From 5488bb6197b9af7a4670fb88936f0b53a9af0d2f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bodo=20M=C3=B6ller?= <bodo@openssl.org>
Date: Mon, 12 Aug 2002 08:47:41 +0000
Subject: get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)

Submitted by: Nils Larsch
---
 ssl/s3_both.c | 7 ++-----
 ssl/s3_clnt.c | 6 +++---
 ssl/s3_srvr.c | 6 +++---
 3 files changed, 8 insertions(+), 11 deletions(-)

(limited to 'ssl')

diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index a5588360e5..2e03a70fc7 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -526,10 +526,7 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
 			}
 		}
 #ifndef OPENSSL_NO_EC
-	/* XXX: Structurally, there is no distinction between 
-	 * ECDSA and ECDH public keys (both are ECPoints).
-	 * So EVP_PKEY_ECDSA should really be renamed EVP_PKEY_ECC
-	 * (or similar). As for ECC certificates, additional
+	/* As for ECC certificates, additional
 	 * information (e.g. in the optional key usage X509v3 
 	 * extension) could be used when available to distinguish
 	 * between ECDH and ECDSA certificates. For now, we do not
@@ -537,7 +534,7 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
 	 * of checking for appropriate key usage to the SSL code
 	 * responsible for sending/processing ECC certificates.
 	 */
-	else if (i == EVP_PKEY_ECDSA)
+	else if (i == EVP_PKEY_EC)
 		{
 		ret = SSL_PKEY_ECC;
 		}
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 74e1e529f8..cb93c5a1ae 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1349,7 +1349,7 @@ static int ssl3_get_key_exchange(SSL *s)
 		else
 #endif
 #ifndef OPENSSL_NO_ECDSA
-			if (pkey->type == EVP_PKEY_ECDSA)
+			if (pkey->type == EVP_PKEY_EC)
 			{
 			/* let's do ECDSA */
 			EVP_VerifyInit_ex(&md_ctx,EVP_ecdsa(), NULL);
@@ -1907,7 +1907,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
 				srvr_pub_pkey = X509_get_pubkey(s->session-> \
 				    sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
 				if ((srvr_pub_pkey == NULL) ||
-				    (srvr_pub_pkey->type != EVP_PKEY_ECDSA) ||
+				    (srvr_pub_pkey->type != EVP_PKEY_EC) ||
 				    (srvr_pub_pkey->pkey.eckey == NULL))
 					{
 					SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
@@ -2118,7 +2118,7 @@ static int ssl3_send_client_verify(SSL *s)
 		else
 #endif
 #ifndef OPENSSL_NO_ECDSA
-			if (pkey->type == EVP_PKEY_ECDSA)
+			if (pkey->type == EVP_PKEY_EC)
 			{
 			if (!ECDSA_sign(pkey->save_type,
 				&(data[MD5_DIGEST_LENGTH]),
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index d26790a017..4b374a9cd6 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1446,7 +1446,7 @@ static int ssl3_send_server_key_exchange(SSL *s)
 			else
 #endif
 #if !defined(OPENSSL_NO_ECDSA)
-				if (pkey->type == EVP_PKEY_ECDSA)
+				if (pkey->type == EVP_PKEY_EC)
 				{
 				/* let's do ECDSA */
 				EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
@@ -2001,7 +2001,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
 				 }
                         if (((clnt_pub_pkey=X509_get_pubkey(s->session->peer))
 			    == NULL) || 
-			    (clnt_pub_pkey->type != EVP_PKEY_ECDSA))
+			    (clnt_pub_pkey->type != EVP_PKEY_EC))
                         	{
 				/* XXX: For now, we do not support client
 				 * authentication using ECDH certificates
@@ -2228,7 +2228,7 @@ static int ssl3_get_cert_verify(SSL *s)
 	else
 #endif
 #ifndef OPENSSL_NO_ECDSA
-		if (pkey->type == EVP_PKEY_ECDSA)
+		if (pkey->type == EVP_PKEY_EC)
 		{
 		j=ECDSA_verify(pkey->save_type,
 			&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
-- 
cgit v1.2.3