X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fevp%2Fp_lib.c;h=22155ecf62c4b07ed942f434d9414c623e66914d;hb=f092a073a75be72731e57b175d2df73d2d0eddd8;hp=fcb5711753d762d48878e0376a5a8f0c995c53b0;hpb=4d94ae00d5614d64d4dd065860c4b00161a81f82;p=oweals%2Fopenssl.git

diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index fcb5711753..22155ecf62 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -64,6 +64,15 @@
 #include <openssl/evp.h>
 #include <openssl/asn1_mac.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+#include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
 
 static void EVP_PKEY_free_it(EVP_PKEY *x);
 
@@ -79,10 +88,11 @@ int EVP_PKEY_bits(EVP_PKEY *pkey)
 	else if (pkey->type == EVP_PKEY_DSA)
 		return(BN_num_bits(pkey->pkey.dsa->p));
 #endif
-#ifndef OPENSSL_NO_ECDSA
-	else if (pkey->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+	else if (pkey->type == EVP_PKEY_EC)
 		{
 		BIGNUM *order = BN_new();
+		const EC_GROUP *group;
 		int ret;
 
 		if (!order)
@@ -90,7 +100,8 @@ int EVP_PKEY_bits(EVP_PKEY *pkey)
 			ERR_clear_error();
 			return 0;
 			}
-		if (!EC_GROUP_get_order(pkey->pkey.ecdsa->group, order, NULL))
+		group = EC_KEY_get0_group(pkey->pkey.ec);
+		if (!EC_GROUP_get_order(group, order, NULL))
 			{
 			ERR_clear_error();
 			return 0;
@@ -118,8 +129,8 @@ int EVP_PKEY_size(EVP_PKEY *pkey)
 		return(DSA_size(pkey->pkey.dsa));
 #endif
 #ifndef OPENSSL_NO_ECDSA
-		if (pkey->type == EVP_PKEY_ECDSA)
-		return(ECDSA_size(pkey->pkey.ecdsa));
+		if (pkey->type == EVP_PKEY_EC)
+		return(ECDSA_size(pkey->pkey.ec));
 #endif
 
 	return(0);
@@ -137,8 +148,8 @@ int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
 		return(ret);
 		}
 #endif
-#ifndef OPENSSL_NO_ECDSA
-	if (pkey->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+	if (pkey->type == EVP_PKEY_EC)
 		{
 		int ret = pkey->save_parameters;
 
@@ -150,7 +161,7 @@ int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
 	return(0);
 	}
 
-int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
+int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
 	{
 	if (to->type != from->type)
 		{
@@ -181,13 +192,15 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
 		to->pkey.dsa->g=a;
 		}
 #endif
-#ifndef OPENSSL_NO_ECDSA
-	if (to->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+	if (to->type == EVP_PKEY_EC)
 		{
-		if (to->pkey.ecdsa->group != NULL)
-			EC_GROUP_free(to->pkey.ecdsa->group);
-		if ((to->pkey.ecdsa->group = EC_GROUP_new(EC_GROUP_method_of(from->pkey.ecdsa->group))) == NULL) goto err;
-		if (!EC_GROUP_copy(to->pkey.ecdsa->group,from->pkey.ecdsa->group)) goto err;
+		EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec));
+		if (group == NULL)
+			goto err;
+		if (EC_KEY_set_group(to->pkey.ec, group) == 0)
+			goto err;
+		EC_GROUP_free(group);
 		}
 #endif
 	return(1);
@@ -195,7 +208,7 @@ err:
 	return(0);
 	}
 
-int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
+int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
 	{
 #ifndef OPENSSL_NO_DSA
 	if (pkey->type == EVP_PKEY_DSA)
@@ -207,10 +220,10 @@ int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
 			return(1);
 		}
 #endif
-#ifndef OPENSSL_NO_ECDSA
-	if (pkey->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+	if (pkey->type == EVP_PKEY_EC)
 		{
-		if (pkey->pkey.ecdsa->group == NULL)
+		if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
 			return(1);
 		}
 #endif
@@ -218,7 +231,7 @@ int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
 	return(0);
 	}
 
-int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b)
+int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
 	{
 #ifndef OPENSSL_NO_DSA
 	if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
@@ -230,10 +243,73 @@ int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b)
 		else
 			return(1);
 		}
+#endif
+#ifndef OPENSSL_NO_EC
+	if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC)
+		{
+		const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
+		               *group_b = EC_KEY_get0_group(b->pkey.ec);
+		if (EC_GROUP_cmp(group_a, group_b, NULL))
+			return 0;
+		else
+			return 1;
+		}
 #endif
 	return(-1);
 	}
 
+int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+	if (a->type != b->type)
+		return -1;
+
+	if (EVP_PKEY_cmp_parameters(a, b) == 0)
+		return 0;
+
+	switch (a->type)
+		{
+#ifndef OPENSSL_NO_RSA
+	case EVP_PKEY_RSA:
+		if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0
+			|| BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0)
+			return 0;
+		break;
+#endif
+#ifndef OPENSSL_NO_DSA
+	case EVP_PKEY_DSA:
+		if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0)
+			return 0;
+		break;
+#endif
+#ifndef OPENSSL_NO_EC
+	case EVP_PKEY_EC:
+		{
+		int  r;
+		const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
+		const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
+		               *pb = EC_KEY_get0_public_key(b->pkey.ec);
+		r = EC_POINT_cmp(group, pa, pb, NULL);
+		if (r != 0)
+			{
+			if (r == 1)
+				return 0;
+			else
+				return -2;
+			}
+		}
+ 		break;
+#endif
+#ifndef OPENSSL_NO_DH
+	case EVP_PKEY_DH:
+		return -2;
+#endif
+	default:
+		return -2;
+		}
+
+	return 1;
+	}
+
 EVP_PKEY *EVP_PKEY_new(void)
 	{
 	EVP_PKEY *ret;
@@ -303,24 +379,25 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
 }
 #endif
 
-#ifndef OPENSSL_NO_ECDSA
+#ifndef OPENSSL_NO_EC
 
-int EVP_PKEY_set1_ECDSA(EVP_PKEY *pkey, ECDSA *key)
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
 {
-	int ret = EVP_PKEY_assign_ECDSA(pkey,key);
-	if (ret) CRYPTO_add(&key->references, 1,CRYPTO_LOCK_ECDSA);
-		return ret;
+	int ret = EVP_PKEY_assign_EC_KEY(pkey,key);
+	if (ret)
+		EC_KEY_up_ref(key);
+	return ret;
 }
 
-ECDSA *EVP_PKEY_get1_ECDSA(EVP_PKEY *pkey)
+EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
 {
-	if (pkey->type != EVP_PKEY_ECDSA)
+	if (pkey->type != EVP_PKEY_EC)
 	{
-		EVPerr(EVP_F_EVP_PKEY_GET1_ECDSA, EVP_R_EXPECTING_A_ECDSA_KEY);
+		EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
 		return NULL;
 	}
-	CRYPTO_add(&pkey->pkey.ecdsa->references, 1, CRYPTO_LOCK_ECDSA);
-	return pkey->pkey.ecdsa;
+	EC_KEY_up_ref(pkey->pkey.ec);
+	return pkey->pkey.ec;
 }
 #endif
 
@@ -361,8 +438,8 @@ int EVP_PKEY_type(int type)
 		return(EVP_PKEY_DSA);
 	case EVP_PKEY_DH:
 		return(EVP_PKEY_DH);
-	case EVP_PKEY_ECDSA:
-		return(EVP_PKEY_ECDSA);
+	case EVP_PKEY_EC:
+		return(EVP_PKEY_EC);
 	default:
 		return(NID_undef);
 		}
@@ -387,6 +464,8 @@ void EVP_PKEY_free(EVP_PKEY *x)
 		}
 #endif
 	EVP_PKEY_free_it(x);
+	if (x->attributes)
+		sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
 	OPENSSL_free(x);
 	}
 
@@ -408,9 +487,9 @@ static void EVP_PKEY_free_it(EVP_PKEY *x)
 		DSA_free(x->pkey.dsa);
 		break;
 #endif
-#ifndef OPENSSL_NO_ECDSA
-	case EVP_PKEY_ECDSA:
-		ECDSA_free(x->pkey.ecdsa);
+#ifndef OPENSSL_NO_EC
+	case EVP_PKEY_EC:
+		EC_KEY_free(x->pkey.ec);
 		break;
 #endif
 #ifndef OPENSSL_NO_DH