diff options
| author | Bodo Möller <bodo@openssl.org> | 2002-08-12 08:47:41 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2002-08-12 08:47:41 +0000 |
| commit | 5488bb6197b9af7a4670fb88936f0b53a9af0d2f (patch) | |
| tree | 2ce305909c9ce5d5b2ecd52dd6757138586106b6 /ssl | |
| parent | 8e28c6715579d2ca7529de7aff257fa03a28bf93 (diff) | |
get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)
Submitted by: Nils Larsch
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/s3_both.c | 7 | ||||
| -rw-r--r-- | ssl/s3_clnt.c | 6 | ||||
| -rw-r--r-- | ssl/s3_srvr.c | 6 |
3 files changed, 8 insertions, 11 deletions
diff --git a/ssl/s3_both.c b/ssl/s3_both.c index a5588360e5..2e03a70fc7 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -526,10 +526,7 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey) } } #ifndef OPENSSL_NO_EC - /* XXX: Structurally, there is no distinction between - * ECDSA and ECDH public keys (both are ECPoints). - * So EVP_PKEY_ECDSA should really be renamed EVP_PKEY_ECC - * (or similar). As for ECC certificates, additional + /* As for ECC certificates, additional * information (e.g. in the optional key usage X509v3 * extension) could be used when available to distinguish * between ECDH and ECDSA certificates. For now, we do not @@ -537,7 +534,7 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey) * of checking for appropriate key usage to the SSL code * responsible for sending/processing ECC certificates. */ - else if (i == EVP_PKEY_ECDSA) + else if (i == EVP_PKEY_EC) { ret = SSL_PKEY_ECC; } diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 74e1e529f8..cb93c5a1ae 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1349,7 +1349,7 @@ static int ssl3_get_key_exchange(SSL *s) else #endif #ifndef OPENSSL_NO_ECDSA - if (pkey->type == EVP_PKEY_ECDSA) + if (pkey->type == EVP_PKEY_EC) { /* let's do ECDSA */ EVP_VerifyInit_ex(&md_ctx,EVP_ecdsa(), NULL); @@ -1907,7 +1907,7 @@ static int ssl3_send_client_key_exchange(SSL *s) srvr_pub_pkey = X509_get_pubkey(s->session-> \ sess_cert->peer_pkeys[SSL_PKEY_ECC].x509); if ((srvr_pub_pkey == NULL) || - (srvr_pub_pkey->type != EVP_PKEY_ECDSA) || + (srvr_pub_pkey->type != EVP_PKEY_EC) || (srvr_pub_pkey->pkey.eckey == NULL)) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, @@ -2118,7 +2118,7 @@ static int ssl3_send_client_verify(SSL *s) else #endif #ifndef OPENSSL_NO_ECDSA - if (pkey->type == EVP_PKEY_ECDSA) + if (pkey->type == EVP_PKEY_EC) { if (!ECDSA_sign(pkey->save_type, &(data[MD5_DIGEST_LENGTH]), diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index d26790a017..4b374a9cd6 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1446,7 +1446,7 @@ static int ssl3_send_server_key_exchange(SSL *s) else #endif #if !defined(OPENSSL_NO_ECDSA) - if (pkey->type == EVP_PKEY_ECDSA) + if (pkey->type == EVP_PKEY_EC) { /* let's do ECDSA */ EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL); @@ -2001,7 +2001,7 @@ static int ssl3_get_client_key_exchange(SSL *s) } if (((clnt_pub_pkey=X509_get_pubkey(s->session->peer)) == NULL) || - (clnt_pub_pkey->type != EVP_PKEY_ECDSA)) + (clnt_pub_pkey->type != EVP_PKEY_EC)) { /* XXX: For now, we do not support client * authentication using ECDH certificates @@ -2228,7 +2228,7 @@ static int ssl3_get_cert_verify(SSL *s) else #endif #ifndef OPENSSL_NO_ECDSA - if (pkey->type == EVP_PKEY_ECDSA) + if (pkey->type == EVP_PKEY_EC) { j=ECDSA_verify(pkey->save_type, &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]), |