Fix X509_PUBKEY_cmp(), move to crypto/x509/x_pubkey.c, rename, export, and document it

Fixes #11870 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11894)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-05-21 10:37:22 +0200
committer: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-05-26 09:35:32 +0200
commit: 93f99b681ab5a1cf7062053323e09b0cad5ff854 (patch)
tree: fb5ead50ddbb6cb871c0240648d9036d2dfbf486 /crypto
parent: 7674e92324648b59786d86d8e9014bbaed4e6d07 (diff)
2 files changed, 22 insertions, 20 deletions
diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c
index 89eb2c3775..c20a6da0f2 100644
--- a/crypto/crmf/crmf_lib.c
+++ b/crypto/crmf/crmf_lib.c
@@ -461,25 +461,6 @@ int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey,
     return 0;
 }
 
-/* returns 0 for equal, -1 for a < b or error on a, 1 for a > b or error on b */
-static int X509_PUBKEY_cmp(X509_PUBKEY *a, X509_PUBKEY *b)
-{
-    X509_ALGOR *algA = NULL, *algB = NULL;
-    int res = 0;
-
-    if (a == b)
-        return 0;
-    if (a == NULL || !X509_PUBKEY_get0_param(NULL, NULL, NULL, &algA, a)
-            || algA == NULL)
-        return -1;
-    if (b == NULL || !X509_PUBKEY_get0_param(NULL, NULL, NULL, &algB, b)
-            || algB == NULL)
-        return 1;
-    if ((res = X509_ALGOR_cmp(algA, algB)) != 0)
-        return res;
-    return EVP_PKEY_cmp(X509_PUBKEY_get0(a), X509_PUBKEY_get0(b));
-}
-
 /* verifies the Proof-of-Possession of the request with the given rid in reqs */
 int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
                                int rid, int acceptRAVerified)
@@ -522,7 +503,7 @@ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
                 CRMFerr(0, CRMF_R_POPO_MISSING_PUBLIC_KEY);
                 return 0;
             }
-            if (X509_PUBKEY_cmp(pubkey, sig->poposkInput->publicKey) != 0) {
+            if (X509_PUBKEY_eq(pubkey, sig->poposkInput->publicKey) != 1) {
                 CRMFerr(0, CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY);
                 return 0;
             }
diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c
index c240a5f567..14893adb2f 100644
--- a/crypto/x509/x_pubkey.c
+++ b/crypto/x509/x_pubkey.c
@@ -472,3 +472,24 @@ ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
         return NULL;
     return x->cert_info.key->public_key;
 }
+
+/* Returns 1 for equal, 0, for non-equal, < 0 on error */
+int X509_PUBKEY_eq(const X509_PUBKEY *a, const X509_PUBKEY *b)
+{
+    X509_ALGOR *algA, *algB;
+    EVP_PKEY *pA, *pB;
+
+    if (a == b)
+        return 1;
+    if (a == NULL || b == NULL)
+        return 0;
+    if (!X509_PUBKEY_get0_param(NULL, NULL, NULL, &algA, a) || algA == NULL
+        || !X509_PUBKEY_get0_param(NULL, NULL, NULL, &algB, b) || algB == NULL)
+        return -2;
+    if (X509_ALGOR_cmp(algA, algB) != 0)
+        return 0;
+    if ((pA = X509_PUBKEY_get0(a)) == NULL
+        || (pB = X509_PUBKEY_get0(b)) == NULL)
+        return -2;
+    return EVP_PKEY_cmp(pA, pB);
+}
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-05-21 10:37:22 +0200
committer	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-05-26 09:35:32 +0200
commit	93f99b681ab5a1cf7062053323e09b0cad5ff854 (patch)
tree	fb5ead50ddbb6cb871c0240648d9036d2dfbf486 /crypto
parent	7674e92324648b59786d86d8e9014bbaed4e6d07 (diff)