X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fevp%2Fp_lib.c;h=22155ecf62c4b07ed942f434d9414c623e66914d;hb=f092a073a75be72731e57b175d2df73d2d0eddd8;hp=c7a3dee108141fe81d3a9616da053f5b097e1eac;hpb=64376cd8ff7ac2db8e4645a365184f782bd7b835;p=oweals%2Fopenssl.git

diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index c7a3dee108..22155ecf62 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -64,6 +64,15 @@
 #include <openssl/evp.h>
 #include <openssl/asn1_mac.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+#include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
 
 static void EVP_PKEY_free_it(EVP_PKEY *x);
 
@@ -83,6 +92,7 @@ int EVP_PKEY_bits(EVP_PKEY *pkey)
 	else if (pkey->type == EVP_PKEY_EC)
 		{
 		BIGNUM *order = BN_new();
+		const EC_GROUP *group;
 		int ret;
 
 		if (!order)
@@ -90,7 +100,8 @@ int EVP_PKEY_bits(EVP_PKEY *pkey)
 			ERR_clear_error();
 			return 0;
 			}
-		if (!EC_GROUP_get_order(pkey->pkey.eckey->group, order, NULL))
+		group = EC_KEY_get0_group(pkey->pkey.ec);
+		if (!EC_GROUP_get_order(group, order, NULL))
 			{
 			ERR_clear_error();
 			return 0;
@@ -119,7 +130,7 @@ int EVP_PKEY_size(EVP_PKEY *pkey)
 #endif
 #ifndef OPENSSL_NO_ECDSA
 		if (pkey->type == EVP_PKEY_EC)
-		return(ECDSA_size(pkey->pkey.eckey));
+		return(ECDSA_size(pkey->pkey.ec));
 #endif
 
 	return(0);
@@ -150,7 +161,7 @@ int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
 	return(0);
 	}
 
-int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
+int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
 	{
 	if (to->type != from->type)
 		{
@@ -184,13 +195,12 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
 #ifndef OPENSSL_NO_EC
 	if (to->type == EVP_PKEY_EC)
 		{
-		if (to->pkey.eckey->group != NULL)
-			EC_GROUP_free(to->pkey.eckey->group);
-		if ((to->pkey.eckey->group = EC_GROUP_new(
-			EC_GROUP_method_of(from->pkey.eckey->group))) == NULL) 
+		EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec));
+		if (group == NULL)
 			goto err;
-		if (!EC_GROUP_copy(to->pkey.eckey->group,
-			from->pkey.eckey->group)) goto err;
+		if (EC_KEY_set_group(to->pkey.ec, group) == 0)
+			goto err;
+		EC_GROUP_free(group);
 		}
 #endif
 	return(1);
@@ -198,7 +208,7 @@ err:
 	return(0);
 	}
 
-int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
+int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
 	{
 #ifndef OPENSSL_NO_DSA
 	if (pkey->type == EVP_PKEY_DSA)
@@ -213,7 +223,7 @@ int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
 #ifndef OPENSSL_NO_EC
 	if (pkey->type == EVP_PKEY_EC)
 		{
-		if (pkey->pkey.eckey->group == NULL)
+		if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
 			return(1);
 		}
 #endif
@@ -221,7 +231,7 @@ int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
 	return(0);
 	}
 
-int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b)
+int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
 	{
 #ifndef OPENSSL_NO_DSA
 	if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
@@ -233,10 +243,73 @@ int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b)
 		else
 			return(1);
 		}
+#endif
+#ifndef OPENSSL_NO_EC
+	if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC)
+		{
+		const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
+		               *group_b = EC_KEY_get0_group(b->pkey.ec);
+		if (EC_GROUP_cmp(group_a, group_b, NULL))
+			return 0;
+		else
+			return 1;
+		}
 #endif
 	return(-1);
 	}
 
+int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+	if (a->type != b->type)
+		return -1;
+
+	if (EVP_PKEY_cmp_parameters(a, b) == 0)
+		return 0;
+
+	switch (a->type)
+		{
+#ifndef OPENSSL_NO_RSA
+	case EVP_PKEY_RSA:
+		if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0
+			|| BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0)
+			return 0;
+		break;
+#endif
+#ifndef OPENSSL_NO_DSA
+	case EVP_PKEY_DSA:
+		if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0)
+			return 0;
+		break;
+#endif
+#ifndef OPENSSL_NO_EC
+	case EVP_PKEY_EC:
+		{
+		int  r;
+		const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
+		const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
+		               *pb = EC_KEY_get0_public_key(b->pkey.ec);
+		r = EC_POINT_cmp(group, pa, pb, NULL);
+		if (r != 0)
+			{
+			if (r == 1)
+				return 0;
+			else
+				return -2;
+			}
+		}
+ 		break;
+#endif
+#ifndef OPENSSL_NO_DH
+	case EVP_PKEY_DH:
+		return -2;
+#endif
+	default:
+		return -2;
+		}
+
+	return 1;
+	}
+
 EVP_PKEY *EVP_PKEY_new(void)
 	{
 	EVP_PKEY *ret;
@@ -311,8 +384,9 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
 int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
 {
 	int ret = EVP_PKEY_assign_EC_KEY(pkey,key);
-	if (ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_EC);
-		return ret;
+	if (ret)
+		EC_KEY_up_ref(key);
+	return ret;
 }
 
 EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
@@ -322,8 +396,8 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
 		EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
 		return NULL;
 	}
-	CRYPTO_add(&pkey->pkey.eckey->references, 1, CRYPTO_LOCK_EC);
-	return pkey->pkey.eckey;
+	EC_KEY_up_ref(pkey->pkey.ec);
+	return pkey->pkey.ec;
 }
 #endif
 
@@ -390,6 +464,8 @@ void EVP_PKEY_free(EVP_PKEY *x)
 		}
 #endif
 	EVP_PKEY_free_it(x);
+	if (x->attributes)
+		sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
 	OPENSSL_free(x);
 	}
 
@@ -413,7 +489,7 @@ static void EVP_PKEY_free_it(EVP_PKEY *x)
 #endif
 #ifndef OPENSSL_NO_EC
 	case EVP_PKEY_EC:
-		EC_KEY_free(x->pkey.eckey);
+		EC_KEY_free(x->pkey.ec);
 		break;
 #endif
 #ifndef OPENSSL_NO_DH