We've had explicit checks for when to fall back to legacy code for
operations that use an EVP_PKEY. Unfortunately, the checks were
radically different in different spots, so we refactor that into a
macro that gets used everywhere.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13043)
*/
ERR_set_mark();
- if (ctx->engine != NULL || ctx->keytype == NULL)
+ if (evp_pkey_ctx_is_legacy(ctx))
goto legacy;
/*
*/
ERR_set_mark();
- if (ctx->keymgmt == NULL)
+ if (evp_pkey_ctx_is_legacy(ctx))
goto legacy;
/*
*/
ERR_set_mark();
- if (locpctx->engine != NULL || locpctx->keytype == NULL)
+ if (evp_pkey_ctx_is_legacy(locpctx))
goto legacy;
/*
*/
ERR_set_mark();
- if (ctx->keymgmt == NULL)
+ if (evp_pkey_ctx_is_legacy(ctx))
goto legacy;
/*
*/
#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
+/*
+ * An EVP_PKEY can have the following support states:
+ *
+ * Supports legacy implementations only:
+ *
+ * engine != NULL || keytype == NULL
+ *
+ * Supports provided implementations:
+ *
+ * engine == NULL && keytype != NULL
+ */
+#define evp_pkey_ctx_is_legacy(ctx) \
+ ((ctx)->engine != NULL || (ctx)->keytype == NULL)
+#define evp_pkey_ctx_is_provided(ctx) \
+ (!evp_pkey_ctx_is_legacy(ctx))
+
struct evp_pkey_ctx_st {
/* Actual operation */
int operation;