diff options
author | Paul Yang <yang.yang@baishancloud.com> | 2017-09-04 22:02:59 +0800 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2017-09-13 20:38:14 +0200 |
commit | 2aee35d37d5161a2efc4d57953a4a7b234b6ea4c (patch) | |
tree | 396369a86192ce41ecda126ad46fb0bbc8eae593 /crypto/evp/pmeth_gn.c | |
parent | c061daaaed5ef05cd8cf0b8159d717be02fd451d (diff) |
Support key check in EVP interface
A new method is added to EVP_PKEY_METH as:
int (*check) (EVP_PKEY_CTX *ctx);
and to EVP_PKEY_ASN1_METHOD as:
int (*pkey_check) (EVP_PKEY_CTX *ctx);
This is used to check the validity of a specific key.
The order of calls is:
EVP_PKEY_check -> pmeth.check -> ameth.pkey_check.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4337)
Diffstat (limited to 'crypto/evp/pmeth_gn.c')
-rw-r--r-- | crypto/evp/pmeth_gn.c | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c index 6adc3a9c19..1a927a8320 100644 --- a/crypto/evp/pmeth_gn.c +++ b/crypto/evp/pmeth_gn.c @@ -13,6 +13,7 @@ #include <openssl/objects.h> #include <openssl/evp.h> #include "internal/bn_int.h" +#include "internal/asn1_int.h" #include "internal/evp_int.h" int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx) @@ -167,3 +168,26 @@ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, EVP_PKEY_CTX_free(mac_ctx); return mac_key; } + +int EVP_PKEY_check(EVP_PKEY_CTX *ctx) +{ + EVP_PKEY *pkey = ctx->pkey; + + if (pkey == NULL) { + EVPerr(EVP_F_EVP_PKEY_CHECK, EVP_R_NO_KEY_SET); + return 0; + } + + /* call customized check function first */ + if (ctx->pmeth->check != NULL) + return ctx->pmeth->check(pkey); + + /* use default check function in ameth */ + if (pkey->ameth == NULL || pkey->ameth->pkey_check == NULL) { + EVPerr(EVP_F_EVP_PKEY_CHECK, + EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + return -2; + } + + return pkey->ameth->pkey_check(pkey); +} |