STORE: Distinguish public keys from private keys

author Richard Levitte <levitte@openssl.org>

Thu, 30 Jul 2020 08:09:43 +0000 (10:09 +0200)

committer Richard Levitte <levitte@openssl.org>

Thu, 20 Aug 2020 10:37:35 +0000 (12:37 +0200)
author Richard Levitte <levitte@openssl.org>
Thu, 30 Jul 2020 08:09:43 +0000 (10:09 +0200)
committer Richard Levitte <levitte@openssl.org>
Thu, 20 Aug 2020 10:37:35 +0000 (12:37 +0200)
diff --git a/apps/include/apps.h b/apps/include/apps.h

index 0ee8e070cd2d28e8dd71cd9ee4617e90743c8eda..0e734a528e389b18cf624b3ccaafe770d927dc1e 100644 (file)
--- a/apps/include/apps.h
+++ b/apps/include/apps.h
@@ -119,7 +119,8 @@ int load_crls(const char *file, STACK_OF(X509_CRL) **crls, int format,
                const char *pass, const char *desc);
  int load_key_cert_crl(const char *uri, int maybe_stdin,
                        const char *pass, const char *desc,
-                      EVP_PKEY **ppkey, X509 **pcert, X509_CRL **pcrl);
+                      EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
+                      X509 **pcert, X509_CRL **pcrl);
  X509_STORE *setup_verify(const char *CAfile, int noCAfile,
                           const char *CApath, int noCApath,
                           const char *CAstore, int noCAstore);
diff --git a/apps/lib/apps.c b/apps/lib/apps.c

index e8592c4880cfdb39f0920d502636ad6713e055f5..d19fdc21260dd83441a6c7c416705aa72708d7be 100644 (file)
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -491,7 +491,8 @@ X509 *load_cert_pass(const char *uri, int maybe_stdin,
  
      if (desc == NULL)
          desc = "certificate";
-    (void)load_key_cert_crl(uri, maybe_stdin, pass, desc, NULL, &cert, NULL);
+    (void)load_key_cert_crl(uri, maybe_stdin, pass, desc,
+                            NULL, NULL, &cert, NULL);
      if (cert == NULL) {
          BIO_printf(bio_err, "Unable to load %s\n", desc);
          ERR_print_errors(bio_err);
@@ -512,7 +513,8 @@ X509_CRL *load_crl(const char *uri, int format, const char *desc)
  
      if (desc == NULL)
          desc = "CRL";
-    (void)load_key_cert_crl(uri, 0, NULL, desc, NULL, NULL, &crl);
+    (void)load_key_cert_crl(uri, 0, NULL, desc,
+                            NULL, NULL, NULL, &crl);
      if (crl == NULL) {
          BIO_printf(bio_err, "Unable to load %s\n", desc);
          ERR_print_errors(bio_err);
@@ -591,7 +593,8 @@ EVP_PKEY *load_key(const char *uri, int format, int may_stdin,
  #endif
          }
      } else {
-        (void)load_key_cert_crl(uri, may_stdin, pass, desc, &pkey, NULL, NULL);
+        (void)load_key_cert_crl(uri, may_stdin, pass, desc,
+                                &pkey, NULL, NULL, NULL);
      }
  
      if (pkey == NULL) {
@@ -629,8 +632,8 @@ EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin,
  #endif
          }
      } else {
-        (void)load_key_cert_crl(uri, maybe_stdin, pass, desc, &pkey,
-                                NULL, NULL);
+        (void)load_key_cert_crl(uri, maybe_stdin, pass, desc,
+                                NULL, &pkey, NULL, NULL);
      }
      if (pkey == NULL) {
          BIO_printf(bio_err, "Unable to load %s\n", desc);
@@ -769,7 +772,8 @@ int load_crls(const char *file, STACK_OF(X509_CRL) **crls, int format,
   */
  int load_key_cert_crl(const char *uri, int maybe_stdin,
                        const char *pass, const char *desc,
-                      EVP_PKEY **ppkey, X509 **pcert, X509_CRL **pcrl)
+                      EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
+                      X509 **pcert, X509_CRL **pcrl)
  {
      PW_CB_DATA uidata;
      OSSL_STORE_CTX *ctx = NULL;
@@ -780,6 +784,8 @@ int load_key_cert_crl(const char *uri, int maybe_stdin,
  
      if (ppkey != NULL)
          *ppkey = NULL;
+    if (ppubkey != NULL)
+        *ppubkey = NULL;
      if (pcert != NULL)
          *pcert = NULL;
      if (pcrl != NULL)
@@ -831,6 +837,18 @@ int load_key_cert_crl(const char *uri, int maybe_stdin,
          case OSSL_STORE_INFO_PKEY:
              if (ppkey != NULL && *ppkey == NULL)
                  err = ((*ppkey = OSSL_STORE_INFO_get1_PKEY(info)) == NULL);
+
+            /*
+             * An EVP_PKEY with private parts also holds the public parts,
+             * so if the caller asked for a public key, and we got a private
+             * key, we can still pass it back.
+             */
+            if (ppubkey != NULL && *ppubkey == NULL)
+                err = ((*ppubkey = OSSL_STORE_INFO_get1_PKEY(info)) == NULL);
+            break;
+        case OSSL_STORE_INFO_PUBKEY:
+            if (ppubkey != NULL && *ppubkey == NULL)
+                err = ((*ppubkey = OSSL_STORE_INFO_get1_PUBKEY(info)) == NULL);
              break;
          case OSSL_STORE_INFO_CERT:
              if (pcert != NULL && *pcert == NULL)
diff --git a/apps/storeutl.c b/apps/storeutl.c

index 66fd423ab02228b0ebc8bee81010230bd1311952..3d9498dc46542a3e3b30dc5c9e81ce0e0843d9e0 100644 (file)
--- a/apps/storeutl.c
+++ b/apps/storeutl.c
@@ -450,6 +450,13 @@ static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
                  PEM_write_bio_Parameters(out,
                                           OSSL_STORE_INFO_get0_PARAMS(info));
              break;
+        case OSSL_STORE_INFO_PUBKEY:
+            if (text)
+                EVP_PKEY_print_public(out, OSSL_STORE_INFO_get0_PUBKEY(info),
+                                      0, NULL);
+            if (!noout)
+                PEM_write_bio_PUBKEY(out, OSSL_STORE_INFO_get0_PUBKEY(info));
+            break;
          case OSSL_STORE_INFO_PKEY:
              if (text)
                  EVP_PKEY_print_private(out, OSSL_STORE_INFO_get0_PKEY(info),
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt

index 7431248d8f90d2fb8d7c657ffcabdc676aec876c..e83f1013ecb7cda7cef9d899900db6566056552d 100644 (file)
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2717,8 +2717,9 @@ OSSL_STORE_R_LOADER_INCOMPLETE:116:loader incomplete
  OSSL_STORE_R_LOADING_STARTED:117:loading started
  OSSL_STORE_R_NOT_A_CERTIFICATE:100:not a certificate
  OSSL_STORE_R_NOT_A_CRL:101:not a crl
-OSSL_STORE_R_NOT_A_KEY:102:not a key
  OSSL_STORE_R_NOT_A_NAME:103:not a name
+OSSL_STORE_R_NOT_A_PRIVATE_KEY:102:not a private key
+OSSL_STORE_R_NOT_A_PUBLIC_KEY:122:not a public key
  OSSL_STORE_R_NOT_PARAMETERS:104:not parameters
  OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR:114:passphrase callback error
  OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE:108:path must be absolute
diff --git a/crypto/store/loader_file.c b/crypto/store/loader_file.c

index 3b54ebbcd5d10644b77d747af578e963425e49c7..25ce9ba92e006a478d2cc3d43510c40f375c9527 100644 (file)
--- a/crypto/store/loader_file.c
+++ b/crypto/store/loader_file.c
@@ -565,7 +565,7 @@ static OSSL_STORE_INFO *try_decode_PUBKEY(const char *pem_name,
  
      if ((pkey = d2i_PUBKEY(NULL, &blob, len)) != NULL) {
          *matchcount = 1;
-        store_info = OSSL_STORE_INFO_new_PKEY(pkey);
+        store_info = OSSL_STORE_INFO_new_PUBKEY(pkey);
      }
  
      return store_info;
diff --git a/crypto/store/store_err.c b/crypto/store/store_err.c

index 3abb50bb21ea220aa7749a769f904061447b967f..320934e6c6643d48f6eaf75e8cd2ee6bb16481a8 100644 (file)
--- a/crypto/store/store_err.c
+++ b/crypto/store/store_err.c
@@ -32,8 +32,11 @@ static const ERR_STRING_DATA OSSL_STORE_str_reasons[] = {
      {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_CERTIFICATE),
      "not a certificate"},
      {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_CRL), "not a crl"},
-    {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_KEY), "not a key"},
      {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_NAME), "not a name"},
+    {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_PRIVATE_KEY),
+    "not a private key"},
+    {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_A_PUBLIC_KEY),
+    "not a public key"},
      {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_NOT_PARAMETERS),
      "not parameters"},
      {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR),
diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c

index 2878358245e0f767f630e1ec1f47b14c60e23e01..2ff92b7984646e39e59f884f97b050d797c0580b 100644 (file)
--- a/crypto/store/store_lib.c
+++ b/crypto/store/store_lib.c
@@ -307,6 +307,15 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(EVP_PKEY *params)
      return info;
  }
  
+OSSL_STORE_INFO *OSSL_STORE_INFO_new_PUBKEY(EVP_PKEY *pkey)
+{
+    OSSL_STORE_INFO *info = store_info_new(OSSL_STORE_INFO_PUBKEY, pkey);
+
+    if (info == NULL)
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE);
+    return info;
+}
+
  OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey)
  {
      OSSL_STORE_INFO *info = store_info_new(OSSL_STORE_INFO_PKEY, pkey);
@@ -408,6 +417,23 @@ EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *info)
      return NULL;
  }
  
+EVP_PKEY *OSSL_STORE_INFO_get0_PUBKEY(const OSSL_STORE_INFO *info)
+{
+    if (info->type == OSSL_STORE_INFO_PUBKEY)
+        return info->_.pubkey;
+    return NULL;
+}
+
+EVP_PKEY *OSSL_STORE_INFO_get1_PUBKEY(const OSSL_STORE_INFO *info)
+{
+    if (info->type == OSSL_STORE_INFO_PUBKEY) {
+        EVP_PKEY_up_ref(info->_.pubkey);
+        return info->_.pubkey;
+    }
+    OSSL_STOREerr(0, OSSL_STORE_R_NOT_A_PUBLIC_KEY);
+    return NULL;
+}
+
  EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *info)
  {
      if (info->type == OSSL_STORE_INFO_PKEY)
@@ -422,7 +448,7 @@ EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *info)
          return info->_.pkey;
      }
      OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_INFO_GET1_PKEY,
-                  OSSL_STORE_R_NOT_A_KEY);
+                  OSSL_STORE_R_NOT_A_PRIVATE_KEY);
      return NULL;
  }
  
@@ -480,6 +506,9 @@ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *info)
          case OSSL_STORE_INFO_PARAMS:
              EVP_PKEY_free(info->_.params);
              break;
+        case OSSL_STORE_INFO_PUBKEY:
+            EVP_PKEY_free(info->_.pubkey);
+            break;
          case OSSL_STORE_INFO_PKEY:
              EVP_PKEY_free(info->_.pkey);
              break;
diff --git a/crypto/store/store_local.h b/crypto/store/store_local.h

index c9592c38ce1e70c7bb73d272814ca8fce8b42e71..47cba87f869c5967b684388d172811ce26125b4a 100644 (file)
--- a/crypto/store/store_local.h
+++ b/crypto/store/store_local.h
@@ -36,6 +36,7 @@ struct ossl_store_info_st {
          } name;                  /* when type == OSSL_STORE_INFO_NAME */
  
          EVP_PKEY *params;        /* when type == OSSL_STORE_INFO_PARAMS */
+        EVP_PKEY *pubkey;        /* when type == OSSL_STORE_INFO_PUBKEY */
          EVP_PKEY *pkey;          /* when type == OSSL_STORE_INFO_PKEY */
          X509 *x509;              /* when type == OSSL_STORE_INFO_CERT */
          X509_CRL *crl;           /* when type == OSSL_STORE_INFO_CRL */
diff --git a/crypto/store/store_strings.c b/crypto/store/store_strings.c

index 84cfdcfe6b58b4e6e67e037a5d37b150e1fc1057..97497c8a78e3a9ec70ad2ae1d21befdb14160cb4 100644 (file)
--- a/crypto/store/store_strings.c
+++ b/crypto/store/store_strings.c
@@ -12,6 +12,7 @@
  static char *type_strings[] = {
      "Name",                      /* OSSL_STORE_INFO_NAME */
      "Parameters",                /* OSSL_STORE_INFO_PARAMS */
+    "Public key",                /* OSSL_STORE_INFO_PUBKEY */
      "Pkey",                      /* OSSL_STORE_INFO_PKEY */
      "Certificate",               /* OSSL_STORE_INFO_CERT */
      "CRL"                        /* OSSL_STORE_INFO_CRL */
diff --git a/doc/man3/OSSL_STORE_INFO.pod b/doc/man3/OSSL_STORE_INFO.pod

index c3316779542645e2c71ab34a3b954c3b600f2ae4..bc965a77bdeb483aacefc2881501785b89fcd91b 100644 (file)
--- a/doc/man3/OSSL_STORE_INFO.pod
+++ b/doc/man3/OSSL_STORE_INFO.pod
@@ -3,15 +3,17 @@
  =head1 NAME
  
  OSSL_STORE_INFO, OSSL_STORE_INFO_get_type, OSSL_STORE_INFO_get0_NAME,
-OSSL_STORE_INFO_get0_NAME_description, OSSL_STORE_INFO_get0_PARAMS,
+OSSL_STORE_INFO_get0_NAME_description,
+OSSL_STORE_INFO_get0_PARAMS, OSSL_STORE_INFO_get0_PUBKEY,
  OSSL_STORE_INFO_get0_PKEY, OSSL_STORE_INFO_get0_CERT, OSSL_STORE_INFO_get0_CRL,
  OSSL_STORE_INFO_get1_NAME, OSSL_STORE_INFO_get1_NAME_description,
-OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PKEY,
-OSSL_STORE_INFO_get1_CERT,
-OSSL_STORE_INFO_get1_CRL, OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free,
+OSSL_STORE_INFO_get1_PARAMS, OSSL_STORE_INFO_get1_PUBKEY,
+OSSL_STORE_INFO_get1_PKEY, OSSL_STORE_INFO_get1_CERT, OSSL_STORE_INFO_get1_CRL,
+OSSL_STORE_INFO_type_string, OSSL_STORE_INFO_free,
  OSSL_STORE_INFO_new_NAME, OSSL_STORE_INFO_set0_NAME_description,
-OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT,
-OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects
+OSSL_STORE_INFO_new_PARAMS, OSSL_STORE_INFO_new_PUBKEY,
+OSSL_STORE_INFO_new_PKEY, OSSL_STORE_INFO_new_CERT, OSSL_STORE_INFO_new_CRL
+- Functions to manipulate OSSL_STORE_INFO objects
  
  =head1 SYNOPSIS
  
@@ -27,6 +29,8 @@ OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects
   char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *store_info);
   EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *store_info);
   EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *store_info);
+ EVP_PKEY *OSSL_STORE_INFO_get0_PUBKEY(const OSSL_STORE_INFO *info);
+ EVP_PKEY *OSSL_STORE_INFO_get1_PUBKEY(const OSSL_STORE_INFO *info);
   EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *store_info);
   EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *store_info);
   X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *store_info);
@@ -41,6 +45,7 @@ OSSL_STORE_INFO_new_CRL - Functions to manipulate OSSL_STORE_INFO objects
   OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
   int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
   OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(DSA *dsa_params);
+ OSSL_STORE_INFO *OSSL_STORE_INFO_new_PUBKEY(EVP_PKEY *pubkey);
   OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
   OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
   OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);
@@ -76,23 +81,27 @@ STORE_INFO_get_type_string() takes a STORE type number and returns a
  short string describing it.
  
  OSSL_STORE_INFO_get0_NAME(), OSSL_STORE_INFO_get0_NAME_description(),
-OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PKEY(),
-OSSL_STORE_INFO_get0_CERT() and OSSL_STORE_INFO_get0_CRL() all take a
-B<OSSL_STORE_INFO> and return the held object of the appropriate OpenSSL
-type provided that's what's held.
+OSSL_STORE_INFO_get0_PARAMS(), OSSL_STORE_INFO_get0_PUBKEY(),
+OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(),
+OSSL_STORE_INFO_get0_CRL()
+all take a B<OSSL_STORE_INFO> and return the object it holds if the
+B<OSSL_STORE_INFO> type (as returned by OSSL_STORE_INFO_get_type())
+matches the function, otherwise NULL.
  
  OSSL_STORE_INFO_get1_NAME(), OSSL_STORE_INFO_get1_NAME_description(),
-OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PKEY(),
-OSSL_STORE_INFO_get1_CERT() and OSSL_STORE_INFO_get1_CRL() all take a
-B<OSSL_STORE_INFO> and return a duplicate of the held object of the
-appropriate OpenSSL type provided that's what's held.
+OSSL_STORE_INFO_get1_PARAMS(), OSSL_STORE_INFO_get1_PUBKEY(),
+OSSL_STORE_INFO_get1_PKEY(), OSSL_STORE_INFO_get1_CERT() and
+OSSL_STORE_INFO_get1_CRL()
+all take a B<OSSL_STORE_INFO> and return a duplicate the object it
+holds if the B<OSSL_STORE_INFO> type (as returned by
+OSSL_STORE_INFO_get_type()) matches the function, otherwise NULL.
  
  OSSL_STORE_INFO_free() frees a B<OSSL_STORE_INFO> and its contained type.
  
  OSSL_STORE_INFO_new_NAME() , OSSL_STORE_INFO_new_PARAMS(),
-OSSL_STORE_INFO_new_PKEY(), OSSL_STORE_INFO_new_CERT() and
-OSSL_STORE_INFO_new_CRL() create a B<OSSL_STORE_INFO>
-object to hold the given input object.
+, OSSL_STORE_INFO_new_PUBKEY(), OSSL_STORE_INFO_new_PKEY(),
+OSSL_STORE_INFO_new_CERT() and OSSL_STORE_INFO_new_CRL()
+create a B<OSSL_STORE_INFO> object to hold the given input object.
  On success the input object is consumed.
  
  Additionally, for B<OSSL_STORE_INFO_NAME>` objects,
diff --git a/include/openssl/store.h b/include/openssl/store.h

index d5e72a0963e78ee1e76c87ae85fbf35d614eafc8..b75c79868cb3005c1f4ce8ddf3600255cb6a252c 100644 (file)
--- a/include/openssl/store.h
+++ b/include/openssl/store.h
@@ -138,9 +138,10 @@ OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bio, const char *scheme,
   */
  # define OSSL_STORE_INFO_NAME           1   /* char * */
  # define OSSL_STORE_INFO_PARAMS         2   /* EVP_PKEY * */
-# define OSSL_STORE_INFO_PKEY           3   /* EVP_PKEY * */
-# define OSSL_STORE_INFO_CERT           4   /* X509 * */
-# define OSSL_STORE_INFO_CRL            5   /* X509_CRL * */
+# define OSSL_STORE_INFO_PUBKEY         3   /* EVP_PKEY * */
+# define OSSL_STORE_INFO_PKEY           4   /* EVP_PKEY * */
+# define OSSL_STORE_INFO_CERT           5   /* X509 * */
+# define OSSL_STORE_INFO_CRL            6   /* X509_CRL * */
  
  /*
   * Functions to generate OSSL_STORE_INFOs, one function for each type we
@@ -152,6 +153,7 @@ OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bio, const char *scheme,
  OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
  int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
  OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(EVP_PKEY *params);
+OSSL_STORE_INFO *OSSL_STORE_INFO_new_PUBKEY(EVP_PKEY *pubkey);
  OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
  OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
  OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);
@@ -166,6 +168,8 @@ const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO *info);
  char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *info);
  EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *info);
  EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *info);
+EVP_PKEY *OSSL_STORE_INFO_get0_PUBKEY(const OSSL_STORE_INFO *info);
+EVP_PKEY *OSSL_STORE_INFO_get1_PUBKEY(const OSSL_STORE_INFO *info);
  EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *info);
  EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *info);
  X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *info);
diff --git a/include/openssl/storeerr.h b/include/openssl/storeerr.h

index ed8f7988fecae1c9a5ba44bcf97bf8fda4019a27..5213a0b33c44fbf7e047a9d134586be8c9d3c608 100644 (file)
--- a/include/openssl/storeerr.h
+++ b/include/openssl/storeerr.h
@@ -78,8 +78,9 @@ int ERR_load_OSSL_STORE_strings(void);
  # define OSSL_STORE_R_LOADING_STARTED                     117
  # define OSSL_STORE_R_NOT_A_CERTIFICATE                   100
  # define OSSL_STORE_R_NOT_A_CRL                           101
-# define OSSL_STORE_R_NOT_A_KEY                           102
  # define OSSL_STORE_R_NOT_A_NAME                          103
+# define OSSL_STORE_R_NOT_A_PRIVATE_KEY                   102
+# define OSSL_STORE_R_NOT_A_PUBLIC_KEY                    122
  # define OSSL_STORE_R_NOT_PARAMETERS                      104
  # define OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR           114
  # define OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE               108
diff --git a/util/libcrypto.num b/util/libcrypto.num

index 6aa0109de30e59e82eaf69076165447f5223be97..762e3cc17aa57101ed0ddf93a258aa1ace123679 100644 (file)
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5263,3 +5263,6 @@ EVP_SIGNATURE_settable_ctx_params       ? 3_0_0   EXIST::FUNCTION:
  EVP_KEYEXCH_gettable_ctx_params         ?      3_0_0   EXIST::FUNCTION:
  EVP_KEYEXCH_settable_ctx_params         ?      3_0_0   EXIST::FUNCTION:
  d2i_PUBKEY_ex                           ?      3_0_0   EXIST::FUNCTION:
+OSSL_STORE_INFO_new_PUBKEY              ?      3_0_0   EXIST::FUNCTION:
+OSSL_STORE_INFO_get0_PUBKEY             ?      3_0_0   EXIST::FUNCTION:
+OSSL_STORE_INFO_get1_PUBKEY             ?      3_0_0   EXIST::FUNCTION:
author	Richard Levitte <levitte@openssl.org>
	Thu, 30 Jul 2020 08:09:43 +0000 (10:09 +0200)
committer	Richard Levitte <levitte@openssl.org>
	Thu, 20 Aug 2020 10:37:35 +0000 (12:37 +0200)
apps/include/apps.h		patch \| blob \| history
apps/lib/apps.c		patch \| blob \| history
apps/storeutl.c		patch \| blob \| history
crypto/err/openssl.txt		patch \| blob \| history
crypto/store/loader_file.c		patch \| blob \| history
crypto/store/store_err.c		patch \| blob \| history
crypto/store/store_lib.c		patch \| blob \| history
crypto/store/store_local.h		patch \| blob \| history
crypto/store/store_strings.c		patch \| blob \| history
doc/man3/OSSL_STORE_INFO.pod		patch \| blob \| history
include/openssl/store.h		patch \| blob \| history
include/openssl/storeerr.h		patch \| blob \| history
util/libcrypto.num		patch \| blob \| history