Skip to content

Commit

Permalink
make EVP_PKEY opaque
Browse files Browse the repository at this point in the history
Reviewed-by: Richard Levitte <[email protected]>
  • Loading branch information
snhenson committed Jan 20, 2016
1 parent a8eda43 commit 3aeb934
Show file tree
Hide file tree
Showing 39 changed files with 121 additions and 108 deletions.
2 changes: 1 addition & 1 deletion apps/req.c
Original file line number Diff line number Diff line change
Expand Up @@ -811,7 +811,7 @@ int req_main(int argc, char **argv)
fprintf(stdout, "Modulus=");
#ifndef OPENSSL_NO_RSA
if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA)
BN_print(out, tpubkey->pkey.rsa->n);
BN_print(out, EVP_PKEY_get0_RSA(tpubkey)->n);
else
#endif
fprintf(stdout, "Wrong Algorithm type");
Expand Down
8 changes: 4 additions & 4 deletions apps/x509.c
Original file line number Diff line number Diff line change
Expand Up @@ -731,13 +731,13 @@ int x509_main(int argc, char **argv)
}
BIO_printf(out, "Modulus=");
#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA)
BN_print(out, pkey->pkey.rsa->n);
if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA)
BN_print(out, EVP_PKEY_get0_RSA(pkey)->n);
else
#endif
#ifndef OPENSSL_NO_DSA
if (pkey->type == EVP_PKEY_DSA)
BN_print(out, pkey->pkey.dsa->pub_key);
if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA)
BN_print(out, EVP_PKEY_get0_DSA(pkey)->pub_key);
else
#endif
BIO_printf(out, "Wrong Algorithm type");
Expand Down
1 change: 1 addition & 0 deletions crypto/asn1/a_verify.c
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@
#include <openssl/buffer.h>
#include <openssl/evp.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

#ifndef NO_ASN1_OLD

Expand Down
1 change: 1 addition & 0 deletions crypto/asn1/ameth_lib.c
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,7 @@
# include <openssl/engine.h>
#endif
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

/* Keep this sorted in type order !! */
static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
Expand Down
1 change: 1 addition & 0 deletions crypto/asn1/d2i_pr.c
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
Expand Down
13 changes: 5 additions & 8 deletions crypto/asn1/d2i_pu.c
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,8 @@
# include <openssl/ec.h>
#endif

#include "internal/evp_int.h"

EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
{
Expand All @@ -93,10 +95,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
switch (EVP_PKEY_id(ret)) {
#ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
/* TMP UGLY CAST */
if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL,
(const unsigned char **)pp,
length)) == NULL) {
if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) {
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
goto err;
}
Expand All @@ -105,17 +104,15 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
#ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:
/* TMP UGLY CAST */
if (!d2i_DSAPublicKey(&(ret->pkey.dsa),
(const unsigned char **)pp, length)) {
if (!d2i_DSAPublicKey(&ret->pkey.dsa, pp, length)) {
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
goto err;
}
break;
#endif
#ifndef OPENSSL_NO_EC
case EVP_PKEY_EC:
if (!o2i_ECPublicKey(&(ret->pkey.ec),
(const unsigned char **)pp, length)) {
if (!o2i_ECPublicKey(&ret->pkey.ec, pp, length)) {
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
goto err;
}
Expand Down
1 change: 1 addition & 0 deletions crypto/asn1/i2d_pr.c
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@
#include <openssl/evp.h>
#include <openssl/x509.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
{
Expand Down
10 changes: 5 additions & 5 deletions crypto/asn1/i2d_pu.c
Original file line number Diff line number Diff line change
Expand Up @@ -73,21 +73,21 @@

int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
{
switch (a->type) {
switch (EVP_PKEY_id(a)) {
#ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
return (i2d_RSAPublicKey(a->pkey.rsa, pp));
return i2d_RSAPublicKey(EVP_PKEY_get0_RSA(a), pp);
#endif
#ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:
return (i2d_DSAPublicKey(a->pkey.dsa, pp));
return i2d_DSAPublicKey(EVP_PKEY_get0_DSA(a), pp);
#endif
#ifndef OPENSSL_NO_EC
case EVP_PKEY_EC:
return (i2o_ECPublicKey(a->pkey.ec, pp));
return i2o_ECPublicKey(EVP_PKEY_get0_EC_KEY(a), pp);
#endif
default:
ASN1err(ASN1_F_I2D_PUBLICKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
return (-1);
return -1;
}
}
1 change: 1 addition & 0 deletions crypto/asn1/x_pubkey.c
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
#endif
Expand Down
2 changes: 1 addition & 1 deletion crypto/cmac/cm_ameth.c
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ static int cmac_size(const EVP_PKEY *pkey)

static void cmac_key_free(EVP_PKEY *pkey)
{
CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr;
CMAC_CTX *cmctx = EVP_PKEY_get0(pkey);
CMAC_CTX_free(cmctx);
}

Expand Down
1 change: 1 addition & 0 deletions crypto/cms/cms_env.c
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@
#include <openssl/aes.h>
#include "cms_lcl.h"
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

/* CMS EnvelopedData Utilities */

Expand Down
2 changes: 1 addition & 1 deletion crypto/cms/cms_kari.c
Original file line number Diff line number Diff line change
Expand Up @@ -367,7 +367,7 @@ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
if (!cms_kari_create_ephemeral_key(kari, pk))
return 0;

CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
EVP_PKEY_up_ref(pk);
rek->pkey = pk;
return 1;
}
Expand Down
1 change: 1 addition & 0 deletions crypto/cms/cms_sd.c
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@
#include <openssl/cms.h>
#include "cms_lcl.h"
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

/* CMS SignedData Utilities */

Expand Down
1 change: 1 addition & 0 deletions crypto/dh/dh_ameth.c
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@
#include <openssl/dh.h>
#include <openssl/bn.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#ifndef OPENSSL_NO_CMS
# include <openssl/cms.h>
#endif
Expand Down
1 change: 1 addition & 0 deletions crypto/dsa/dsa_ameth.c
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,7 @@
# include <openssl/cms.h>
#endif
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
{
Expand Down
1 change: 1 addition & 0 deletions crypto/ec/ec_ameth.c
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,7 @@
#endif
#include <openssl/asn1t.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

#ifndef OPENSSL_NO_CMS
static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
Expand Down
1 change: 1 addition & 0 deletions crypto/evp/evp_pkey.c
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@
#include <openssl/x509.h>
#include <openssl/rand.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

/* Extract a private key from a PKCS8 structure */

Expand Down
5 changes: 3 additions & 2 deletions crypto/evp/p_dec.c
Original file line number Diff line number Diff line change
Expand Up @@ -72,15 +72,16 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
int ret = -1;

#ifndef OPENSSL_NO_RSA
if (priv->type != EVP_PKEY_RSA) {
if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) {
#endif
EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
#ifndef OPENSSL_NO_RSA
goto err;
}

ret =
RSA_private_decrypt(ekl, ek, key, priv->pkey.rsa, RSA_PKCS1_PADDING);
RSA_private_decrypt(ekl, ek, key, EVP_PKEY_get0_RSA(priv),
RSA_PKCS1_PADDING);
err:
#endif
return (ret);
Expand Down
4 changes: 2 additions & 2 deletions crypto/evp/p_enc.c
Original file line number Diff line number Diff line change
Expand Up @@ -72,14 +72,14 @@ int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key,
int ret = 0;

#ifndef OPENSSL_NO_RSA
if (pubk->type != EVP_PKEY_RSA) {
if (EVP_PKEY_id(pubk) != EVP_PKEY_RSA) {
#endif
EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
#ifndef OPENSSL_NO_RSA
goto err;
}
ret =
RSA_public_encrypt(key_len, key, ek, pubk->pkey.rsa,
RSA_public_encrypt(key_len, key, ek, EVP_PKEY_get0_RSA(pubk),
RSA_PKCS1_PADDING);
err:
#endif
Expand Down
3 changes: 2 additions & 1 deletion crypto/evp/p_lib.c
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@
#endif

#include "internal/asn1_int.h"
#include "internal/evp_int.h"

static void EVP_PKEY_free_it(EVP_PKEY *x);

Expand Down Expand Up @@ -275,7 +276,7 @@ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
return (key != NULL);
}

void *EVP_PKEY_get0(EVP_PKEY *pkey)
void *EVP_PKEY_get0(const EVP_PKEY *pkey)
{
return pkey->pkey.ptr;
}
Expand Down
4 changes: 2 additions & 2 deletions crypto/evp/p_open.c
Original file line number Diff line number Diff line change
Expand Up @@ -82,12 +82,12 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
if (!priv)
return 1;

if (priv->type != EVP_PKEY_RSA) {
if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) {
EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA);
goto err;
}

size = RSA_size(priv->pkey.rsa);
size = EVP_PKEY_size(priv);
key = OPENSSL_malloc(size + 2);
if (key == NULL) {
/* ERROR */
Expand Down
4 changes: 2 additions & 2 deletions crypto/hmac/hm_ameth.c
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ static int hmac_size(const EVP_PKEY *pkey)

static void hmac_key_free(EVP_PKEY *pkey)
{
ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
ASN1_OCTET_STRING *os = EVP_PKEY_get0(pkey);
if (os) {
if (os->data)
OPENSSL_cleanse(os->data, os->length);
Expand Down Expand Up @@ -121,7 +121,7 @@ static int old_hmac_decode(EVP_PKEY *pkey,
static int old_hmac_encode(const EVP_PKEY *pkey, unsigned char **pder)
{
int inc;
ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
ASN1_OCTET_STRING *os = EVP_PKEY_get0(pkey);
if (pder) {
if (!*pder) {
*pder = OPENSSL_malloc(os->length);
Expand Down
29 changes: 29 additions & 0 deletions crypto/include/internal/evp_int.h
Original file line number Diff line number Diff line change
Expand Up @@ -387,3 +387,32 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
(fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
cipher##_init_key, NULL, NULL, NULL, NULL)


/*
* Type needs to be a bit field Sub-type needs to be for variations on the
* method, as in, can it do arbitrary encryption....
*/
struct evp_pkey_st {
int type;
int save_type;
int references;
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *engine;
union {
char *ptr;
# ifndef OPENSSL_NO_RSA
struct rsa_st *rsa; /* RSA */
# endif
# ifndef OPENSSL_NO_DSA
struct dsa_st *dsa; /* DSA */
# endif
# ifndef OPENSSL_NO_DH
struct dh_st *dh; /* DH */
# endif
# ifndef OPENSSL_NO_EC
struct ec_key_st *ec; /* ECC */
# endif
} pkey;
int save_parameters;
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
} /* EVP_PKEY */ ;
2 changes: 1 addition & 1 deletion crypto/pem/pem_info.c
Original file line number Diff line number Diff line change
Expand Up @@ -362,7 +362,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
#ifndef OPENSSL_NO_RSA
/* normal optionally encrypted stuff */
if (PEM_write_bio_RSAPrivateKey(bp,
xi->x_pkey->dec_pkey->pkey.rsa,
EVP_PKEY_get0_RSA(xi->x_pkey->dec_pkey),
enc, kstr, klen, cb, u) <= 0)
goto err;
#endif
Expand Down
1 change: 1 addition & 0 deletions crypto/pem/pem_pkey.c
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@
# include <openssl/dh.h>
#endif
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

int pem_check_suffix(const char *pem_str, const char *suffix);

Expand Down
15 changes: 8 additions & 7 deletions crypto/pem/pvkfmt.c
Original file line number Diff line number Diff line change
Expand Up @@ -450,11 +450,12 @@ static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub)
unsigned char *p;
unsigned int bitlen, magic = 0, keyalg;
int outlen, noinc = 0;
if (pk->type == EVP_PKEY_DSA) {
bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic);
int pktype = EVP_PKEY_id(pk);
if (pktype == EVP_PKEY_DSA) {
bitlen = check_bitlen_dsa(EVP_PKEY_get0_DSA(pk), ispub, &magic);
keyalg = MS_KEYALG_DSS_SIGN;
} else if (pk->type == EVP_PKEY_RSA) {
bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic);
} else if (pktype == EVP_PKEY_RSA) {
bitlen = check_bitlen_rsa(EVP_PKEY_get0_RSA(pk), ispub, &magic);
keyalg = MS_KEYALG_RSA_KEYX;
} else
return -1;
Expand Down Expand Up @@ -484,9 +485,9 @@ static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub)
write_ledword(&p, magic);
write_ledword(&p, bitlen);
if (keyalg == MS_KEYALG_DSS_SIGN)
write_dsa(&p, pk->pkey.dsa, ispub);
write_dsa(&p, EVP_PKEY_get0_DSA(pk), ispub);
else
write_rsa(&p, pk->pkey.rsa, ispub);
write_rsa(&p, EVP_PKEY_get0_RSA(pk), ispub);
if (!noinc)
*out += outlen;
return outlen;
Expand Down Expand Up @@ -797,7 +798,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,

write_ledword(&p, MS_PVKMAGIC);
write_ledword(&p, 0);
if (pk->type == EVP_PKEY_DSA)
if (EVP_PKEY_id(pk) == EVP_PKEY_DSA)
write_ledword(&p, MS_KEYTYPE_SIGN);
else
write_ledword(&p, MS_KEYTYPE_KEYX);
Expand Down
3 changes: 2 additions & 1 deletion crypto/pkcs7/pk7_lib.c
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
{
Expand Down Expand Up @@ -371,7 +372,7 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
goto err;

/* lets keep the pkey around for a while */
CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
EVP_PKEY_up_ref(pkey);
p7i->pkey = pkey;

/* Set the algorithms */
Expand Down
1 change: 1 addition & 0 deletions crypto/rsa/rsa_ameth.c
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@
# include <openssl/cms.h>
#endif
#include "internal/asn1_int.h"
#include "internal/evp_int.h"

#ifndef OPENSSL_NO_CMS
static int rsa_cms_sign(CMS_SignerInfo *si);
Expand Down
Loading

0 comments on commit 3aeb934

Please sign in to comment.