get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)

author Bodo Möller <bodo@openssl.org>

Mon, 12 Aug 2002 08:47:41 +0000 (08:47 +0000)

committer Bodo Möller <bodo@openssl.org>

Mon, 12 Aug 2002 08:47:41 +0000 (08:47 +0000)
author Bodo Möller <bodo@openssl.org>
Mon, 12 Aug 2002 08:47:41 +0000 (08:47 +0000)
committer Bodo Möller <bodo@openssl.org>
Mon, 12 Aug 2002 08:47:41 +0000 (08:47 +0000)
diff --git a/apps/ca.c b/apps/ca.c

index 9633a39f785b1c4ab18ef369165efbb00690f932..39956e89a44692abdc2d7bb1544da279be5be0a3 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1515,7 +1515,7 @@ bad:
                         else
  #endif
  #ifndef OPENSSL_NO_ECDSA
                         else
  #endif
  #ifndef OPENSSL_NO_ECDSA
-                       if (pkey->type == EVP_PKEY_ECDSA)
+                       if (pkey->type == EVP_PKEY_EC)
                                 dgst=EVP_ecdsa();
                         else
  #endif
                                 dgst=EVP_ecdsa();
                         else
  #endif
@@ -2293,7 +2293,7 @@ again2:
         EVP_PKEY_free(pktmp);
  #endif
  #ifndef OPENSSL_NO_ECDSA
         EVP_PKEY_free(pktmp);
  #endif
  #ifndef OPENSSL_NO_ECDSA
-       if (pkey->type == EVP_PKEY_ECDSA)
+       if (pkey->type == EVP_PKEY_EC)
                 dgst = EVP_ecdsa();
         pktmp = X509_get_pubkey(ret);
         if (EVP_PKEY_missing_parameters(pktmp) &&
                 dgst = EVP_ecdsa();
         pktmp = X509_get_pubkey(ret);
         if (EVP_PKEY_missing_parameters(pktmp) &&
diff --git a/apps/req.c b/apps/req.c

index b6bc85e3874fae0bff69f0082636177902573c65..1f24be79bdd8709c783d3932149a7e81325baeef 100644 (file)
--- a/apps/req.c
+++ b/apps/req.c
@@ -682,7 +682,8 @@ bad:
                            message */
                         goto end;
                         }
                            message */
                         goto end;
                         }
-               if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA || EVP_PKEY_type(pkey->type) == EVP_PKEY_ECDSA)
+               if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA || 
+                       EVP_PKEY_type(pkey->type) == EVP_PKEY_EC)
                         {
                         char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
                         if (randfile == NULL)
                         {
                         char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
                         if (randfile == NULL)
@@ -852,7 +853,7 @@ loop:
                         digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
                         digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
-               if (pkey->type == EVP_PKEY_ECDSA)
+               if (pkey->type == EVP_PKEY_EC)
                         digest=EVP_ecdsa();
  #endif
                 if (req == NULL)
                         digest=EVP_ecdsa();
  #endif
                 if (req == NULL)
diff --git a/apps/speed.c b/apps/speed.c

index 4a77e8af581839172912c6d14b0b14a6548270b2..abcede337e64d60267fe1ac40207090c65d347ad 100644 (file)
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1937,7 +1937,7 @@ int MAIN(int argc, char **argv)
                                 {
                                 /* Perform ECDSA signature test */
                                 EC_KEY_generate_key(ecdsa[j]);
                                 {
                                 /* Perform ECDSA signature test */
                                 EC_KEY_generate_key(ecdsa[j]);
-                               ret = ECDSA_sign(EVP_PKEY_ECDSA, buf, 20, ecdsasig, 
+                               ret = ECDSA_sign(0, buf, 20, ecdsasig, 
                                         &ecdsasiglen, ecdsa[j]);
                                 if (ret == 0) 
                                         {
                                         &ecdsasiglen, ecdsa[j]);
                                 if (ret == 0) 
                                         {
@@ -1953,9 +1953,12 @@ int MAIN(int argc, char **argv)
                                                 ECDSA_SECONDS);
  
                                         Time_F(START);
                                                 ECDSA_SECONDS);
  
                                         Time_F(START);
-                                       for (count=0,run=1; COND(ecdsa_c[j][0]); count++) 
+                                       for (count=0,run=1; COND(ecdsa_c[j][0]);
+                                               count++) 
                                                 {
                                                 {
-                                               ret=ECDSA_sign(EVP_PKEY_ECDSA, buf, 20, ecdsasig, &ecdsasiglen, ecdsa[j]);
+                                               ret=ECDSA_sign(0, buf, 20, 
+                                                       ecdsasig, &ecdsasiglen,
+                                                       ecdsa[j]);
                                                 if (ret == 0) 
                                                         {
                                                         BIO_printf(bio_err, "ECDSA sign failure\n");
                                                 if (ret == 0) 
                                                         {
                                                         BIO_printf(bio_err, "ECDSA sign failure\n");
@@ -1974,7 +1977,8 @@ int MAIN(int argc, char **argv)
                                         }
  
                                 /* Perform ECDSA verification test */
                                         }
  
                                 /* Perform ECDSA verification test */
-                               ret=ECDSA_verify(EVP_PKEY_ECDSA, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
+                               ret=ECDSA_verify(0, buf, 20, ecdsasig, 
+                                       ecdsasiglen, ecdsa[j]);
                                 if (ret != 1) 
                                         {
                                         BIO_printf(bio_err,"ECDSA verify failure.  No ECDSA verify will be done.\n");
                                 if (ret != 1) 
                                         {
                                         BIO_printf(bio_err,"ECDSA verify failure.  No ECDSA verify will be done.\n");
diff --git a/apps/x509.c b/apps/x509.c

index 67476e34cfb2abceb1cf4695999fb92abf26e6db..aa06462b9f41b3c506ccab6a4fd1f6afeaa2b35e 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -870,7 +870,7 @@ bad:
                                         digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
                                         digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
-                               if (Upkey->type == EVP_PKEY_ECDSA)
+                               if (Upkey->type == EVP_PKEY_EC)
                                         digest=EVP_ecdsa();
  #endif
  
                                         digest=EVP_ecdsa();
  #endif
  
@@ -894,7 +894,7 @@ bad:
                                         digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
                                         digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
-                               if (CApkey->type == EVP_PKEY_ECDSA)
+                               if (CApkey->type == EVP_PKEY_EC)
                                         digest = EVP_ecdsa();
  #endif
                                 
                                         digest = EVP_ecdsa();
  #endif
                                 
@@ -929,7 +929,7 @@ bad:
                                         digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
                                         digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
-                               if (pk->type == EVP_PKEY_ECDSA)
+                               if (pk->type == EVP_PKEY_EC)
                                         digest=EVP_ecdsa();
  #endif
  
                                         digest=EVP_ecdsa();
  #endif
  
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h

index e4d60eeb4d9550fc774c2587b7127de01be92057..10e9e414c59a5f0614ce678f52c3c3c8c446692a 100644 (file)
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -150,13 +150,13 @@
  #define EVP_PK_RSA     0x0001
  #define EVP_PK_DSA     0x0002
  #define EVP_PK_DH      0x0004
  #define EVP_PK_RSA     0x0001
  #define EVP_PK_DSA     0x0002
  #define EVP_PK_DH      0x0004
-#define EVP_PK_ECDSA   0x0008
+#define EVP_PK_EC      0x0008
  #define EVP_PKT_SIGN   0x0010
  #define EVP_PKT_ENC    0x0020
  #define EVP_PKT_EXCH   0x0040
  #define EVP_PKS_RSA    0x0100
  #define EVP_PKS_DSA    0x0200
  #define EVP_PKT_SIGN   0x0010
  #define EVP_PKT_ENC    0x0020
  #define EVP_PKT_EXCH   0x0040
  #define EVP_PKS_RSA    0x0100
  #define EVP_PKS_DSA    0x0200
-#define EVP_PKS_ECDSA  0x0400
+#define EVP_PKS_EC     0x0400
  #define EVP_PKT_EXP    0x1000 /* <= 512 bit key */
  
  #define EVP_PKEY_NONE  NID_undef
  #define EVP_PKT_EXP    0x1000 /* <= 512 bit key */
  
  #define EVP_PKEY_NONE  NID_undef
@@ -169,7 +169,6 @@
  #define EVP_PKEY_DSA4  NID_dsaWithSHA1_2
  #define EVP_PKEY_DH    NID_dhKeyAgreement
  #define EVP_PKEY_EC    NID_X9_62_id_ecPublicKey
  #define EVP_PKEY_DSA4  NID_dsaWithSHA1_2
  #define EVP_PKEY_DH    NID_dhKeyAgreement
  #define EVP_PKEY_EC    NID_X9_62_id_ecPublicKey
-#define EVP_PKEY_ECDSA EVP_PKEY_EC
  
  #ifdef __cplusplus
  extern "C" {
  
  #ifdef __cplusplus
  extern "C" {
@@ -310,7 +309,7 @@ struct env_md_st
  
  #ifndef OPENSSL_NO_ECDSA
  #define EVP_PKEY_ECDSA_method   ECDSA_sign,ECDSA_verify, \
  
  #ifndef OPENSSL_NO_ECDSA
  #define EVP_PKEY_ECDSA_method   ECDSA_sign,ECDSA_verify, \
-                                 {EVP_PKEY_ECDSA,0,0,0}
+                                 {EVP_PKEY_EC,0,0,0}
  #else   
  #define EVP_PKEY_ECDSA_method   EVP_PKEY_NULL_method
  #endif
  #else   
  #define EVP_PKEY_ECDSA_method   EVP_PKEY_NULL_method
  #endif
diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c

index 25f920201fa905d676d3d6d5df2f8226af702747..43200a91a8c04594a54242b079f04452b0c4450b 100644 (file)
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -83,7 +83,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
  #ifndef OPENSSL_NO_EC
         EC_KEY *eckey = NULL;
  #endif
  #ifndef OPENSSL_NO_EC
         EC_KEY *eckey = NULL;
  #endif
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
         ASN1_INTEGER *privkey;
         ASN1_TYPE    *t1, *t2, *param = NULL;
         STACK_OF(ASN1_TYPE) *n_stack = NULL;
         ASN1_INTEGER *privkey;
         ASN1_TYPE    *t1, *t2, *param = NULL;
         STACK_OF(ASN1_TYPE) *n_stack = NULL;
@@ -124,7 +124,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
                 EVP_PKEY_assign_RSA (pkey, rsa);
                 break;
  #endif
                 EVP_PKEY_assign_RSA (pkey, rsa);
                 break;
  #endif
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
                 case NID_ecdsa_with_SHA1:
                 case NID_dsa:
                 /* PKCS#8 DSA/ECDSA is weird: you just get a private key integer
                 case NID_ecdsa_with_SHA1:
                 case NID_dsa:
                 /* PKCS#8 DSA/ECDSA is weird: you just get a private key integer
@@ -235,7 +235,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
                 } 
                 else /* nid == NID_ecdsa_with_SHA1 */
                 {
                 } 
                 else /* nid == NID_ecdsa_with_SHA1 */
                 {
-#ifndef OPENSSL_NO_ECDSA
+#ifndef OPENSSL_NO_EC
                         if ((eckey = d2i_ECParameters(NULL, &cp, 
                                 plen)) == NULL)
                         {
                         if ((eckey = d2i_ECParameters(NULL, &cp, 
                                 plen)) == NULL)
                         {
@@ -350,8 +350,8 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
  
                 break;
  #endif
  
                 break;
  #endif
-#ifndef OPENSSL_NO_ECDSA
-               case EVP_PKEY_ECDSA:
+#ifndef OPENSSL_NO_EC
+               case EVP_PKEY_EC:
                 if (!eckey_pkey2pkcs8(p8, pkey))
                 {
                         PKCS8_PRIV_KEY_INFO_free(p8);
                 if (!eckey_pkey2pkcs8(p8, pkey))
                 {
                         PKCS8_PRIV_KEY_INFO_free(p8);
@@ -529,7 +529,7 @@ static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
         q = p;
         if (!i2d_ECParameters(pkey->pkey.eckey, &q))
         {
         q = p;
         if (!i2d_ECParameters(pkey->pkey.eckey, &q))
         {
-               EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ECDSA_LIB);
+               EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
                 OPENSSL_free(p);
                 return 0;
         }
                 OPENSSL_free(p);
                 return 0;
         }
@@ -703,7 +703,7 @@ static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
                                          &p8->pkey->value.octet_string->data,
                                          &p8->pkey->value.octet_string->length)) 
                 {
                                          &p8->pkey->value.octet_string->data,
                                          &p8->pkey->value.octet_string->length)) 
                 {
-                       EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+                       EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
                         return 0;
                 }
                         sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
                         return 0;
                 }
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c

index ac0556b48808bd1e2cf6adfc6d200de48bcdb73a..1056e4bffdf0f395f1312123dbe3114bfaff1131 100644 (file)
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -137,8 +137,8 @@ int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
                 return(ret);
                 }
  #endif
                 return(ret);
                 }
  #endif
-#ifndef OPENSSL_NO_ECDSA
-       if (pkey->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+       if (pkey->type == EVP_PKEY_EC)
                 {
                 int ret = pkey->save_parameters;
  
                 {
                 int ret = pkey->save_parameters;
  
@@ -182,7 +182,7 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
                 }
  #endif
  #ifndef OPENSSL_NO_EC
                 }
  #endif
  #ifndef OPENSSL_NO_EC
-       if (to->type == EVP_PKEY_ECDSA)
+       if (to->type == EVP_PKEY_EC)
                 {
                 if (to->pkey.eckey->group != NULL)
                         EC_GROUP_free(to->pkey.eckey->group);
                 {
                 if (to->pkey.eckey->group != NULL)
                         EC_GROUP_free(to->pkey.eckey->group);
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c

index 8d5f48f73a5c1d29bfb31f290559573bab5405f0..92a55f536aebbbf958178273ad73e43fe3e0c1a7 100644 (file)
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -83,7 +83,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
         else if (strcmp(nm,PEM_STRING_DSA) == 0)
                 ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len);
         else if (strcmp(nm,PEM_STRING_ECPRIVATEKEY) == 0)
         else if (strcmp(nm,PEM_STRING_DSA) == 0)
                 ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len);
         else if (strcmp(nm,PEM_STRING_ECPRIVATEKEY) == 0)
-               ret=d2i_PrivateKey(EVP_PKEY_ECDSA,x,&p,len);
+               ret=d2i_PrivateKey(EVP_PKEY_EC,x,&p,len);
         else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
                 PKCS8_PRIV_KEY_INFO *p8inf;
                 p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
         else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
                 PKCS8_PRIV_KEY_INFO *p8inf;
                 p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c

index f589508fdd008581b62c439c57d64ee671ef9f52..1c0a9c9edf28727233d5b5edff383aa083368d49 100644 (file)
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -629,7 +629,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
                                 ctx_tmp.digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
                                 ctx_tmp.digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
-                       if (si->pkey->type == EVP_PKEY_ECDSA)
+                       if (si->pkey->type == EVP_PKEY_EC)
                                 ctx_tmp.digest=EVP_ecdsa();
  #endif
  
                                 ctx_tmp.digest=EVP_ecdsa();
  #endif
  
@@ -830,7 +830,7 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
         if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
         if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
  #endif
  #ifndef OPENSSL_NO_ECDSA
-       if (pkey->type == EVP_PKEY_ECDSA) mdc_tmp.digest=EVP_ecdsa();
+       if (pkey->type == EVP_PKEY_EC) mdc_tmp.digest=EVP_ecdsa();
  #endif
  
         i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey);
  #endif
  
         i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey);
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c

index b7c18cbf7242b1bf3bfb2a60caa1d3e8c87f4a07..c913c59791678e08c1dbe5d25de0b777826ed1e5 100644 (file)
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -310,7 +310,7 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
         int nid;
         char is_dsa;
  
         int nid;
         char is_dsa;
  
-       if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_ECDSA)
+       if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_EC)
                 is_dsa = 1;
         else
                 is_dsa = 0;
                 is_dsa = 1;
         else
                 is_dsa = 0;
@@ -363,7 +363,7 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
  #endif
                 p7i->digest_enc_alg->parameter = NULL; /* special case for DSA: omit 'parameter'! */
                 }
  #endif
                 p7i->digest_enc_alg->parameter = NULL; /* special case for DSA: omit 'parameter'! */
                 }
-       else if (nid == EVP_PKEY_ECDSA)
+       else if (nid == EVP_PKEY_EC)
                 {
                 p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1);
                 if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
                 {
                 p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1);
                 if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
diff --git a/crypto/x509/x509type.c b/crypto/x509/x509type.c

index 7673c1ba03bf11f754f58b2b5ee25ec6429d0502..8eaf102480ca058ce6413eac6ed71be1fb999e56 100644 (file)
--- a/crypto/x509/x509type.c
+++ b/crypto/x509/x509type.c
@@ -86,8 +86,8 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
         case EVP_PKEY_DSA:
                 ret=EVP_PK_DSA|EVP_PKT_SIGN;
                 break;
         case EVP_PKEY_DSA:
                 ret=EVP_PK_DSA|EVP_PKT_SIGN;
                 break;
-       case EVP_PKEY_ECDSA:
-               ret=EVP_PK_ECDSA|EVP_PKT_SIGN;
+       case EVP_PKEY_EC:
+               ret=EVP_PK_EC|EVP_PKT_SIGN|EVP_PKT_EXCH;
                 break;
         case EVP_PKEY_DH:
                 ret=EVP_PK_DH|EVP_PKT_EXCH;
                 break;
         case EVP_PKEY_DH:
                 ret=EVP_PK_DH|EVP_PKT_EXCH;
@@ -105,8 +105,8 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
         case EVP_PKS_DSA:
                 ret|=EVP_PKS_DSA;
                 break;
         case EVP_PKS_DSA:
                 ret|=EVP_PKS_DSA;
                 break;
-       case EVP_PKS_ECDSA:
-               ret|=EVP_PKS_ECDSA;
+       case EVP_PKS_EC:
+               ret|=EVP_PKS_EC;
                 break;
         default:
                 break;
                 break;
         default:
                 break;
diff --git a/ssl/s3_both.c b/ssl/s3_both.c

index a5588360e53686d43ba28751650e689d8373670b..2e03a70fc79d9a9d8bfd00faa396fdcbd361a189 100644 (file)
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -526,10 +526,7 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
                         }
                 }
  #ifndef OPENSSL_NO_EC
                         }
                 }
  #ifndef OPENSSL_NO_EC
-       /* XXX: Structurally, there is no distinction between 
-        * ECDSA and ECDH public keys (both are ECPoints).
-        * So EVP_PKEY_ECDSA should really be renamed EVP_PKEY_ECC
-        * (or similar). As for ECC certificates, additional
+       /* As for ECC certificates, additional
          * information (e.g. in the optional key usage X509v3 
          * extension) could be used when available to distinguish
          * between ECDH and ECDSA certificates. For now, we do not
          * information (e.g. in the optional key usage X509v3 
          * extension) could be used when available to distinguish
          * between ECDH and ECDSA certificates. For now, we do not
@@ -537,7 +534,7 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
          * of checking for appropriate key usage to the SSL code
          * responsible for sending/processing ECC certificates.
          */
          * of checking for appropriate key usage to the SSL code
          * responsible for sending/processing ECC certificates.
          */
-       else if (i == EVP_PKEY_ECDSA)
+       else if (i == EVP_PKEY_EC)
                 {
                 ret = SSL_PKEY_ECC;
                 }
                 {
                 ret = SSL_PKEY_ECC;
                 }
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c

index 74e1e529f88f014b9bc9757efacfff39d8b63b8d..cb93c5a1ae6d4cabce94963d7f944fd48d6be3eb 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1349,7 +1349,7 @@ static int ssl3_get_key_exchange(SSL *s)
                 else
  #endif
  #ifndef OPENSSL_NO_ECDSA
                 else
  #endif
  #ifndef OPENSSL_NO_ECDSA
-                       if (pkey->type == EVP_PKEY_ECDSA)
+                       if (pkey->type == EVP_PKEY_EC)
                         {
                         /* let's do ECDSA */
                         EVP_VerifyInit_ex(&md_ctx,EVP_ecdsa(), NULL);
                         {
                         /* let's do ECDSA */
                         EVP_VerifyInit_ex(&md_ctx,EVP_ecdsa(), NULL);
@@ -1907,7 +1907,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
                                 srvr_pub_pkey = X509_get_pubkey(s->session-> \
                                     sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
                                 if ((srvr_pub_pkey == NULL) ||
                                 srvr_pub_pkey = X509_get_pubkey(s->session-> \
                                     sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
                                 if ((srvr_pub_pkey == NULL) ||
-                                   (srvr_pub_pkey->type != EVP_PKEY_ECDSA) ||
+                                   (srvr_pub_pkey->type != EVP_PKEY_EC) ||
                                     (srvr_pub_pkey->pkey.eckey == NULL))
                                         {
                                         SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
                                     (srvr_pub_pkey->pkey.eckey == NULL))
                                         {
                                         SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
@@ -2118,7 +2118,7 @@ static int ssl3_send_client_verify(SSL *s)
                 else
  #endif
  #ifndef OPENSSL_NO_ECDSA
                 else
  #endif
  #ifndef OPENSSL_NO_ECDSA
-                       if (pkey->type == EVP_PKEY_ECDSA)
+                       if (pkey->type == EVP_PKEY_EC)
                         {
                         if (!ECDSA_sign(pkey->save_type,
                                 &(data[MD5_DIGEST_LENGTH]),
                         {
                         if (!ECDSA_sign(pkey->save_type,
                                 &(data[MD5_DIGEST_LENGTH]),
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c

index d26790a017cb024bfb47a7a59acf68fe21099744..4b374a9cd6554f31c46001e015fb0232f66125e2 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1446,7 +1446,7 @@ static int ssl3_send_server_key_exchange(SSL *s)
                         else
  #endif
  #if !defined(OPENSSL_NO_ECDSA)
                         else
  #endif
  #if !defined(OPENSSL_NO_ECDSA)
-                               if (pkey->type == EVP_PKEY_ECDSA)
+                               if (pkey->type == EVP_PKEY_EC)
                                 {
                                 /* let's do ECDSA */
                                 EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
                                 {
                                 /* let's do ECDSA */
                                 EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
@@ -2001,7 +2001,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
                                  }
                          if (((clnt_pub_pkey=X509_get_pubkey(s->session->peer))
                             == NULL) || 
                                  }
                          if (((clnt_pub_pkey=X509_get_pubkey(s->session->peer))
                             == NULL) || 
-                           (clnt_pub_pkey->type != EVP_PKEY_ECDSA))
+                           (clnt_pub_pkey->type != EVP_PKEY_EC))
                                 {
                                 /* XXX: For now, we do not support client
                                  * authentication using ECDH certificates
                                 {
                                 /* XXX: For now, we do not support client
                                  * authentication using ECDH certificates
@@ -2228,7 +2228,7 @@ static int ssl3_get_cert_verify(SSL *s)
         else
  #endif
  #ifndef OPENSSL_NO_ECDSA
         else
  #endif
  #ifndef OPENSSL_NO_ECDSA
-               if (pkey->type == EVP_PKEY_ECDSA)
+               if (pkey->type == EVP_PKEY_EC)
                 {
                 j=ECDSA_verify(pkey->save_type,
                         &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
                 {
                 j=ECDSA_verify(pkey->save_type,
                         &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
author	Bodo Möller <bodo@openssl.org>
	Mon, 12 Aug 2002 08:47:41 +0000 (08:47 +0000)
committer	Bodo Möller <bodo@openssl.org>
	Mon, 12 Aug 2002 08:47:41 +0000 (08:47 +0000)
apps/ca.c		patch \| blob \| history
apps/req.c		patch \| blob \| history
apps/speed.c		patch \| blob \| history
apps/x509.c		patch \| blob \| history
crypto/evp/evp.h		patch \| blob \| history
crypto/evp/evp_pkey.c		patch \| blob \| history
crypto/evp/p_lib.c		patch \| blob \| history
crypto/pem/pem_pkey.c		patch \| blob \| history
crypto/pkcs7/pk7_doit.c		patch \| blob \| history
crypto/pkcs7/pk7_lib.c		patch \| blob \| history
crypto/x509/x509type.c		patch \| blob \| history
ssl/s3_both.c		patch \| blob \| history
ssl/s3_clnt.c		patch \| blob \| history
ssl/s3_srvr.c		patch \| blob \| history