diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-10-15 13:41:59 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-01-26 15:22:14 +0100 |
commit | 5b5eea4b60b682009d2b15587c9ceeae5e9c73f8 (patch) | |
tree | 4a3261cb27a582770270a07b40ecf05ecb71c89a /ssl/t1_lib.c | |
parent | 98dbf2c1c8143c0cc6dd05be7950d90bc6792064 (diff) |
Deprecate EC_KEY + Update ec apps to use EVP_PKEY
Co-author: Richard Levitte <levitte@openssl.org>
Co-author: Tomas Mraz <tmraz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13139)
Diffstat (limited to 'ssl/t1_lib.c')
-rw-r--r-- | ssl/t1_lib.c | 35 |
1 files changed, 21 insertions, 14 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 60c17dd809..799ff357f8 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -818,32 +818,39 @@ void tls1_get_formatlist(SSL *s, const unsigned char **pformats, /* Check a key is compatible with compression extension */ static int tls1_check_pkey_comp(SSL *s, EVP_PKEY *pkey) { - const EC_KEY *ec; - const EC_GROUP *grp; unsigned char comp_id; size_t i; + char name[80]; + size_t name_len; + /* If not an EC key nothing to check */ if (!EVP_PKEY_is_a(pkey, "EC")) return 1; - ec = EVP_PKEY_get0_EC_KEY(pkey); - grp = EC_KEY_get0_group(ec); + + if (!EVP_PKEY_get_utf8_string_param(pkey, + OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, + name, sizeof(name), &name_len)) + return 0; /* Get required compression id */ - if (EC_KEY_get_conv_form(ec) == POINT_CONVERSION_UNCOMPRESSED) { - comp_id = TLSEXT_ECPOINTFORMAT_uncompressed; + if (strcasecmp(name, "uncompressed") == 0) { + comp_id = TLSEXT_ECPOINTFORMAT_uncompressed; } else if (SSL_IS_TLS13(s)) { - /* - * ec_point_formats extension is not used in TLSv1.3 so we ignore - * this check. - */ - return 1; + /* + * ec_point_formats extension is not used in TLSv1.3 so we ignore + * this check. + */ + return 1; } else { - int field_type = EC_GROUP_get_field_type(grp); + if (!EVP_PKEY_get_utf8_string_param(pkey, + OSSL_PKEY_PARAM_EC_FIELD_TYPE, + name, sizeof(name), &name_len)) + return 0; - if (field_type == NID_X9_62_prime_field) + if (strcasecmp(name, SN_X9_62_prime_field) == 0) comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; - else if (field_type == NID_X9_62_characteristic_two_field) + else if (strcasecmp(name, SN_X9_62_characteristic_two_field) == 0) comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; else return 0; |