *cipher);
EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
......@@ -38,10 +38,10 @@ EVP_PKEY_up_ref() increments the reference count of B<key>.
EVP_PKEY_free() decrements the reference count of B<key> and, if the reference
count is zero, frees it up. If B<key> is NULL, nothing is done.
EVP_PKEY_new_private_key() allocates a new B<EVP_PKEY>. If B<e> is non-NULL then
the new B<EVP_PKEY> structure is associated with the engine B<e>. The B<type>
argument indicates what kind of key this is. The value should be a NID for a
public key algorithm that supports raw private keys, i.e. one of
EVP_PKEY_new_raw_private_key() allocates a new B<EVP_PKEY>. If B<e> is non-NULL
then the new B<EVP_PKEY> structure is associated with the engine B<e>. The
B<type> argument indicates what kind of key this is. The value should be a NID
for a public key algorithm that supports raw private keys, i.e. one of
B<EVP_PKEY_HMAC>, B<EVP_PKEY_POLY1305>, B<EVP_PKEY_SIPHASH>, B<EVP_PKEY_X25519>,
B<EVP_PKEY_ED25519>, B<EVP_PKEY_X448> or B<EVP_PKEY_ED448>. B<key> points to the
raw private key data for this B<EVP_PKEY> which should be of length B<keylen>.
......@@ -49,19 +49,19 @@ The length should be appropriate for the type of the key. The public key data
will be automatically derived from the given private key data (if appropriate
for the algorithm type).
EVP_PKEY_new_public_key() works in the same way as EVP_PKEY_new_private_key()
except that B<key> points to the raw public key data. The B<EVP_PKEY> structure
will be initialised without any private key information. Algorithm types that
support raw public keys are B<EVP_PKEY_X25519>, B<EVP_PKEY_ED25519>,
B<EVP_PKEY_X448> or B<EVP_PKEY_ED448>.
EVP_PKEY_new_raw_public_key() works in the same way as
EVP_PKEY_new_raw_private_key() except that B<key> points to the raw public key
data. The B<EVP_PKEY> structure will be initialised without any private key
information. Algorithm types that support raw public keys are
B<EVP_PKEY_X25519>, B<EVP_PKEY_ED25519>, B<EVP_PKEY_X448> or B<EVP_PKEY_ED448>.
EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_private_key()
EVP_PKEY_new_CMAC_key() works in the same way as EVP_PKEY_new_raw_private_key()
except it is only for the B<EVP_PKEY_CMAC> algorithm type. In addition to the
raw private key data, it also takes a cipher algorithm to be used during
creation of a CMAC in the B<cipher> argument.
EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_private_key(). New
applications should use EVP_PKEY_new_private_key() instead.
EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key().
New applications should use EVP_PKEY_new_raw_private_key() instead.
=head1 NOTES
......@@ -74,7 +74,7 @@ used.
=head1 RETURN VALUES
EVP_PKEY_new(), EVP_PKEY_new_private_key(), EVP_PKEY_new_public_key(),
EVP_PKEY_new(), EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(),
EVP_PKEY_new_CMAC_key() and EVP_PKEY_new_mac_key() return either the newly
allocated B<EVP_PKEY> structure or B<NULL> if an error occurred.
......@@ -88,9 +88,9 @@ L<EVP_PKEY_set1_RSA(3)>
EVP_PKEY_new() and EVP_PKEY_free() exist in all versions of OpenSSL.
EVP_PKEY_up_ref() was first added to OpenSSL 1.1.0. EVP_PKEY_new_private_key(),
EVP_PKEY_new_public_key() and EVP_PKEY_new_CMAC_key() were first added to
OpenSSL 1.1.1.
EVP_PKEY_up_ref() was first added to OpenSSL 1.1.0.
EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key() and
EVP_PKEY_new_CMAC_key() were first added to OpenSSL 1.1.1.
=head1 COPYRIGHT
......
......@@ -40,14 +40,14 @@ For the B<Ed448> algorithm a context can be obtained by calling:
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED448, NULL);
Ed25519 or Ed448 private keys can be set directly using
L<EVP_PKEY_new_private_key(3)> or loaded from a PKCS#8 private key file using
L<PEM_read_bio_PrivateKey(3)> (or similar function). Completely new keys can
also be generated (see the example below). Setting a private key also sets the
associated public key.
L<EVP_PKEY_new_raw_private_key(3)> or loaded from a PKCS#8 private key file
using L<PEM_read_bio_PrivateKey(3)> (or similar function). Completely new keys
can also be generated (see the example below). Setting a private key also sets
the associated public key.
Ed25519 or Ed448 public keys can be set directly using
L<EVP_PKEY_new_public_key(3)> or loaded from a SubjectPublicKeyInfo structure
in a PEM file using L<PEM_read_bio_PUBKEY(3)> (or similar function).
L<EVP_PKEY_new_raw_public_key(3)> or loaded from a SubjectPublicKeyInfo
structure in a PEM file using L<PEM_read_bio_PUBKEY(3)> (or similar function).
=head1 EXAMPLE
......
......@@ -28,14 +28,14 @@ For the B<X448> algorithm a context can be obtained by calling:
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X448, NULL);
X25519 or X448 private keys can be set directly using
L<EVP_PKEY_new_private_key(3)> or loaded from a PKCS#8 private key file using
L<PEM_read_bio_PrivateKey(3)> (or similar function). Completely new keys can
also be generated (see the example below). Setting a private key also sets the
associated public key.
L<EVP_PKEY_new_raw_private_key(3)> or loaded from a PKCS#8 private key file
using L<PEM_read_bio_PrivateKey(3)> (or similar function). Completely new keys
can also be generated (see the example below). Setting a private key also sets
the associated public key.
X25519 or X448 public keys can be set directly using
L<EVP_PKEY_new_public_key(3)> or loaded from a SubjectPublicKeyInfo structure
in a PEM file using L<PEM_read_bio_PUBKEY(3)> (or similar function).
L<EVP_PKEY_new_raw_public_key(3)> or loaded from a SubjectPublicKeyInfo
structure in a PEM file using L<PEM_read_bio_PUBKEY(3)> (or similar function).
=head1 EXAMPLE
......
......@@ -1347,12 +1347,12 @@ void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
const unsigned char *key, int keylen);
EVP_PKEY *EVP_PKEY_new_private_key(int type, ENGINE *e,
const unsigned char *priv,
size_t len);
EVP_PKEY *EVP_PKEY_new_public_key(int type, ENGINE *e,
const unsigned char *pub,
size_t len);
EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
const unsigned char *priv,
size_t len);
EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
const unsigned char *pub,
size_t len);
EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
size_t len, const EVP_CIPHER *cipher);
......
......@@ -79,8 +79,8 @@ int ERR_load_EVP_strings(void);
# define EVP_F_EVP_PKEY_KEYGEN_INIT 147
# define EVP_F_EVP_PKEY_NEW 106
# define EVP_F_EVP_PKEY_NEW_CMAC_KEY 193
# define EVP_F_EVP_PKEY_NEW_PRIVATE_KEY 191
# define EVP_F_EVP_PKEY_NEW_PUBLIC_KEY 192
# define EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY 191
# define EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY 192
# define EVP_F_EVP_PKEY_PARAMGEN 148
# define EVP_F_EVP_PKEY_PARAMGEN_INIT 149
# define EVP_F_EVP_PKEY_PARAM_CHECK 189
......
......@@ -1559,8 +1559,8 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart,
goto err;
}
mackey = EVP_PKEY_new_private_key(EVP_PKEY_HMAC, NULL, finishedkey,
hashsize);
mackey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, finishedkey,
hashsize);
if (mackey == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PSK_DO_BINDER,
ERR_R_INTERNAL_ERROR);
......
......@@ -752,9 +752,10 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
/* Verify the HMAC of the cookie */
hctx = EVP_MD_CTX_create();
pkey = EVP_PKEY_new_private_key(EVP_PKEY_HMAC, NULL,
s->session_ctx->ext.cookie_hmac_key,
sizeof(s->session_ctx->ext.cookie_hmac_key));
pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
s->session_ctx->ext.cookie_hmac_key,
sizeof(s->session_ctx->ext
.cookie_hmac_key));
if (hctx == NULL || pkey == NULL) {
EVP_MD_CTX_free(hctx);
EVP_PKEY_free(pkey);
......@@ -1762,9 +1763,10 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context,
/* HMAC the cookie */
hctx = EVP_MD_CTX_create();
pkey = EVP_PKEY_new_private_key(EVP_PKEY_HMAC, NULL,
s->session_ctx->ext.cookie_hmac_key,
sizeof(s->session_ctx->ext.cookie_hmac_key));
pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
s->session_ctx->ext.cookie_hmac_key,
sizeof(s->session_ctx->ext
.cookie_hmac_key));
if (hctx == NULL || pkey == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE,
ERR_R_MALLOC_FAILURE);
......
......@@ -257,8 +257,8 @@ int tls1_change_cipher_state(SSL *s, int which)
if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
/* TODO(size_t): Convert this function */
mac_key = EVP_PKEY_new_private_key(mac_type, NULL,
mac_secret, (int)*mac_secret_size);
mac_key = EVP_PKEY_new_raw_private_key(mac_type, NULL, mac_secret,
(int)*mac_secret_size);
if (mac_key == NULL
|| EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key) <= 0) {
EVP_PKEY_free(mac_key);
......
......@@ -248,11 +248,11 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen,
}
if (str == s->method->ssl3_enc->server_finished_label)
key = EVP_PKEY_new_private_key(EVP_PKEY_HMAC, NULL,
s->server_finished_secret, hashlen);
key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
s->server_finished_secret, hashlen);
else
key = EVP_PKEY_new_private_key(EVP_PKEY_HMAC, NULL,
s->client_finished_secret, hashlen);
key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL,
s->client_finished_secret, hashlen);
if (key == NULL
|| ctx == NULL
......
......@@ -915,8 +915,8 @@ static int mac_test_run(EVP_TEST *t)
key = EVP_PKEY_new_CMAC_key(NULL, expected->key, expected->key_len,
EVP_get_cipherbyname(expected->alg));
else
key = EVP_PKEY_new_private_key(expected->type, NULL, expected->key,
expected->key_len);
key = EVP_PKEY_new_raw_private_key(expected->type, NULL, expected->key,
expected->key_len);
if (key == NULL) {
t->err = "MAC_KEY_CREATE_ERROR";
goto err;
......@@ -2486,9 +2486,9 @@ top:
return 0;
}
if (klist == &private_keys)
pkey = EVP_PKEY_new_private_key(nid, NULL, keybin, keylen);
pkey = EVP_PKEY_new_raw_private_key(nid, NULL, keybin, keylen);
else
pkey = EVP_PKEY_new_public_key(nid, NULL, keybin, keylen);
pkey = EVP_PKEY_new_raw_public_key(nid, NULL, keybin, keylen);
if (pkey == NULL) {
TEST_info("Can't read %s data", pp->key);
OPENSSL_free(keybin);
......
......@@ -4522,8 +4522,8 @@ OSSL_STORE_LOADER_set_find 4463 1_1_1 EXIST::FUNCTION:
OSSL_STORE_SEARCH_free 4464 1_1_1 EXIST::FUNCTION:
OSSL_STORE_SEARCH_get0_digest 4465 1_1_1 EXIST::FUNCTION:
RAND_DRBG_set_reseed_defaults 4466 1_1_1 EXIST::FUNCTION:
EVP_PKEY_new_private_key 4467 1_1_1 EXIST::FUNCTION:
EVP_PKEY_new_public_key 4468 1_1_1 EXIST::FUNCTION:
EVP_PKEY_new_raw_private_key 4467 1_1_1 EXIST::FUNCTION:
EVP_PKEY_new_raw_public_key 4468 1_1_1 EXIST::FUNCTION:
EVP_PKEY_new_CMAC_key 4469 1_1_1 EXIST::FUNCTION:
EVP_PKEY_asn1_set_set_priv_key 4470 1_1_1 EXIST::FUNCTION:
EVP_PKEY_asn1_set_set_pub_key 4471 1_1_1 EXIST::FUNCTION:
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册