get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)
Submitted by: Nils Larsch
This commit is contained in:
Bodo Möller
parent
8e28c67155
commit
5488bb6197
@ -1515,7 +1515,7 @@ bad:
|
|||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
if (pkey->type == EVP_PKEY_ECDSA)
|
if (pkey->type == EVP_PKEY_EC)
|
||||||
dgst=EVP_ecdsa();
|
dgst=EVP_ecdsa();
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
@ -2293,7 +2293,7 @@ again2:
|
|||||||
EVP_PKEY_free(pktmp);
|
EVP_PKEY_free(pktmp);
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
if (pkey->type == EVP_PKEY_ECDSA)
|
if (pkey->type == EVP_PKEY_EC)
|
||||||
dgst = EVP_ecdsa();
|
dgst = EVP_ecdsa();
|
||||||
pktmp = X509_get_pubkey(ret);
|
pktmp = X509_get_pubkey(ret);
|
||||||
if (EVP_PKEY_missing_parameters(pktmp) &&
|
if (EVP_PKEY_missing_parameters(pktmp) &&
|
||||||
|
|||||||
@ -682,7 +682,8 @@ bad:
|
|||||||
message */
|
message */
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA || EVP_PKEY_type(pkey->type) == EVP_PKEY_ECDSA)
|
if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA ||
|
||||||
|
EVP_PKEY_type(pkey->type) == EVP_PKEY_EC)
|
||||||
{
|
{
|
||||||
char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
|
char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
|
||||||
if (randfile == NULL)
|
if (randfile == NULL)
|
||||||
@ -852,7 +853,7 @@ loop:
|
|||||||
digest=EVP_dss1();
|
digest=EVP_dss1();
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
if (pkey->type == EVP_PKEY_ECDSA)
|
if (pkey->type == EVP_PKEY_EC)
|
||||||
digest=EVP_ecdsa();
|
digest=EVP_ecdsa();
|
||||||
#endif
|
#endif
|
||||||
if (req == NULL)
|
if (req == NULL)
|
||||||
|
|||||||
12
apps/speed.c
12
apps/speed.c
@ -1937,7 +1937,7 @@ int MAIN(int argc, char **argv)
|
|||||||
{
|
{
|
||||||
/* Perform ECDSA signature test */
|
/* Perform ECDSA signature test */
|
||||||
EC_KEY_generate_key(ecdsa[j]);
|
EC_KEY_generate_key(ecdsa[j]);
|
||||||
ret = ECDSA_sign(EVP_PKEY_ECDSA, buf, 20, ecdsasig,
|
ret = ECDSA_sign(0, buf, 20, ecdsasig,
|
||||||
&ecdsasiglen, ecdsa[j]);
|
&ecdsasiglen, ecdsa[j]);
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
{
|
{
|
||||||
@ -1953,9 +1953,12 @@ int MAIN(int argc, char **argv)
|
|||||||
ECDSA_SECONDS);
|
ECDSA_SECONDS);
|
||||||
|
|
||||||
Time_F(START);
|
Time_F(START);
|
||||||
for (count=0,run=1; COND(ecdsa_c[j][0]); count++)
|
for (count=0,run=1; COND(ecdsa_c[j][0]);
|
||||||
|
count++)
|
||||||
{
|
{
|
||||||
ret=ECDSA_sign(EVP_PKEY_ECDSA, buf, 20, ecdsasig, &ecdsasiglen, ecdsa[j]);
|
ret=ECDSA_sign(0, buf, 20,
|
||||||
|
ecdsasig, &ecdsasiglen,
|
||||||
|
ecdsa[j]);
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
{
|
{
|
||||||
BIO_printf(bio_err, "ECDSA sign failure\n");
|
BIO_printf(bio_err, "ECDSA sign failure\n");
|
||||||
@ -1974,7 +1977,8 @@ int MAIN(int argc, char **argv)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Perform ECDSA verification test */
|
/* Perform ECDSA verification test */
|
||||||
ret=ECDSA_verify(EVP_PKEY_ECDSA, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
|
ret=ECDSA_verify(0, buf, 20, ecdsasig,
|
||||||
|
ecdsasiglen, ecdsa[j]);
|
||||||
if (ret != 1)
|
if (ret != 1)
|
||||||
{
|
{
|
||||||
BIO_printf(bio_err,"ECDSA verify failure. No ECDSA verify will be done.\n");
|
BIO_printf(bio_err,"ECDSA verify failure. No ECDSA verify will be done.\n");
|
||||||
|
|||||||
@ -870,7 +870,7 @@ bad:
|
|||||||
digest=EVP_dss1();
|
digest=EVP_dss1();
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
if (Upkey->type == EVP_PKEY_ECDSA)
|
if (Upkey->type == EVP_PKEY_EC)
|
||||||
digest=EVP_ecdsa();
|
digest=EVP_ecdsa();
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -894,7 +894,7 @@ bad:
|
|||||||
digest=EVP_dss1();
|
digest=EVP_dss1();
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
if (CApkey->type == EVP_PKEY_ECDSA)
|
if (CApkey->type == EVP_PKEY_EC)
|
||||||
digest = EVP_ecdsa();
|
digest = EVP_ecdsa();
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -929,7 +929,7 @@ bad:
|
|||||||
digest=EVP_dss1();
|
digest=EVP_dss1();
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
if (pk->type == EVP_PKEY_ECDSA)
|
if (pk->type == EVP_PKEY_EC)
|
||||||
digest=EVP_ecdsa();
|
digest=EVP_ecdsa();
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|||||||
@ -150,13 +150,13 @@
|
|||||||
#define EVP_PK_RSA 0x0001
|
#define EVP_PK_RSA 0x0001
|
||||||
#define EVP_PK_DSA 0x0002
|
#define EVP_PK_DSA 0x0002
|
||||||
#define EVP_PK_DH 0x0004
|
#define EVP_PK_DH 0x0004
|
||||||
#define EVP_PK_ECDSA 0x0008
|
#define EVP_PK_EC 0x0008
|
||||||
#define EVP_PKT_SIGN 0x0010
|
#define EVP_PKT_SIGN 0x0010
|
||||||
#define EVP_PKT_ENC 0x0020
|
#define EVP_PKT_ENC 0x0020
|
||||||
#define EVP_PKT_EXCH 0x0040
|
#define EVP_PKT_EXCH 0x0040
|
||||||
#define EVP_PKS_RSA 0x0100
|
#define EVP_PKS_RSA 0x0100
|
||||||
#define EVP_PKS_DSA 0x0200
|
#define EVP_PKS_DSA 0x0200
|
||||||
#define EVP_PKS_ECDSA 0x0400
|
#define EVP_PKS_EC 0x0400
|
||||||
#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
|
#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
|
||||||
|
|
||||||
#define EVP_PKEY_NONE NID_undef
|
#define EVP_PKEY_NONE NID_undef
|
||||||
@ -169,7 +169,6 @@
|
|||||||
#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
|
#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
|
||||||
#define EVP_PKEY_DH NID_dhKeyAgreement
|
#define EVP_PKEY_DH NID_dhKeyAgreement
|
||||||
#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
|
#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
|
||||||
#define EVP_PKEY_ECDSA EVP_PKEY_EC
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
extern "C" {
|
extern "C" {
|
||||||
@ -310,7 +309,7 @@ struct env_md_st
|
|||||||
|
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
#define EVP_PKEY_ECDSA_method ECDSA_sign,ECDSA_verify, \
|
#define EVP_PKEY_ECDSA_method ECDSA_sign,ECDSA_verify, \
|
||||||
{EVP_PKEY_ECDSA,0,0,0}
|
{EVP_PKEY_EC,0,0,0}
|
||||||
#else
|
#else
|
||||||
#define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method
|
#define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -83,7 +83,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
|
|||||||
#ifndef OPENSSL_NO_EC
|
#ifndef OPENSSL_NO_EC
|
||||||
EC_KEY *eckey = NULL;
|
EC_KEY *eckey = NULL;
|
||||||
#endif
|
#endif
|
||||||
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
|
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
|
||||||
ASN1_INTEGER *privkey;
|
ASN1_INTEGER *privkey;
|
||||||
ASN1_TYPE *t1, *t2, *param = NULL;
|
ASN1_TYPE *t1, *t2, *param = NULL;
|
||||||
STACK_OF(ASN1_TYPE) *n_stack = NULL;
|
STACK_OF(ASN1_TYPE) *n_stack = NULL;
|
||||||
@ -124,7 +124,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
|
|||||||
EVP_PKEY_assign_RSA (pkey, rsa);
|
EVP_PKEY_assign_RSA (pkey, rsa);
|
||||||
break;
|
break;
|
||||||
#endif
|
#endif
|
||||||
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
|
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
|
||||||
case NID_ecdsa_with_SHA1:
|
case NID_ecdsa_with_SHA1:
|
||||||
case NID_dsa:
|
case NID_dsa:
|
||||||
/* PKCS#8 DSA/ECDSA is weird: you just get a private key integer
|
/* PKCS#8 DSA/ECDSA is weird: you just get a private key integer
|
||||||
@ -235,7 +235,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
|
|||||||
}
|
}
|
||||||
else /* nid == NID_ecdsa_with_SHA1 */
|
else /* nid == NID_ecdsa_with_SHA1 */
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_EC
|
||||||
if ((eckey = d2i_ECParameters(NULL, &cp,
|
if ((eckey = d2i_ECParameters(NULL, &cp,
|
||||||
plen)) == NULL)
|
plen)) == NULL)
|
||||||
{
|
{
|
||||||
@ -350,8 +350,8 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
|
|||||||
|
|
||||||
break;
|
break;
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_EC
|
||||||
case EVP_PKEY_ECDSA:
|
case EVP_PKEY_EC:
|
||||||
if (!eckey_pkey2pkcs8(p8, pkey))
|
if (!eckey_pkey2pkcs8(p8, pkey))
|
||||||
{
|
{
|
||||||
PKCS8_PRIV_KEY_INFO_free(p8);
|
PKCS8_PRIV_KEY_INFO_free(p8);
|
||||||
@ -529,7 +529,7 @@ static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
|
|||||||
q = p;
|
q = p;
|
||||||
if (!i2d_ECParameters(pkey->pkey.eckey, &q))
|
if (!i2d_ECParameters(pkey->pkey.eckey, &q))
|
||||||
{
|
{
|
||||||
EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ECDSA_LIB);
|
EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
|
||||||
OPENSSL_free(p);
|
OPENSSL_free(p);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -703,7 +703,7 @@ static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
|
|||||||
&p8->pkey->value.octet_string->data,
|
&p8->pkey->value.octet_string->data,
|
||||||
&p8->pkey->value.octet_string->length))
|
&p8->pkey->value.octet_string->length))
|
||||||
{
|
{
|
||||||
EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
|
EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
|
||||||
sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
|
sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -137,8 +137,8 @@ int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
|
|||||||
return(ret);
|
return(ret);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_EC
|
||||||
if (pkey->type == EVP_PKEY_ECDSA)
|
if (pkey->type == EVP_PKEY_EC)
|
||||||
{
|
{
|
||||||
int ret = pkey->save_parameters;
|
int ret = pkey->save_parameters;
|
||||||
|
|
||||||
@ -182,7 +182,7 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_EC
|
#ifndef OPENSSL_NO_EC
|
||||||
if (to->type == EVP_PKEY_ECDSA)
|
if (to->type == EVP_PKEY_EC)
|
||||||
{
|
{
|
||||||
if (to->pkey.eckey->group != NULL)
|
if (to->pkey.eckey->group != NULL)
|
||||||
EC_GROUP_free(to->pkey.eckey->group);
|
EC_GROUP_free(to->pkey.eckey->group);
|
||||||
|
|||||||
@ -83,7 +83,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
|
|||||||
else if (strcmp(nm,PEM_STRING_DSA) == 0)
|
else if (strcmp(nm,PEM_STRING_DSA) == 0)
|
||||||
ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len);
|
ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len);
|
||||||
else if (strcmp(nm,PEM_STRING_ECPRIVATEKEY) == 0)
|
else if (strcmp(nm,PEM_STRING_ECPRIVATEKEY) == 0)
|
||||||
ret=d2i_PrivateKey(EVP_PKEY_ECDSA,x,&p,len);
|
ret=d2i_PrivateKey(EVP_PKEY_EC,x,&p,len);
|
||||||
else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
|
else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
|
||||||
PKCS8_PRIV_KEY_INFO *p8inf;
|
PKCS8_PRIV_KEY_INFO *p8inf;
|
||||||
p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
|
p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
|
||||||
|
|||||||
@ -629,7 +629,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
|
|||||||
ctx_tmp.digest=EVP_dss1();
|
ctx_tmp.digest=EVP_dss1();
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
if (si->pkey->type == EVP_PKEY_ECDSA)
|
if (si->pkey->type == EVP_PKEY_EC)
|
||||||
ctx_tmp.digest=EVP_ecdsa();
|
ctx_tmp.digest=EVP_ecdsa();
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -830,7 +830,7 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
|
|||||||
if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
|
if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
if (pkey->type == EVP_PKEY_ECDSA) mdc_tmp.digest=EVP_ecdsa();
|
if (pkey->type == EVP_PKEY_EC) mdc_tmp.digest=EVP_ecdsa();
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey);
|
i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey);
|
||||||
|
|||||||
@ -310,7 +310,7 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
|
|||||||
int nid;
|
int nid;
|
||||||
char is_dsa;
|
char is_dsa;
|
||||||
|
|
||||||
if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_ECDSA)
|
if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_EC)
|
||||||
is_dsa = 1;
|
is_dsa = 1;
|
||||||
else
|
else
|
||||||
is_dsa = 0;
|
is_dsa = 0;
|
||||||
@ -363,7 +363,7 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
|
|||||||
#endif
|
#endif
|
||||||
p7i->digest_enc_alg->parameter = NULL; /* special case for DSA: omit 'parameter'! */
|
p7i->digest_enc_alg->parameter = NULL; /* special case for DSA: omit 'parameter'! */
|
||||||
}
|
}
|
||||||
else if (nid == EVP_PKEY_ECDSA)
|
else if (nid == EVP_PKEY_EC)
|
||||||
{
|
{
|
||||||
p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1);
|
p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1);
|
||||||
if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
|
if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
|
||||||
|
|||||||
@ -86,8 +86,8 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
|
|||||||
case EVP_PKEY_DSA:
|
case EVP_PKEY_DSA:
|
||||||
ret=EVP_PK_DSA|EVP_PKT_SIGN;
|
ret=EVP_PK_DSA|EVP_PKT_SIGN;
|
||||||
break;
|
break;
|
||||||
case EVP_PKEY_ECDSA:
|
case EVP_PKEY_EC:
|
||||||
ret=EVP_PK_ECDSA|EVP_PKT_SIGN;
|
ret=EVP_PK_EC|EVP_PKT_SIGN|EVP_PKT_EXCH;
|
||||||
break;
|
break;
|
||||||
case EVP_PKEY_DH:
|
case EVP_PKEY_DH:
|
||||||
ret=EVP_PK_DH|EVP_PKT_EXCH;
|
ret=EVP_PK_DH|EVP_PKT_EXCH;
|
||||||
@ -105,8 +105,8 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
|
|||||||
case EVP_PKS_DSA:
|
case EVP_PKS_DSA:
|
||||||
ret|=EVP_PKS_DSA;
|
ret|=EVP_PKS_DSA;
|
||||||
break;
|
break;
|
||||||
case EVP_PKS_ECDSA:
|
case EVP_PKS_EC:
|
||||||
ret|=EVP_PKS_ECDSA;
|
ret|=EVP_PKS_EC;
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
|
|||||||
@ -526,10 +526,7 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
#ifndef OPENSSL_NO_EC
|
#ifndef OPENSSL_NO_EC
|
||||||
/* XXX: Structurally, there is no distinction between
|
/* As for ECC certificates, additional
|
||||||
* ECDSA and ECDH public keys (both are ECPoints).
|
|
||||||
* So EVP_PKEY_ECDSA should really be renamed EVP_PKEY_ECC
|
|
||||||
* (or similar). As for ECC certificates, additional
|
|
||||||
* information (e.g. in the optional key usage X509v3
|
* information (e.g. in the optional key usage X509v3
|
||||||
* extension) could be used when available to distinguish
|
* extension) could be used when available to distinguish
|
||||||
* between ECDH and ECDSA certificates. For now, we do not
|
* between ECDH and ECDSA certificates. For now, we do not
|
||||||
@ -537,7 +534,7 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
|
|||||||
* of checking for appropriate key usage to the SSL code
|
* of checking for appropriate key usage to the SSL code
|
||||||
* responsible for sending/processing ECC certificates.
|
* responsible for sending/processing ECC certificates.
|
||||||
*/
|
*/
|
||||||
else if (i == EVP_PKEY_ECDSA)
|
else if (i == EVP_PKEY_EC)
|
||||||
{
|
{
|
||||||
ret = SSL_PKEY_ECC;
|
ret = SSL_PKEY_ECC;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1349,7 +1349,7 @@ static int ssl3_get_key_exchange(SSL *s)
|
|||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
if (pkey->type == EVP_PKEY_ECDSA)
|
if (pkey->type == EVP_PKEY_EC)
|
||||||
{
|
{
|
||||||
/* let's do ECDSA */
|
/* let's do ECDSA */
|
||||||
EVP_VerifyInit_ex(&md_ctx,EVP_ecdsa(), NULL);
|
EVP_VerifyInit_ex(&md_ctx,EVP_ecdsa(), NULL);
|
||||||
@ -1907,7 +1907,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
|
|||||||
srvr_pub_pkey = X509_get_pubkey(s->session-> \
|
srvr_pub_pkey = X509_get_pubkey(s->session-> \
|
||||||
sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
|
sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
|
||||||
if ((srvr_pub_pkey == NULL) ||
|
if ((srvr_pub_pkey == NULL) ||
|
||||||
(srvr_pub_pkey->type != EVP_PKEY_ECDSA) ||
|
(srvr_pub_pkey->type != EVP_PKEY_EC) ||
|
||||||
(srvr_pub_pkey->pkey.eckey == NULL))
|
(srvr_pub_pkey->pkey.eckey == NULL))
|
||||||
{
|
{
|
||||||
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
|
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
|
||||||
@ -2118,7 +2118,7 @@ static int ssl3_send_client_verify(SSL *s)
|
|||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
if (pkey->type == EVP_PKEY_ECDSA)
|
if (pkey->type == EVP_PKEY_EC)
|
||||||
{
|
{
|
||||||
if (!ECDSA_sign(pkey->save_type,
|
if (!ECDSA_sign(pkey->save_type,
|
||||||
&(data[MD5_DIGEST_LENGTH]),
|
&(data[MD5_DIGEST_LENGTH]),
|
||||||
|
|||||||
@ -1446,7 +1446,7 @@ static int ssl3_send_server_key_exchange(SSL *s)
|
|||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#if !defined(OPENSSL_NO_ECDSA)
|
#if !defined(OPENSSL_NO_ECDSA)
|
||||||
if (pkey->type == EVP_PKEY_ECDSA)
|
if (pkey->type == EVP_PKEY_EC)
|
||||||
{
|
{
|
||||||
/* let's do ECDSA */
|
/* let's do ECDSA */
|
||||||
EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
|
EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
|
||||||
@ -2001,7 +2001,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
|
|||||||
}
|
}
|
||||||
if (((clnt_pub_pkey=X509_get_pubkey(s->session->peer))
|
if (((clnt_pub_pkey=X509_get_pubkey(s->session->peer))
|
||||||
== NULL) ||
|
== NULL) ||
|
||||||
(clnt_pub_pkey->type != EVP_PKEY_ECDSA))
|
(clnt_pub_pkey->type != EVP_PKEY_EC))
|
||||||
{
|
{
|
||||||
/* XXX: For now, we do not support client
|
/* XXX: For now, we do not support client
|
||||||
* authentication using ECDH certificates
|
* authentication using ECDH certificates
|
||||||
@ -2228,7 +2228,7 @@ static int ssl3_get_cert_verify(SSL *s)
|
|||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_ECDSA
|
#ifndef OPENSSL_NO_ECDSA
|
||||||
if (pkey->type == EVP_PKEY_ECDSA)
|
if (pkey->type == EVP_PKEY_EC)
|
||||||
{
|
{
|
||||||
j=ECDSA_verify(pkey->save_type,
|
j=ECDSA_verify(pkey->save_type,
|
||||||
&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
|
&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user