summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
60653e5)
With provided algorithms, the library context is ever present, so of
course it should be specified alongside the algorithm name and
property query string.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10308)
-static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e,
+static EVP_PKEY_CTX *int_ctx_new(OPENSSL_CTX *libctx,
+ EVP_PKEY *pkey, ENGINE *e,
const char *name, const char *propquery,
int id)
{
const char *name, const char *propquery,
int id)
{
if (e == NULL)
name = OBJ_nid2sn(id);
propquery = NULL;
if (e == NULL)
name = OBJ_nid2sn(id);
propquery = NULL;
+ /*
+ * We were called using legacy data, or an EVP_PKEY, but an EVP_PKEY
+ * isn't tied to a specific library context, so we fall back to the
+ * default library context.
+ * TODO(v3.0): an EVP_PKEY that doesn't originate from a leagacy key
+ * structure only has the pkeys[] cache, where the first element is
+ * considered the "origin". Investigate if that could be a suitable
+ * way to find a library context.
+ */
+ libctx = NULL;
#ifndef OPENSSL_NO_ENGINE
if (e == NULL && pkey != NULL)
#ifndef OPENSSL_NO_ENGINE
if (e == NULL && pkey != NULL)
EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
ret->algorithm = name;
ret->propquery = propquery;
ret->engine = e;
ret->algorithm = name;
ret->propquery = propquery;
ret->engine = e;
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
{
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
{
- return int_ctx_new(pkey, e, NULL, NULL, -1);
+ return int_ctx_new(NULL, pkey, e, NULL, NULL, -1);
}
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
{
}
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
{
- return int_ctx_new(NULL, e, NULL, NULL, id);
+ return int_ctx_new(NULL, NULL, e, NULL, NULL, id);
-EVP_PKEY_CTX *EVP_PKEY_CTX_new_provided(const char *name,
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_provided(OPENSSL_CTX *libctx,
+ const char *name,
- return int_ctx_new(NULL, NULL, name, propquery, -1);
+ return int_ctx_new(libctx, NULL, NULL, name, propquery, -1);
}
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
}
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
EVP_PKEY_up_ref(pctx->pkey);
rctx->pkey = pctx->pkey;
rctx->operation = pctx->operation;
EVP_PKEY_up_ref(pctx->pkey);
rctx->pkey = pctx->pkey;
rctx->operation = pctx->operation;
+ rctx->libctx = pctx->libctx;
rctx->algorithm = pctx->algorithm;
rctx->propquery = pctx->propquery;
rctx->algorithm = pctx->algorithm;
rctx->propquery = pctx->propquery;
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
- EVP_PKEY_CTX *EVP_PKEY_CTX_new_provided(const char *name,
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new_provided(OPENSSL_CTX *libctx,
+ const char *name,
const char *propquery);
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
const char *propquery);
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
The EVP_PKEY_CTX_new_id() function allocates public key algorithm context
using the algorithm specified by I<id> and ENGINE I<e>.
The EVP_PKEY_CTX_new_id() function allocates public key algorithm context
using the algorithm specified by I<id> and ENGINE I<e>.
-The EVP_PKEY_CTX_new_provided() function allocates a public key
-algorithm context using the algorithm specified by I<name> and the
-property query I<propquery>. The strings aren't duplicated, so they
-must remain unchanged for the lifetime of the returned B<EVP_PKEY_CTX>
-or of any of its duplicates.
+The EVP_PKEY_CTX_new_provided() function allocates a public key algorithm
+context using the library context I<libctx> (see L<OPENSSL_CTX(3)>), the
+algorithm specified by I<name> and the property query I<propquery>. None
+of the arguments are duplicated, so they must remain unchanged for the
+lifetime of the returned B<EVP_PKEY_CTX> or of any of its duplicates.
EVP_PKEY_CTX_new_id() and EVP_PKEY_CTX_new_provided() are normally
used when no B<EVP_PKEY> structure is associated with the operations,
EVP_PKEY_CTX_new_id() and EVP_PKEY_CTX_new_provided() are normally
used when no B<EVP_PKEY> structure is associated with the operations,
/* Actual operation */
int operation;
/* Actual operation */
int operation;
- /* Algorithm name and properties associated with this context */
+ /*
+ * Library context, Algorithm name and properties associated
+ * with this context
+ */
+ OPENSSL_CTX *libctx;
const char *algorithm;
const char *propquery;
const char *algorithm;
const char *propquery;
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
-EVP_PKEY_CTX *EVP_PKEY_CTX_new_provided(const char *name,
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_provided(OPENSSL_CTX *libctx,
+ const char *name,
const char *propquery);
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
const char *propquery);
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);