EVP: Implement EVP_PKEY_CTX_is_a()

This does what was previously done by looking at pctx->pmeth->pkey_id,
but handles both legacy and provider side contexts, and is supposed to
become a replacement for the old way.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13913)

5 files changed, 19 insertions, 2 deletions

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index a933752071..73f44c46cb 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -649,6 +649,15 @@ const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx)
 }
 #endif
 
+int EVP_PKEY_CTX_is_a(EVP_PKEY_CTX *ctx, const char *keytype)
+{
+#ifndef FIPS_MODULE
+    if (evp_pkey_ctx_is_legacy(ctx))
+        return (ctx->pmeth->pkey_id == evp_pkey_name2type(keytype));
+#endif
+    return EVP_KEYMGMT_is_a(ctx->keymgmt, keytype);
+}
+
 int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
 {
     if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
diff --git a/doc/man3/EVP_PKEY_CTX_new.pod b/doc/man3/EVP_PKEY_CTX_new.pod
index 3342386d94..cb203dbd71 100644
--- a/doc/man3/EVP_PKEY_CTX_new.pod
+++ b/doc/man3/EVP_PKEY_CTX_new.pod
@@ -3,7 +3,8 @@
 =head1 NAME
 
 EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_new_from_name,
-EVP_PKEY_CTX_new_from_pkey, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free
+EVP_PKEY_CTX_new_from_pkey, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free,
+EVP_PKEY_CTX_is_a
 - public key algorithm context functions
 
 =head1 SYNOPSIS
@@ -20,6 +21,7 @@ EVP_PKEY_CTX_new_from_pkey, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free
                                           const char *propquery);
  EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
  void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_CTX_is_a(EVP_PKEY_CTX *ctx, const char *keytype);
 
 =head1 DESCRIPTION
 
@@ -53,6 +55,8 @@ keygen operation.
 EVP_PKEY_CTX_free() frees up the context I<ctx>.
 If I<ctx> is NULL, nothing is done.
 
+EVP_PKEY_is_a() checks if the key type associated with I<ctx> is I<keytype>.
+
 =head1 NOTES
 
 =head2 On B<EVP_PKEY_CTX>
@@ -102,6 +106,8 @@ the newly allocated B<EVP_PKEY_CTX> structure or B<NULL> if an error occurred.
 
 EVP_PKEY_CTX_free() does not return a value.
 
+EVP_PKEY_CTX_is_a() returns 1 for true and 0 for false.
+
 =head1 SEE ALSO
 
 L<EVP_PKEY_new(3)>
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 7f28edd6c2..cc74f11548 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -23,7 +23,7 @@
 #define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX   0x0400
 
 /*
- * An EVP_PKEY can have the following support states:
+ * An EVP_PKEY_CTX can have the following support states:
  *
  * Supports legacy implementations only:
  *
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index bdce18c5ee..1bf244322e 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1649,6 +1649,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx,
                                          EVP_PKEY *pkey, const char *propquery);
 EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
 void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_CTX_is_a(EVP_PKEY_CTX *ctx, const char *keytype);
 
 int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
 const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(EVP_PKEY_CTX *ctx);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index b602ee4978..a16b6e17eb 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5300,3 +5300,4 @@ EVP_PKEY_fromdata_init                  ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_fromdata_settable              ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_param_check_quick              ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_public_check_quick             ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_CTX_is_a                       ?	3_0_0	EXIST::FUNCTION: