diff options
author | Richard Levitte <levitte@openssl.org> | 2020-10-02 14:21:51 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-10-04 13:01:47 +0200 |
commit | 70c06aafa691a77861bd3d3aaf93afa2a55e04ce (patch) | |
tree | 2ccf9e7a520951f69585d9afaa1d82fe4bc4f7a5 /crypto/encode_decode/decoder_pkey.c | |
parent | ecadfdadde491572b0bdf3c5a95e7a6a004585c6 (diff) |
DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY()
There is some data that is very difficult to guess. For example, DSA
parameters and X9.42 DH parameters look exactly the same, a SEQUENCE
of 3 INTEGER. Therefore, callers may need the possibility to select
the exact keytype that they expect to get.
This will also allow use to translate d2i_TYPEPrivateKey(),
d2i_TYPEPublicKey() and d2i_TYPEParams() into OSSL_DECODER terms much
more smoothly.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13061)
Diffstat (limited to 'crypto/encode_decode/decoder_pkey.c')
-rw-r--r-- | crypto/encode_decode/decoder_pkey.c | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c index 2e07d0d7cc..75c491f4ac 100644 --- a/crypto/encode_decode/decoder_pkey.c +++ b/crypto/encode_decode/decoder_pkey.c @@ -188,6 +188,7 @@ static void decoder_clean_EVP_PKEY_construct_arg(void *construct_data) struct collected_data_st { struct decoder_EVP_PKEY_data_st *process_data; + const char *keytype; STACK_OF(OPENSSL_CSTRING) *names; OSSL_DECODER_CTX *ctx; @@ -198,6 +199,8 @@ static void collect_keymgmt(EVP_KEYMGMT *keymgmt, void *arg) { struct collected_data_st *data = arg; + if (data->keytype != NULL && !EVP_KEYMGMT_is_a(keymgmt, data->keytype)) + return; if (data->error_occured) return; @@ -253,7 +256,7 @@ static void collect_decoder(OSSL_DECODER *decoder, void *arg) } int ossl_decoder_ctx_setup_for_EVP_PKEY(OSSL_DECODER_CTX *ctx, - EVP_PKEY **pkey, + EVP_PKEY **pkey, const char *keytype, OPENSSL_CTX *libctx, const char *propquery) { @@ -264,14 +267,14 @@ int ossl_decoder_ctx_setup_for_EVP_PKEY(OSSL_DECODER_CTX *ctx, if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL || (data->process_data = OPENSSL_zalloc(sizeof(*data->process_data))) == NULL - || (data->process_data->keymgmts - = sk_EVP_KEYMGMT_new_null()) == NULL + || (data->process_data->keymgmts = sk_EVP_KEYMGMT_new_null()) == NULL || (data->names = sk_OPENSSL_CSTRING_new_null()) == NULL) { ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE); goto err; } data->process_data->object = (void **)pkey; data->ctx = ctx; + data->keytype = keytype; /* First, find all keymgmts to form goals */ EVP_KEYMGMT_do_all_provided(libctx, collect_keymgmt, data); @@ -320,10 +323,10 @@ int ossl_decoder_ctx_setup_for_EVP_PKEY(OSSL_DECODER_CTX *ctx, return ok; } -OSSL_DECODER_CTX *OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, - const char *input_type, - OPENSSL_CTX *libctx, - const char *propquery) +OSSL_DECODER_CTX * +OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, + const char *input_type, const char *keytype, + OPENSSL_CTX *libctx, const char *propquery) { OSSL_DECODER_CTX *ctx = NULL; @@ -332,7 +335,8 @@ OSSL_DECODER_CTX *OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, return NULL; } if (OSSL_DECODER_CTX_set_input_type(ctx, input_type) - && ossl_decoder_ctx_setup_for_EVP_PKEY(ctx, pkey, libctx, propquery) + && ossl_decoder_ctx_setup_for_EVP_PKEY(ctx, pkey, keytype, + libctx, propquery) && OSSL_DECODER_CTX_add_extra(ctx, libctx, propquery)) return ctx; |