diff options
| author | Tomas Mraz <tomas@openssl.org> | 2021-04-13 17:31:08 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2021-04-19 11:36:16 +0200 |
| commit | b247113c053903ebb61a54ba5324847ba883ed70 (patch) | |
| tree | d01dfc99a0b4f52ba94b186ff1e476f1b1916e2f /include/crypto | |
| parent | 5ae52001e115452ca285713feb1c2feaf07902ad (diff) | |
Detect low-level engine and app method based keys
The low-level engine and app method based keys have to be treated
as foreign and must be used with old legacy pmeths.
Fixes #14632
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14859)
Diffstat (limited to 'include/crypto')
| -rw-r--r-- | include/crypto/dh.h | 1 | ||||
| -rw-r--r-- | include/crypto/dsa.h | 1 | ||||
| -rw-r--r-- | include/crypto/ec.h | 1 | ||||
| -rw-r--r-- | include/crypto/evp.h | 3 | ||||
| -rw-r--r-- | include/crypto/rsa.h | 1 |
5 files changed, 6 insertions, 1 deletions
diff --git a/include/crypto/dh.h b/include/crypto/dh.h index 291e008c9c..ff7c65a468 100644 --- a/include/crypto/dh.h +++ b/include/crypto/dh.h @@ -56,6 +56,7 @@ int ossl_dh_kdf_X9_42_asn1(unsigned char *out, size_t outlen, const unsigned char *ukm, size_t ukmlen, const EVP_MD *md, OSSL_LIB_CTX *libctx, const char *propq); +int ossl_dh_is_foreign(const DH *dh); DH *ossl_dh_dup(const DH *dh, int selection); #endif /* OSSL_CRYPTO_DH_H */ diff --git a/include/crypto/dsa.h b/include/crypto/dsa.h index ed0c887b83..dad056bb28 100644 --- a/include/crypto/dsa.h +++ b/include/crypto/dsa.h @@ -43,6 +43,7 @@ int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret); int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret); int ossl_dsa_check_pairwise(const DSA *dsa); +int ossl_dsa_is_foreign(const DSA *dsa); DSA *ossl_dsa_dup(const DSA *dsa, int selection); #endif diff --git a/include/crypto/ec.h b/include/crypto/ec.h index 80b5ce0735..9743dcc3a7 100644 --- a/include/crypto/ec.h +++ b/include/crypto/ec.h @@ -79,6 +79,7 @@ int ossl_ec_group_set_params(EC_GROUP *group, const OSSL_PARAM params[]); int ossl_ec_key_fromdata(EC_KEY *ecx, const OSSL_PARAM params[], int include_private); int ossl_ec_key_otherparams_fromdata(EC_KEY *ec, const OSSL_PARAM params[]); +int ossl_ec_key_is_foreign(const EC_KEY *ec); EC_KEY *ossl_ec_key_dup(const EC_KEY *key, int selection); EC_KEY *ossl_ec_key_param_from_x509_algor(const X509_ALGOR *palg, OSSL_LIB_CTX *libctx, diff --git a/include/crypto/evp.h b/include/crypto/evp.h index 0cd0434774..99e884ecfb 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -663,9 +663,10 @@ struct evp_pkey_st { /* == Common attributes == */ CRYPTO_REF_COUNT references; CRYPTO_RWLOCK *lock; +#ifndef FIPS_MODULE STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ int save_parameters; -#ifndef FIPS_MODULE + int foreign:1; /* the low-level key is using an engine or an app-method */ CRYPTO_EX_DATA ex_data; #endif diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h index f252363465..cc67e1f709 100644 --- a/include/crypto/rsa.h +++ b/include/crypto/rsa.h @@ -63,6 +63,7 @@ int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, STACK_OF(BIGNUM_const) *exps, STACK_OF(BIGNUM_const) *coeffs); +int ossl_rsa_is_foreign(const RSA *rsa); RSA *ossl_rsa_dup(const RSA *rsa, int selection); int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); |