New utility 'pkeyutl' a general purpose version of 'rsautl'.

diff --git a/apps/Makefile b/apps/Makefile
index 57be61e04ffb661c87a4e4d07c9a1d321c2a5918..bd243d45f7b260fd93b525e4e5ade77f9633716c 100644 (file)
--- a/apps/Makefile
+++ b/apps/Makefile
@@ -39,7 +39,7 @@ E_EXE=        verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
        ca crl rsa rsautl dsa dsaparam ec ecparam \
        x509 genrsa gendsa s_server s_client speed \
        s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \
        ca crl rsa rsautl dsa dsaparam ec ecparam \
        x509 genrsa gendsa s_server s_client speed \
        s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \

-       pkcs8 pkey pkeyparam spkac smime rand engine ocsp prime ts
+       pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts

 
 PROGS= $(PROGRAM).c
 
 
 PROGS= $(PROGRAM).c
 


@@ -55,7 +55,7 @@ E_OBJ=        verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o er
        rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o \
        x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
        s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
        rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o \
        x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
        s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \

-       ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o \
+       ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o \

        spkac.o smime.o rand.o engine.o ocsp.o prime.o ts.o
 
 E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
        spkac.o smime.o rand.o engine.o ocsp.o prime.o ts.o
 
 E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \


@@ -63,7 +63,7 @@ E_SRC=        verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.
        rsa.c rsautl.c dsa.c dsaparam.c ec.c ecparam.c \
        x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
        s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
        rsa.c rsautl.c dsa.c dsaparam.c ec.c ecparam.c \
        x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
        s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \

-       ciphers.c nseq.c pkcs12.c pkcs8.c pkey.c pkeyparam.c \
+       ciphers.c nseq.c pkcs12.c pkcs8.c pkey.c pkeyparam.c pkeyutl.c \

        spkac.c smime.c rand.c engine.c ocsp.c prime.c ts.c
 
 SRC=$(E_SRC)
        spkac.c smime.c rand.c engine.c ocsp.c prime.c ts.c
 
 SRC=$(E_SRC)

diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
new file mode 100644 (file)
index 0000000..0c61867
--- /dev/null
+++ b/apps/pkeyutl.c
@@ -0,0 +1,399 @@
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include "apps.h"
+#include <string.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/evp.h>
+
+#define KEY_PRIVKEY    1
+#define KEY_PUBKEY     2
+#define KEY_CERT       3
+
+static void usage(void);
+
+#undef PROG
+
+#define PROG pkeyutl_main
+
+static EVP_PKEY_CTX *init_ctx(int *pkeysize,
+                               char *keyfile, int keyform, int key_type,
+                               char *passargin, int pkey_op, char *engine);
+
+int MAIN(int argc, char **);
+
+int MAIN(int argc, char **argv)
+{
+       BIO *in = NULL, *out = NULL;
+       char *infile = NULL, *outfile = NULL;
+       char *engine = NULL;
+       int pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
+       int keyform = FORMAT_PEM;
+       char badarg = 0, rev = 0;
+       char hexdump = 0, asn1parse = 0;
+       EVP_PKEY_CTX *ctx = NULL;
+       char *passargin = NULL;
+       int keysize;
+
+       unsigned char *buf_in = NULL, *buf_out = NULL;
+       int buf_inlen, buf_outlen;
+
+       int ret = 1, rv;
+
+       argc--;
+       argv++;
+
+       if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+       if (!load_config(bio_err, NULL))
+               goto end;
+       ERR_load_crypto_strings();
+       OpenSSL_add_all_algorithms();
+       
+       while(argc >= 1)
+               {
+               if (!strcmp(*argv,"-in"))
+                       {
+                       if (--argc < 1) badarg = 1;
+                        infile= *(++argv);
+                       }
+               else if (!strcmp(*argv,"-out"))
+                       {
+                       if (--argc < 1) badarg = 1;
+                       outfile= *(++argv);
+                       }
+               else if(!strcmp(*argv, "-inkey"))
+                       {
+                       if (--argc < 1)
+                               badarg = 1;
+                       else
+                               {
+                               ctx = init_ctx(&keysize,
+                                               *(++argv), keyform, key_type,
+                                               passargin, pkey_op, engine);
+                               if (!ctx)
+                                       {
+                                       BIO_puts(bio_err,
+                                               "Error initializing context\n");
+                                       ERR_print_errors(bio_err);
+                                       badarg = 1;
+                                       }
+                               }
+                       }
+               else if (!strcmp(*argv,"-passin"))
+                       {
+                       if (--argc < 1) badarg = 1;
+                       passargin= *(++argv);
+                       }
+               else if (strcmp(*argv,"-keyform") == 0)
+                       {
+                       if (--argc < 1) badarg = 1;
+                       keyform=str2fmt(*(++argv));
+                       }
+#ifndef OPENSSL_NO_ENGINE
+               else if(!strcmp(*argv, "-engine"))
+                       {
+                       if (--argc < 1) badarg = 1;
+                       engine = *(++argv);
+                       }
+#endif
+               else if(!strcmp(*argv, "-pubin"))
+                       key_type = KEY_PUBKEY;
+               else if(!strcmp(*argv, "-certin"))
+                       key_type = KEY_CERT;
+               else if(!strcmp(*argv, "-asn1parse"))
+                       asn1parse = 1;
+               else if(!strcmp(*argv, "-hexdump"))
+                       hexdump = 1;
+               else if(!strcmp(*argv, "-sign"))
+                       pkey_op = EVP_PKEY_OP_SIGN;
+               else if(!strcmp(*argv, "-verify"))
+                       pkey_op = EVP_PKEY_OP_VERIFY;
+               else if(!strcmp(*argv, "-rev"))
+                       rev = 1;
+               else if(!strcmp(*argv, "-encrypt"))
+                       pkey_op = EVP_PKEY_OP_ENCRYPT;
+               else if(!strcmp(*argv, "-decrypt"))
+                       pkey_op = EVP_PKEY_OP_DECRYPT;
+               else badarg = 1;
+               if(badarg)
+                       {
+                       usage();
+                       goto end;
+                       }
+               argc--;
+               argv++;
+               }
+
+       if (!ctx)
+               {
+               usage();
+               goto end;
+               }
+
+/* FIXME: seed PRNG only if needed */
+       app_RAND_load_file(NULL, bio_err, 0);
+
+       if(infile) {
+               if(!(in = BIO_new_file(infile, "rb"))) {
+                       BIO_printf(bio_err, "Error Reading Input File\n");
+                       ERR_print_errors(bio_err);      
+                       goto end;
+               }
+       } else in = BIO_new_fp(stdin, BIO_NOCLOSE);
+
+       if(outfile) {
+               if(!(out = BIO_new_file(outfile, "wb"))) {
+                       BIO_printf(bio_err, "Error Reading Output File\n");
+                       ERR_print_errors(bio_err);      
+                       goto end;
+               }
+       } else {
+               out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+               {
+                   BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+                   out = BIO_push(tmpbio, out);
+               }
+#endif
+       }
+
+       buf_in = OPENSSL_malloc(keysize * 2);
+       buf_out = OPENSSL_malloc(keysize);
+
+       /* Read the input data */
+       buf_inlen = BIO_read(in, buf_in, keysize * 2);
+       if(buf_inlen <= 0) {
+               BIO_printf(bio_err, "Error reading input Data\n");
+               exit(1);
+       }
+       if(rev) {
+               int i;
+               unsigned char ctmp;
+               for(i = 0; i < buf_inlen/2; i++) {
+                       ctmp = buf_in[i];
+                       buf_in[i] = buf_in[buf_inlen - 1 - i];
+                       buf_in[buf_inlen - 1 - i] = ctmp;
+               }
+       }
+       switch(pkey_op)
+               {
+               case EVP_PKEY_OP_VERIFYRECOVER:
+               rv  = EVP_PKEY_verify_recover(ctx, buf_out, &buf_outlen,
+                                                       buf_in, buf_inlen);
+               break;
+
+               case EVP_PKEY_OP_SIGN:
+               rv  = EVP_PKEY_sign(ctx, buf_out, &buf_outlen,
+                                                       buf_in, buf_inlen);
+               break;
+
+               case EVP_PKEY_OP_ENCRYPT:
+               rv  = EVP_PKEY_encrypt(ctx, buf_out, &buf_outlen,
+                                                       buf_in, buf_inlen);
+               break;
+
+               case EVP_PKEY_OP_DECRYPT:
+               rv  = EVP_PKEY_decrypt(ctx, buf_out, &buf_outlen,
+                                                       buf_in, buf_inlen);
+               break;
+
+               }
+
+       if(rv <= 0) {
+               BIO_printf(bio_err, "Public Key operation error\n");
+               ERR_print_errors(bio_err);
+               goto end;
+       }
+       ret = 0;
+       if(asn1parse) {
+               if(!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1)) {
+                       ERR_print_errors(bio_err);
+               }
+       } else if(hexdump) BIO_dump(out, (char *)buf_out, buf_outlen);
+       else BIO_write(out, buf_out, buf_outlen);
+
+       end:
+       if (ctx)
+               EVP_PKEY_CTX_free(ctx);
+       BIO_free(in);
+       BIO_free_all(out);
+       if(buf_in) OPENSSL_free(buf_in);
+       if(buf_out) OPENSSL_free(buf_out);
+       return ret;
+}
+
+static void usage()
+{
+       BIO_printf(bio_err, "Usage: pkeyutl [options]\n");
+       BIO_printf(bio_err, "-in file        input file\n");
+       BIO_printf(bio_err, "-out file       output file\n");
+       BIO_printf(bio_err, "-inkey file     input key\n");
+       BIO_printf(bio_err, "-keyform arg    private key format - default PEM\n");
+       BIO_printf(bio_err, "-pubin          input is an RSA public\n");
+       BIO_printf(bio_err, "-certin         input is a certificate carrying an RSA public key\n");
+       BIO_printf(bio_err, "-ctrl X:Y       control parameters\n");
+       BIO_printf(bio_err, "-sign           sign with private key\n");
+       BIO_printf(bio_err, "-verify         verify with public key\n");
+       BIO_printf(bio_err, "-encrypt        encrypt with public key\n");
+       BIO_printf(bio_err, "-decrypt        decrypt with private key\n");
+       BIO_printf(bio_err, "-hexdump        hex dump output\n");
+#ifndef OPENSSL_NO_ENGINE
+       BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
+       BIO_printf(bio_err, "-passin arg     pass phrase source\n");
+#endif
+
+}
+
+static EVP_PKEY_CTX *init_ctx(int *pkeysize,
+                               char *keyfile, int keyform, int key_type,
+                               char *passargin, int pkey_op, char *engine)
+       {
+       ENGINE *e = NULL;
+       EVP_PKEY *pkey = NULL;
+       EVP_PKEY_CTX *ctx = NULL;
+       char *passin = NULL;
+       int rv;
+       X509 *x;
+       if(((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT))
+               && (key_type != KEY_PRIVKEY))
+               {
+               BIO_printf(bio_err, "A private key is needed for this operation\n");
+               goto end;
+               }
+       if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
+               {
+               BIO_printf(bio_err, "Error getting password\n");
+               goto end;
+               }
+       switch(key_type)
+               {
+               case KEY_PRIVKEY:
+               pkey = load_key(bio_err, keyfile, keyform, 0,
+                       passin, e, "Private Key");
+               break;
+
+               case KEY_PUBKEY:
+               pkey = load_pubkey(bio_err, keyfile, keyform, 0,
+                       NULL, e, "Public Key");
+               break;
+
+               case KEY_CERT:
+               x = load_cert(bio_err, keyfile, keyform,
+                       NULL, e, "Certificate");
+               if(x)
+                       {
+                       pkey = X509_get_pubkey(x);
+                       X509_free(x);
+                       }
+               break;
+
+               }
+
+       *pkeysize = EVP_PKEY_size(pkey);
+
+       if (!pkey)
+               goto end;
+
+       ctx = EVP_PKEY_CTX_new(pkey);
+
+       EVP_PKEY_free(pkey);
+
+       if (!ctx)
+               goto end;
+
+       switch(pkey_op)
+               {
+               case EVP_PKEY_OP_SIGN:
+               rv = EVP_PKEY_sign_init(ctx);
+               break;
+
+               case EVP_PKEY_OP_VERIFY:
+               rv = EVP_PKEY_verify_init(ctx);
+               break;
+
+               case EVP_PKEY_OP_VERIFYRECOVER:
+               rv = EVP_PKEY_verify_recover_init(ctx);
+               break;
+
+               case EVP_PKEY_OP_ENCRYPT:
+               rv = EVP_PKEY_encrypt_init(ctx);
+               break;
+
+               case EVP_PKEY_OP_DECRYPT:
+               rv = EVP_PKEY_decrypt_init(ctx);
+               break;
+               }
+
+       if (rv <= 0)
+               {
+               EVP_PKEY_CTX_free(ctx);
+               ctx = NULL;
+               }
+
+       end:
+
+       if (passin)
+               OPENSSL_free(passin);
+
+       return ctx;
+
+
+       }
+

diff --git a/apps/progs.h b/apps/progs.h
index ec5b9af2b436ccf507acf825c503eb6eff98f52b..d5b5995c3fd9bd5d4979abdc9fa326a748e14952 100644 (file)
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -36,6 +36,7 @@ extern int pkcs12_main(int argc,char *argv[]);
 extern int pkcs8_main(int argc,char *argv[]);
 extern int pkey_main(int argc,char *argv[]);
 extern int pkeyparam_main(int argc,char *argv[]);
 extern int pkcs8_main(int argc,char *argv[]);
 extern int pkey_main(int argc,char *argv[]);
 extern int pkeyparam_main(int argc,char *argv[]);

+extern int pkeyutl_main(int argc,char *argv[]);

 extern int spkac_main(int argc,char *argv[]);
 extern int smime_main(int argc,char *argv[]);
 extern int rand_main(int argc,char *argv[]);
 extern int spkac_main(int argc,char *argv[]);
 extern int smime_main(int argc,char *argv[]);
 extern int rand_main(int argc,char *argv[]);


@@ -125,6 +126,7 @@ FUNCTION functions[] = {
        {FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
        {FUNC_TYPE_GENERAL,"pkey",pkey_main},
        {FUNC_TYPE_GENERAL,"pkeyparam",pkeyparam_main},
        {FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
        {FUNC_TYPE_GENERAL,"pkey",pkey_main},
        {FUNC_TYPE_GENERAL,"pkeyparam",pkeyparam_main},

+       {FUNC_TYPE_GENERAL,"pkeyutl",pkeyutl_main},

        {FUNC_TYPE_GENERAL,"spkac",spkac_main},
        {FUNC_TYPE_GENERAL,"smime",smime_main},
        {FUNC_TYPE_GENERAL,"rand",rand_main},
        {FUNC_TYPE_GENERAL,"spkac",spkac_main},
        {FUNC_TYPE_GENERAL,"smime",smime_main},
        {FUNC_TYPE_GENERAL,"rand",rand_main},

diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c
index 60d159477cb6ad3c4bcc5de2693fd7a708756602..14b5aa335bd1589da23167f30b9034d5a1e1ead8 100644 (file)
--- a/crypto/asn1/ameth_lib.c
+++ b/crypto/asn1/ameth_lib.c
@@ -68,7 +68,7 @@ extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
 extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
 
 /* Keep this sorted in type order !! */
 extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
 
 /* Keep this sorted in type order !! */

-const EVP_PKEY_ASN1_METHOD *standard_methods[] = 
+static const EVP_PKEY_ASN1_METHOD *standard_methods[] = 

        {
 #ifndef OPENSSL_NO_RSA
        &rsa_asn1_meths[0],
        {
 #ifndef OPENSSL_NO_RSA
        &rsa_asn1_meths[0],

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index d16e042c785e20e75f57b8dc9817534d34fe4e91..d863c737b5bdca89102e8aa16760f1668fe3aaa7 100644 (file)
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -903,7 +903,16 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
                                                        long arg1, void *arg2));
 
 
                                                        long arg1, void *arg2));
 
 

-
+#define EVP_PKEY_OP_UNDEFINED          0
+#define EVP_PKEY_OP_PARAMGEN           1
+#define EVP_PKEY_OP_KEYGEN             2
+#define EVP_PKEY_OP_SIGN               3
+#define EVP_PKEY_OP_VERIFY             4
+#define EVP_PKEY_OP_VERIFYRECOVER      5
+#define EVP_PKEY_OP_SIGNCTX            6
+#define EVP_PKEY_OP_VERIFYCTX          7
+#define EVP_PKEY_OP_ENCRYPT            8
+#define EVP_PKEY_OP_DECRYPT            9

 
 const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type, ENGINE *e);
 EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey);
 
 const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type, ENGINE *e);
 EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey);


@@ -912,6 +921,27 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
                                int cmd, int p1, void *p2);
 
 
                                int cmd, int p1, void *p2);
 
 

+int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+                       unsigned char *sig, int *siglen,
+                       unsigned char *tbs, int tbslen);
+int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+                       unsigned char *sig, int *siglen,
+                       unsigned char *tbs, int tbslen);
+int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+                       unsigned char *rout, int *routlen,
+                       unsigned char *sig, int siglen);
+int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+                       unsigned char *out, int *outlen,
+                       unsigned char *in, int inlen);
+int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+                       unsigned char *out, int *outlen,
+                       unsigned char *in, int inlen);
+

 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.

diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index c3c34b5f149db1ea5799699fc08b7754c92e85aa..702331a4a9f71b94ba322cdfa46d49284dcc6783 100644 (file)
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -91,22 +91,22 @@ static ERR_STRING_DATA EVP_str_functs[]=
 {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN),        "EVP_PKEY2PKCS8_broken"},
 {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS),     "EVP_PKEY_copy_parameters"},
 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL),    "EVP_PKEY_CTX_ctrl"},
 {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN),        "EVP_PKEY2PKCS8_broken"},
 {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS),     "EVP_PKEY_copy_parameters"},
 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL),    "EVP_PKEY_CTX_ctrl"},

-{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT),     "EVP_PKEY_DECRYPT"},
-{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT),        "EVP_PKEY_DECRYPT_INIT"},
-{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT),     "EVP_PKEY_ENCRYPT"},
-{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT),        "EVP_PKEY_ENCRYPT_INIT"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT),     "EVP_PKEY_decrypt"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT),        "EVP_PKEY_decrypt_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT),     "EVP_PKEY_encrypt"},
+{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT),        "EVP_PKEY_encrypt_init"},

 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH),     "EVP_PKEY_get1_DH"},
 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA),    "EVP_PKEY_get1_DSA"},
 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA),  "EVP_PKEY_GET1_ECDSA"},
 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA),    "EVP_PKEY_get1_RSA"},
 {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH),     "EVP_PKEY_get1_DH"},
 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA),    "EVP_PKEY_get1_DSA"},
 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA),  "EVP_PKEY_GET1_ECDSA"},
 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA),    "EVP_PKEY_get1_RSA"},
 {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},

-{ERR_FUNC(EVP_F_EVP_PKEY_SIGN),        "EVP_PKEY_SIGN"},
-{ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT),   "EVP_PKEY_SIGN_INIT"},
-{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY),      "EVP_PKEY_VERIFY"},
-{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_VERIFY_INIT"},
-{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER),      "EVP_PKEY_VERIFY_RECOVER"},
-{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_VERIFY_RECOVER_INIT"},
+{ERR_FUNC(EVP_F_EVP_PKEY_SIGN),        "EVP_PKEY_sign"},
+{ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT),   "EVP_PKEY_sign_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY),      "EVP_PKEY_verify"},
+{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER),      "EVP_PKEY_verify_recover"},
+{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"},

 {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
 {ERR_FUNC(EVP_F_EVP_SIGNFINAL),        "EVP_SignFinal"},
 {ERR_FUNC(EVP_F_EVP_VERIFYFINAL),      "EVP_VerifyFinal"},
 {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
 {ERR_FUNC(EVP_F_EVP_SIGNFINAL),        "EVP_SignFinal"},
 {ERR_FUNC(EVP_F_EVP_VERIFYFINAL),      "EVP_VerifyFinal"},

diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h
index 26000ac08b4f8f3b749bfcbd9cba116f4fbb0182..39930b96694e5a0396625dc11bf7fa06bba943e3 100644 (file)
--- a/crypto/evp/evp_locl.h
+++ b/crypto/evp/evp_locl.h
@@ -248,17 +248,6 @@ struct evp_pkey_ctx_st
        void *data;
        } /* EVP_PKEY_CTX */;
 
        void *data;
        } /* EVP_PKEY_CTX */;
 

-#define EVP_PKEY_OP_UNDEFINED          0
-#define EVP_PKEY_OP_PARAMGEN           1
-#define EVP_PKEY_OP_KEYGEN             2
-#define EVP_PKEY_OP_SIGN               3
-#define EVP_PKEY_OP_VERIFY             4
-#define EVP_PKEY_OP_VERIFYRECOVER      5
-#define EVP_PKEY_OP_SIGNCTX            6
-#define EVP_PKEY_OP_VERIFYCTX          7
-#define EVP_PKEY_OP_ENCRYPT            8
-#define EVP_PKEY_OP_DECRYPT            9
-

 struct evp_pkey_method_st
        {
        int pkey_id;
 struct evp_pkey_method_st
        {
        int pkey_id;

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 0c0aa9ba53278b0bc325bdfb964fcda458bd2e7d..9ca351a53e9d37560ef0de13a34a8de5abd0e0cc 100644 (file)
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -68,7 +68,7 @@ STACK *app_pkey_methods = NULL;
 
 extern EVP_PKEY_METHOD rsa_pkey_meth;
 
 
 extern EVP_PKEY_METHOD rsa_pkey_meth;
 

-const EVP_PKEY_METHOD *standard_methods[] =
+static const EVP_PKEY_METHOD *standard_methods[] =

        {
        &rsa_pkey_meth
        };
        {
        &rsa_pkey_meth
        };

diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c
index d3352080e16ff6356e6b0cd4002a3de8e98f1af0..0de5264aa10c872a45db43985368bb0330b44035 100644 (file)
--- a/crypto/pem/pem_err.c
+++ b/crypto/pem/pem_err.c
@@ -98,7 +98,7 @@ static ERR_STRING_DATA PEM_str_functs[]=
 {ERR_FUNC(PEM_F_PEM_PK8PKEY),  "PEM_PK8PKEY"},
 {ERR_FUNC(PEM_F_PEM_READ),     "PEM_read"},
 {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
 {ERR_FUNC(PEM_F_PEM_PK8PKEY),  "PEM_PK8PKEY"},
 {ERR_FUNC(PEM_F_PEM_READ),     "PEM_read"},
 {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},

-{ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS),      "PEM_READ_BIO_PARAMETERS"},
+{ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS),      "PEM_read_bio_Parameters"},

 {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY),      "PEM_READ_BIO_PRIVATEKEY"},
 {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY),  "PEM_READ_PRIVATEKEY"},
 {ERR_FUNC(PEM_F_PEM_SEALFINAL),        "PEM_SealFinal"},
 {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY),      "PEM_READ_BIO_PRIVATEKEY"},
 {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY),  "PEM_READ_PRIVATEKEY"},
 {ERR_FUNC(PEM_F_PEM_SEALFINAL),        "PEM_SealFinal"},