diff options
author | Richard Levitte <levitte@openssl.org> | 2020-12-01 19:11:59 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-12-16 11:55:39 +0100 |
commit | c829c23b67308ad8e8ab677c78db1d5151106c3c (patch) | |
tree | a1b4b7aeb5cc3093db9df76e06e02ce18f1653ed /include/internal/ffc.h | |
parent | d33ab074ef9847b67d96961f85f4ad614395d2c2 (diff) |
EVP_PKEY & DH: Make DH EVP_PKEY_CTX parameter ctrls / setters more available
EVP_PKEY_CTX_set_dh_ functions were only available when DH was enabled
('no-dsa' not configured). However, that makes it impossible to use
these functions with an engine or a provider that happens to implement
DH. This change solves that problem by shuffling these functions to
more appropriate places.
By consequence, there are a number of places where we can remove the
check of OPENSSL_NO_DH. This requires some re-arrangements of
internal tables to translate between numeric identities and names.
Partially fixes #13550
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13589)
Diffstat (limited to 'include/internal/ffc.h')
-rw-r--r-- | include/internal/ffc.h | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/include/internal/ffc.h b/include/internal/ffc.h index 3e5d98f8e1..191f9369f1 100644 --- a/include/internal/ffc.h +++ b/include/internal/ffc.h @@ -188,10 +188,22 @@ int ossl_ffc_validate_private_key(const BIGNUM *upper, const BIGNUM *priv_key, int ossl_ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *tmpl, OSSL_PARAM params[]); int ossl_ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]); -int ossl_ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name); -int ossl_ffc_named_group_to_uid(const char *name); -const char *ossl_ffc_named_group_from_uid(int nid); -int ossl_ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name); + +typedef struct dh_named_group_st DH_NAMED_GROUP; +const DH_NAMED_GROUP *ossl_ffc_name_to_dh_named_group(const char *name); +const DH_NAMED_GROUP *ossl_ffc_uid_to_dh_named_group(int uid); +#ifndef OPENSSL_NO_DH +const DH_NAMED_GROUP *ossl_ffc_numbers_to_dh_named_group(const BIGNUM *p, + const BIGNUM *q, + const BIGNUM *g); +#endif +int ossl_ffc_named_group_get_uid(const DH_NAMED_GROUP *group); +const char *ossl_ffc_named_group_get_name(const DH_NAMED_GROUP *); +#ifndef OPENSSL_NO_DH +const BIGNUM *ossl_ffc_named_group_get_q(const DH_NAMED_GROUP *group); +int ossl_ffc_named_group_set_pqg(FFC_PARAMS *ffc, const DH_NAMED_GROUP *group); +#endif + const char *ossl_ffc_params_flags_to_name(int flags); int ossl_ffc_params_flags_from_name(const char *name); |