Browse Source

Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key

We do the same thing for the "get1" version. In reality this has broader
use than just TLS (it can also be used in CMS), and "encodedpoint" only
makes sense when you are talking about EC based algorithms.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13105)
master
Matt Caswell 2 years ago
parent
commit
5ac8fb584a
18 changed files with 86 additions and 70 deletions
  1. +1
    -5
      crypto/cms/cms_dh.c
  2. +2
    -4
      crypto/cms/cms_ec.c
  3. +15
    -14
      crypto/evp/p_lib.c
  4. +2
    -2
      doc/man3/EVP_PKEY_ASN1_METHOD.pod
  5. +1
    -1
      doc/man7/EVP_PKEY-DH.pod
  6. +4
    -3
      doc/man7/EVP_PKEY-EC.pod
  7. +4
    -3
      doc/man7/EVP_PKEY-X25519.pod
  8. +1
    -1
      include/openssl/core_names.h
  9. +18
    -3
      include/openssl/evp.h
  10. +4
    -4
      providers/implementations/keymgmt/dh_kmgmt.c
  11. +7
    -6
      providers/implementations/keymgmt/ec_kmgmt.c
  12. +4
    -4
      providers/implementations/keymgmt/ecx_kmgmt.c
  13. +4
    -4
      ssl/statem/extensions_clnt.c
  14. +3
    -3
      ssl/statem/extensions_srvr.c
  15. +4
    -4
      ssl/statem/statem_clnt.c
  16. +3
    -3
      ssl/statem/statem_srvr.c
  17. +5
    -4
      test/tls-provider.c
  18. +4
    -2
      util/libcrypto.num

+ 1
- 5
crypto/cms/cms_dh.c View File

@ -46,11 +46,7 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
pkpeer = EVP_PKEY_new();
if (pkpeer == NULL
|| !EVP_PKEY_copy_parameters(pkpeer, pk)
/*
* TODO(3.0): This is badly named!! Can we make this more
* generic and not TLS specific?
*/
|| !EVP_PKEY_set1_tls_encodedpoint(pkpeer, p, plen))
|| !EVP_PKEY_set1_encoded_public_key(pkpeer, p, plen))
goto err;
if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0)


+ 2
- 4
crypto/cms/cms_ec.c View File

@ -112,8 +112,7 @@ static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
if (p == NULL || plen == 0)
goto err;
/* TODO(3.0): Terrible name. We need a non-tls specific name */
if (!EVP_PKEY_set1_tls_encodedpoint(pkpeer, p, plen))
if (!EVP_PKEY_set1_encoded_public_key(pkpeer, p, plen))
goto err;
if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0)
@ -279,8 +278,7 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri)
if (aoid == OBJ_nid2obj(NID_undef)) {
/* Set the key */
/* TODO(3.0): Terrible name. Needs a non TLS specific name */
penclen = EVP_PKEY_get1_tls_encodedpoint(pkey, &penc);
penclen = EVP_PKEY_get1_encoded_public_key(pkey, &penc);
ASN1_STRING_set0(pubkey, penc, penclen);
pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT;


+ 15
- 14
crypto/evp/p_lib.c View File

@ -1317,8 +1317,8 @@ int EVP_PKEY_supports_digest_nid(EVP_PKEY *pkey, int nid)
return rv;
}
int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey,
const unsigned char *pt, size_t ptlen)
int EVP_PKEY_set1_encoded_public_key(EVP_PKEY *pkey, const unsigned char *pub,
size_t publen)
{
if (pkey->ameth == NULL) {
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
@ -1327,20 +1327,21 @@ int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey,
return 0;
params[0] =
OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT,
(unsigned char *)pt, ptlen);
OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY,
(unsigned char *)pub, publen);
return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params);
}
if (ptlen > INT_MAX)
if (publen > INT_MAX)
return 0;
if (evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_SET1_TLS_ENCPT, ptlen,
(void *)pt) <= 0)
/* Historically this function was EVP_PKEY_set1_tls_encodedpoint */
if (evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_SET1_TLS_ENCPT, publen,
(void *)pub) <= 0)
return 0;
return 1;
}
size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt)
size_t EVP_PKEY_get1_encoded_public_key(EVP_PKEY *pkey, unsigned char **ppub)
{
int rv;
@ -1351,18 +1352,18 @@ size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt)
return 0;
params[0] =
OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT,
OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY,
NULL, 0);
if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params))
return 0;
*ppt = OPENSSL_malloc(params[0].return_size);
if (*ppt == NULL)
*ppub = OPENSSL_malloc(params[0].return_size);
if (*ppub == NULL)
return 0;
params[0] =
OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT,
*ppt, params[0].return_size);
OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY,
*ppub, params[0].return_size);
if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params))
return 0;
@ -1370,7 +1371,7 @@ size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt)
}
rv = evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_GET1_TLS_ENCPT, 0, ppt);
rv = evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_GET1_TLS_ENCPT, 0, ppub);
if (rv <= 0)
return 0;
return rv;


+ 2
- 2
doc/man3/EVP_PKEY_ASN1_METHOD.pod View File

@ -258,8 +258,8 @@ L<EVP_PKEY_set_type_str(3)>, and L<EVP_PKEY_assign(3)>.
The pkey_ctrl() method adds extra algorithm specific control.
It's called by L<EVP_PKEY_get_default_digest_nid(3)>,
L<EVP_PKEY_supports_digest_nid(3)>,
L<EVP_PKEY_set1_tls_encodedpoint(3)>,
L<EVP_PKEY_get1_tls_encodedpoint(3)>, L<PKCS7_SIGNER_INFO_set(3)>,
L<EVP_PKEY_set1_encoded_public_key(3)>,
L<EVP_PKEY_get1_encoded_public_key(3)>, L<PKCS7_SIGNER_INFO_set(3)>,
L<PKCS7_RECIP_INFO_set(3)>, ...
int (*old_priv_decode) (EVP_PKEY *pkey,


+ 1
- 1
doc/man7/EVP_PKEY-DH.pod View File

@ -54,7 +54,7 @@ validation is required. The default value is 2.
These are not named safe prime groups so setting this value for the OpenSSL FIPS
provider will instead choose a named safe prime group based on the size of I<p>.
=item "tls-encoded-pt" (B<OSSL_PKEY_PARAM_TLS_ENCODED_PT>) <octet string>
=item "encoded-pub-key" (B<OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY>) <octet string>
Used for getting and setting the encoding of the DH public key used in a key
exchange message for the TLS protocol.


+ 4
- 3
doc/man7/EVP_PKEY-EC.pod View File

@ -91,10 +91,11 @@ The public key value in EC point format.
The private key value.
=item "tls-encoded-pt" (B<OSSL_PKEY_PARAM_TLS_ENCODED_PT>) <octet string>
=item "encoded-pub-key" (B<OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY>) <octet string>
Used for getting and setting the encoding of the EC public key used in key
exchange message for the TLS protocol.
Used for getting and setting the encoding of an EC public key. The public key
is expected to be a point conforming to Sec. 2.3.4 of the SECG SEC 1 ("Elliptic
Curve Cryptography") standard.
=back


+ 4
- 3
doc/man7/EVP_PKEY-X25519.pod View File

@ -40,10 +40,11 @@ The public key value.
The private key value.
=item "tls-encoded-pt" (B<OSSL_PKEY_PARAM_TLS_ENCODED_PT>) <octet string>
=item "encoded-pub-key" (B<OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY>) <octet string>
Used for getting and setting the encoding of the public key used in a key exchange
message for the TLS protocol.
Used for getting and setting the encoding of a public key for the B<X25519> and
B<X448> key types. Public keys are expected be encoded in a format as defined by
RFC7748.
=back


+ 1
- 1
include/openssl/core_names.h View File

@ -261,7 +261,7 @@ extern "C" {
#define OSSL_PKEY_PARAM_MASKGENFUNC "mgf"
#define OSSL_PKEY_PARAM_MGF1_DIGEST "mgf1-digest"
#define OSSL_PKEY_PARAM_MGF1_PROPERTIES "mgf1-properties"
#define OSSL_PKEY_PARAM_TLS_ENCODED_PT "tls-encoded-pt"
#define OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY "encoded-pub-key"
#define OSSL_PKEY_PARAM_GROUP_NAME "group"
#define OSSL_PKEY_PARAM_DIST_ID "distid"
#define OSSL_PKEY_PARAM_PUB_KEY "pub"


+ 18
- 3
include/openssl/evp.h View File

@ -1280,9 +1280,24 @@ int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey,
char *mdname, size_t mdname_sz);
int EVP_PKEY_supports_digest_nid(EVP_PKEY *pkey, int nid);
int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey,
const unsigned char *pt, size_t ptlen);
size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt);
/*
* For backwards compatibility. Use EVP_PKEY_set1_encoded_public_key in
* preference
*/
#define EVP_PKEY_set1_tls_encodedpoint(pkey, pt, ptlen) \
EVP_PKEY_set1_encoded_public_key((pkey), (pt), (ptlen))
int EVP_PKEY_set1_encoded_public_key(EVP_PKEY *pkey,
const unsigned char *pub, size_t publen);
/*
* For backwards compatibility. Use EVP_PKEY_get1_encoded_public_key in
* preference
*/
#define EVP_PKEY_get1_tls_encodedpoint(pkey, ppt) \
EVP_PKEY_get1_encoded_public_key((pkey), (ppt))
size_t EVP_PKEY_get1_encoded_public_key(EVP_PKEY *pkey, unsigned char **ppub);
int EVP_CIPHER_type(const EVP_CIPHER *ctx);


+ 4
- 4
providers/implementations/keymgmt/dh_kmgmt.c View File

@ -310,7 +310,7 @@ static ossl_inline int dh_get_params(void *key, OSSL_PARAM params[])
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL
&& !OSSL_PARAM_set_int(p, DH_size(dh)))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) {
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING)
return 0;
p->return_size = dh_key2buf(dh, (unsigned char **)&p->data,
@ -327,7 +327,7 @@ static const OSSL_PARAM dh_params[] = {
OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
DH_IMEXPORTABLE_PARAMETERS,
DH_IMEXPORTABLE_PUBLIC_KEY,
DH_IMEXPORTABLE_PRIVATE_KEY,
@ -340,7 +340,7 @@ static const OSSL_PARAM *dh_gettable_params(void *provctx)
}
static const OSSL_PARAM dh_known_settable_params[] = {
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
OSSL_PARAM_END
};
@ -354,7 +354,7 @@ static int dh_set_params(void *key, const OSSL_PARAM params[])
DH *dh = key;
const OSSL_PARAM *p;
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT);
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY);
if (p != NULL
&& (p->data_type != OSSL_PARAM_OCTET_STRING
|| !dh_buf2key(dh, p->data, p->data_size)))


+ 7
- 6
providers/implementations/keymgmt/ec_kmgmt.c View File

@ -650,7 +650,8 @@ int common_get_params(void *key, OSSL_PARAM params[], int sm2)
goto err;
}
}
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) {
if ((p = OSSL_PARAM_locate(params,
OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL) {
p->return_size = EC_POINT_point2oct(EC_KEY_get0_group(key),
EC_KEY_get0_public_key(key),
POINT_CONVERSION_UNCOMPRESSED,
@ -693,7 +694,7 @@ static const OSSL_PARAM ec_known_gettable_params[] = {
OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
EC_IMEXPORTABLE_DOM_PARAMETERS,
EC2M_GETTABLE_DOM_PARAMS
EC_IMEXPORTABLE_PUBLIC_KEY,
@ -712,7 +713,7 @@ const OSSL_PARAM *ec_gettable_params(void *provctx)
static const OSSL_PARAM ec_known_settable_params[] = {
OSSL_PARAM_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, NULL),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
OSSL_PARAM_END
};
@ -728,7 +729,7 @@ int ec_set_params(void *key, const OSSL_PARAM params[])
EC_KEY *eck = key;
const OSSL_PARAM *p;
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT);
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY);
if (p != NULL) {
BN_CTX *ctx = BN_CTX_new_ex(ec_key_get_libctx(key));
int ret = 1;
@ -756,7 +757,7 @@ static const OSSL_PARAM sm2_known_gettable_params[] = {
OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
EC_IMEXPORTABLE_DOM_PARAMETERS,
EC_IMEXPORTABLE_PUBLIC_KEY,
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_PUB_X, NULL, 0),
@ -772,7 +773,7 @@ const OSSL_PARAM *sm2_gettable_params(ossl_unused void *provctx)
}
static const OSSL_PARAM sm2_known_settable_params[] = {
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
OSSL_PARAM_END
};


+ 4
- 4
providers/implementations/keymgmt/ecx_kmgmt.c View File

@ -265,7 +265,7 @@ static int ecx_get_params(void *key, OSSL_PARAM params[], int bits, int secbits,
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL
&& !OSSL_PARAM_set_int(p, size))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL
&& (ecx->type == ECX_KEY_TYPE_X25519
|| ecx->type == ECX_KEY_TYPE_X448)) {
if (!OSSL_PARAM_set_octet_string(p, ecx->pubkey, ecx->keylen))
@ -317,7 +317,7 @@ static const OSSL_PARAM ecx_gettable_params[] = {
OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_MANDATORY_DIGEST, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
ECX_KEY_TYPES(),
OSSL_PARAM_END
};
@ -369,7 +369,7 @@ static int ecx_set_params(void *key, const OSSL_PARAM params[])
ECX_KEY *ecxkey = key;
const OSSL_PARAM *p;
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT);
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY);
if (p != NULL) {
void *buf = ecxkey->pubkey;
@ -412,7 +412,7 @@ static int ed448_set_params(void *key, const OSSL_PARAM params[])
}
static const OSSL_PARAM ecx_settable_params[] = {
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_PROPERTIES, NULL, 0),
OSSL_PARAM_END
};


+ 4
- 4
ssl/statem/extensions_clnt.c View File

@ -647,8 +647,8 @@ static int add_key_share(SSL *s, WPACKET *pkt, unsigned int curve_id)
}
/* Encode the public key. */
encodedlen = EVP_PKEY_get1_tls_encodedpoint(key_share_key,
&encoded_point);
encodedlen = EVP_PKEY_get1_encoded_public_key(key_share_key,
&encoded_point);
if (encodedlen == 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_ADD_KEY_SHARE, ERR_R_EC_LIB);
goto err;
@ -1916,8 +1916,8 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
return 0;
}
if (!EVP_PKEY_set1_tls_encodedpoint(skey, PACKET_data(&encoded_pt),
PACKET_remaining(&encoded_pt))) {
if (EVP_PKEY_set1_encoded_public_key(skey, PACKET_data(&encoded_pt),
PACKET_remaining(&encoded_pt)) <= 0) {
SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_STOC_KEY_SHARE,
SSL_R_BAD_ECPOINT);
EVP_PKEY_free(skey);


+ 3
- 3
ssl/statem/extensions_srvr.c View File

@ -713,9 +713,9 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
s->s3.group_id = group_id;
if (!EVP_PKEY_set1_tls_encodedpoint(s->s3.peer_tmp,
if (EVP_PKEY_set1_encoded_public_key(s->s3.peer_tmp,
PACKET_data(&encoded_pt),
PACKET_remaining(&encoded_pt))) {
PACKET_remaining(&encoded_pt)) <= 0) {
SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,
SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_BAD_ECPOINT);
return 0;
@ -1751,7 +1751,7 @@ EXT_RETURN tls_construct_stoc_key_share(SSL *s, WPACKET *pkt,
}
/* Generate encoding of server key */
encoded_pt_len = EVP_PKEY_get1_tls_encodedpoint(skey, &encodedPoint);
encoded_pt_len = EVP_PKEY_get1_encoded_public_key(skey, &encodedPoint);
if (encoded_pt_len == 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE,


+ 4
- 4
ssl/statem/statem_clnt.c View File

@ -2235,9 +2235,9 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
return 0;
}
if (!EVP_PKEY_set1_tls_encodedpoint(s->s3.peer_tmp,
PACKET_data(&encoded_pt),
PACKET_remaining(&encoded_pt))) {
if (EVP_PKEY_set1_encoded_public_key(s->s3.peer_tmp,
PACKET_data(&encoded_pt),
PACKET_remaining(&encoded_pt)) <= 0) {
SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PROCESS_SKE_ECDHE,
SSL_R_BAD_ECPOINT);
return 0;
@ -3147,7 +3147,7 @@ static int tls_construct_cke_ecdhe(SSL *s, WPACKET *pkt)
}
/* Generate encoding of client key */
encoded_pt_len = EVP_PKEY_get1_tls_encodedpoint(ckey, &encodedPoint);
encoded_pt_len = EVP_PKEY_get1_encoded_public_key(ckey, &encodedPoint);
if (encoded_pt_len == 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_ECDHE,


+ 3
- 3
ssl/statem/statem_srvr.c View File

@ -2633,8 +2633,8 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
}
/* Encode the public key. */
encodedlen = EVP_PKEY_get1_tls_encodedpoint(s->s3.tmp.pkey,
&encodedPoint);
encodedlen = EVP_PKEY_get1_encoded_public_key(s->s3.tmp.pkey,
&encodedPoint);
if (encodedlen == 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_EC_LIB);
@ -3216,7 +3216,7 @@ static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt)
goto err;
}
if (EVP_PKEY_set1_tls_encodedpoint(ckey, data, i) == 0) {
if (EVP_PKEY_set1_encoded_public_key(ckey, data, i) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_ECDHE,
ERR_R_EC_LIB);
goto err;


+ 5
- 4
test/tls-provider.c View File

@ -476,7 +476,8 @@ static ossl_inline int xor_get_params(void *vkey, OSSL_PARAM params[])
&& !OSSL_PARAM_set_int(p, xor_group.secbits))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) {
if ((p = OSSL_PARAM_locate(params,
OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING)
return 0;
p->return_size = XOR_KEY_SIZE;
@ -490,7 +491,7 @@ static ossl_inline int xor_get_params(void *vkey, OSSL_PARAM params[])
static const OSSL_PARAM xor_params[] = {
OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
OSSL_PARAM_END
};
@ -504,7 +505,7 @@ static int xor_set_params(void *vkey, const OSSL_PARAM params[])
XORKEY *key = vkey;
const OSSL_PARAM *p;
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT);
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY);
if (p != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING
|| p->data_size != XOR_KEY_SIZE)
@ -517,7 +518,7 @@ static int xor_set_params(void *vkey, const OSSL_PARAM params[])
}
static const OSSL_PARAM xor_known_settable_params[] = {
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
OSSL_PARAM_END
};


+ 4
- 2
util/libcrypto.num View File

@ -4046,8 +4046,8 @@ X509_STORE_lock 4134 3_0_0 EXIST::FUNCTION:
X509_set_proxy_pathlen 4135 3_0_0 EXIST::FUNCTION:
X509_get_proxy_pathlen 4136 3_0_0 EXIST::FUNCTION:
DSA_bits 4137 3_0_0 EXIST::FUNCTION:DSA
EVP_PKEY_set1_tls_encodedpoint 4138 3_0_0 EXIST::FUNCTION:
EVP_PKEY_get1_tls_encodedpoint 4139 3_0_0 EXIST::FUNCTION:
EVP_PKEY_set1_tls_encodedpoint 4138 3_0_0 NOEXIST::FUNCTION:
EVP_PKEY_get1_tls_encodedpoint 4139 3_0_0 NOEXIST::FUNCTION:
ASN1_STRING_get0_data 4140 3_0_0 EXIST::FUNCTION:
X509_SIG_getm 4141 3_0_0 EXIST::FUNCTION:
X509_get0_serialNumber 4142 3_0_0 EXIST::FUNCTION:
@ -5290,3 +5290,5 @@ OSSL_DECODER_from_data ? 3_0_0 EXIST::FUNCTION:
OSSL_ENCODER_to_data ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_get0_libctx ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_get0_propq ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_set1_encoded_public_key ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_get1_encoded_public_key ? 3_0_0 EXIST::FUNCTION:

Loading…
Cancel
Save