Deprecate EC_KEY + Update ec apps to use EVP_PKEY

Co-author: Richard Levitte <levitte@openssl.org> Co-author: Tomas Mraz <tmraz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13139)
author: Shane Lontis <shane.lontis@oracle.com> 2020-10-15 13:41:59 +1000
committer: Tomas Mraz <tomas@openssl.org> 2021-01-26 15:22:14 +0100
commit: 5b5eea4b60b682009d2b15587c9ceeae5e9c73f8 (patch)
tree: 4a3261cb27a582770270a07b40ecf05ecb71c89a /crypto/evp
parent: 98dbf2c1c8143c0cc6dd05be7950d90bc6792064 (diff)
3 files changed, 40 insertions, 33 deletions
diff --git a/crypto/evp/ec_ctrl.c b/crypto/evp/ec_ctrl.c
index 541d8549d4..5bb078639c 100644
--- a/crypto/evp/ec_ctrl.c
+++ b/crypto/evp/ec_ctrl.c
@@ -7,6 +7,8 @@
  * https://www.openssl.org/source/license.html
  */
 
+#include "internal/deprecated.h"
+
 #include <string.h>
 
 #include <openssl/core_names.h>
@@ -466,7 +468,7 @@ int evp_pkey_ctx_set_ec_param_enc_prov(EVP_PKEY_CTX *ctx, int param_enc)
 
     *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_EC_ENCODING,
                                             (char *)enc, 0);
-    *p++ = OSSL_PARAM_construct_end();
+    *p = OSSL_PARAM_construct_end();
 
     ret = evp_pkey_ctx_set_params_strict(ctx, params);
  end:
diff --git a/crypto/evp/p_legacy.c b/crypto/evp/p_legacy.c
index cad4d67d73..a4e478c223 100644
--- a/crypto/evp/p_legacy.c
+++ b/crypto/evp/p_legacy.c
@@ -17,6 +17,7 @@
 #include <openssl/evp.h>
 #include <openssl/err.h>
 #include <openssl/rsa.h>
+#include <openssl/ec.h>
 #include "crypto/types.h"
 #include "crypto/evp.h"
 #include "evp_local.h"
@@ -24,6 +25,7 @@
 int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
 {
     int ret = EVP_PKEY_assign_RSA(pkey, key);
+
     if (ret)
         RSA_up_ref(key);
     return ret;
@@ -45,7 +47,41 @@ RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey)
 RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
 {
     RSA *ret = EVP_PKEY_get0_RSA(pkey);
+
     if (ret != NULL)
         RSA_up_ref(ret);
     return ret;
 }
+
+#ifndef OPENSSL_NO_EC
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
+{
+    int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
+
+    if (ret)
+        EC_KEY_up_ref(key);
+    return ret;
+}
+
+EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey)
+{
+    if (!evp_pkey_downgrade((EVP_PKEY *)pkey)) {
+        ERR_raise(ERR_LIB_EVP, EVP_R_INACCESSIBLE_KEY);
+        return NULL;
+    }
+    if (EVP_PKEY_base_id(pkey) != EVP_PKEY_EC) {
+        EVPerr(EVP_F_EVP_PKEY_GET0_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
+        return NULL;
+    }
+    return pkey->pkey.ec;
+}
+
+EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
+{
+    EC_KEY *ret = EVP_PKEY_get0_EC_KEY(pkey);
+
+    if (ret != NULL)
+        EC_KEY_up_ref(ret);
+    return ret;
+}
+#endif /* OPENSSL_NO_EC */
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index f43f5488d0..6fdc186507 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -43,7 +43,6 @@
 
 #include "crypto/ec.h"
 
-/* TODO remove this when the EVP_PKEY_is_a() #legacy support hack is removed */
 #include "e_os.h"                /* strcasecmp on Windows */
 
 static int pkey_set_type(EVP_PKEY *pkey, ENGINE *e, int type, const char *str,
@@ -115,8 +114,7 @@ void *EVP_PKEY_get_ex_data(const EVP_PKEY *key, int idx)
 int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
 {
     /*
-     * TODO: clean up legacy stuff from this function when legacy support
-     * is gone.
+     * Clean up legacy stuff from this function when legacy support is gone.
      */
 
     /*
@@ -814,35 +812,6 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
 
 #ifndef FIPS_MODULE
 # ifndef OPENSSL_NO_EC
-int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
-{
-    int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
-    if (ret)
-        EC_KEY_up_ref(key);
-    return ret;
-}
-
-EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey)
-{
-    if (!evp_pkey_downgrade((EVP_PKEY *)pkey)) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_INACCESSIBLE_KEY);
-        return NULL;
-    }
-    if (EVP_PKEY_base_id(pkey) != EVP_PKEY_EC) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_A_EC_KEY);
-        return NULL;
-    }
-    return pkey->pkey.ec;
-}
-
-EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
-{
-    EC_KEY *ret = EVP_PKEY_get0_EC_KEY(pkey);
-    if (ret != NULL)
-        EC_KEY_up_ref(ret);
-    return ret;
-}
-
 static ECX_KEY *evp_pkey_get0_ECX_KEY(const EVP_PKEY *pkey, int type)
 {
     if (!evp_pkey_downgrade((EVP_PKEY *)pkey)) {
author	Shane Lontis <shane.lontis@oracle.com>	2020-10-15 13:41:59 +1000
committer	Tomas Mraz <tomas@openssl.org>	2021-01-26 15:22:14 +0100
commit	5b5eea4b60b682009d2b15587c9ceeae5e9c73f8 (patch)
tree	4a3261cb27a582770270a07b40ecf05ecb71c89a /crypto/evp
parent	98dbf2c1c8143c0cc6dd05be7950d90bc6792064 (diff)