if (a == NULL || b == NULL)
return 0;
- if (a->keymgmt != NULL || b->keymgmt != NULL)
- return evp_pkey_cmp_any(a, b, (SELECT_PARAMETERS
- | OSSL_KEYMGMT_SELECT_KEYPAIR));
+ if (a->keymgmt != NULL || b->keymgmt != NULL) {
+ int selection = SELECT_PARAMETERS;
+
+ if (evp_keymgmt_util_has((EVP_PKEY *)a, OSSL_KEYMGMT_SELECT_PUBLIC_KEY)
+ && evp_keymgmt_util_has((EVP_PKEY *)b, OSSL_KEYMGMT_SELECT_PUBLIC_KEY))
+ selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
+ else
+ selection |= OSSL_KEYMGMT_SELECT_KEYPAIR;
+ return evp_pkey_cmp_any(a, b, selection);
+ }
/* All legacy keys */
if (a->type != b->type)
pkey = EVP_PKEY_new();
if (pkey == NULL) {
- ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
goto err;
}
if (!pkey_set_type(pkey, e, nidtype, strtype, -1, NULL)) {
- /* EVPerr already called */
+ /* ERR_raise(ERR_LIB_EVP, ...) already called */
goto err;
}
int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name)
{
- if (pkey->keymgmt == NULL) {
- int type = evp_pkey_name2type(name);
-
- return pkey->type == type;
- }
+ if (pkey == NULL)
+ return 0;
+ if (pkey->keymgmt == NULL)
+ return pkey->type == evp_pkey_name2type(name);
return EVP_KEYMGMT_is_a(pkey->keymgmt, name);
}
if (pkey != NULL && evp_pkey_is_provided(pkey)) {
size_t return_size = OSSL_PARAM_UNMODIFIED;
+ unsigned char *buf;
/*
* We know that this is going to fail, but it will give us a size
if (return_size == OSSL_PARAM_UNMODIFIED)
return 0;
- *ppub = OPENSSL_malloc(return_size);
- if (*ppub == NULL)
+ *ppub = NULL;
+ buf = OPENSSL_malloc(return_size);
+ if (buf == NULL)
return 0;
if (!EVP_PKEY_get_octet_string_param(pkey,
OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY,
- *ppub, return_size, NULL))
+ buf, return_size, NULL)) {
+ OPENSSL_free(buf);
return 0;
+ }
+ *ppub = buf;
return return_size;
}
{
EVP_PKEY *ret = OPENSSL_zalloc(sizeof(*ret));
- if (ret == NULL) {
- ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
+ if (ret == NULL)
return NULL;
- }
ret->type = EVP_PKEY_NONE;
ret->save_type = EVP_PKEY_NONE;
ret->lock = CRYPTO_THREAD_lock_new();
if (ret->lock == NULL) {
- EVPerr(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB);
goto err;
}
#ifndef FIPS_MODULE
ret->save_parameters = 1;
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, ret, &ret->ex_data)) {
- ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB);
goto err;
}
#endif
{
EVP_KEYMGMT *allocated_keymgmt = NULL;
EVP_KEYMGMT *tmp_keymgmt = NULL;
+ int selection = OSSL_KEYMGMT_SELECT_ALL;
void *keydata = NULL;
int check;
if (pk->ameth->dirty_cnt(pk) == pk->dirty_cnt_copy) {
if (!CRYPTO_THREAD_read_lock(pk->lock))
goto end;
- op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt);
+ op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt,
+ selection);
/*
* If |tmp_keymgmt| is present in the operation cache, it means
EVP_KEYMGMT_free(tmp_keymgmt); /* refcnt-- */
/* Check to make sure some other thread didn't get there first */
- op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt);
+ op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt, selection);
if (op != NULL && op->keymgmt != NULL) {
void *tmp_keydata = op->keydata;
}
/* Add the new export to the operation cache */
- if (!evp_keymgmt_util_cache_keydata(pk, tmp_keymgmt, keydata)) {
+ if (!evp_keymgmt_util_cache_keydata(pk, tmp_keymgmt, keydata,
+ selection)) {
CRYPTO_THREAD_unlock(pk->lock);
evp_keymgmt_freedata(tmp_keymgmt, keydata);
keydata = NULL;
}
#endif /* FIPS_MODULE */
- keydata = evp_keymgmt_util_export_to_provider(pk, tmp_keymgmt);
+ keydata = evp_keymgmt_util_export_to_provider(pk, tmp_keymgmt, selection);
end:
/*
if (*dest == NULL) {
allocpkey = *dest = EVP_PKEY_new();
if (*dest == NULL) {
- ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
return 0;
}
} else {
EVP_PKEY_CTX_new_from_pkey(libctx, *dest, NULL);
if (pctx == NULL)
- ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
if (pctx != NULL
&& evp_keymgmt_export(keymgmt, keydata,