diff options
author | David Benjamin <davidben@chromium.org> | 2016-01-01 09:02:49 +0300 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2016-02-17 19:31:26 +0300 |
commit | 239a0abfd55ac606a45e2149f4fd8d9e32c3f1fc (patch) | |
tree | e3b71ded8a7bae9ac1f62778e53fb0ac707aa72c /crypto | |
parent | 32fdc512ca6aed2473a63f8a826705a122d4ea0c (diff) |
Slightly simplify and deprecate i2d_{Public,Private}Key.
There are all the type-specific serializations rather than something
tagged with a type. i2d_PrivateKey's PKCS#8 codepath was unreachable
because every EVP_PKEY type has an old_priv_encode function.
To prune EVP_PKEY_ASN1_METHOD further, replace i2d_PrivateKey into a
switch case so we don't need to keep old_priv_encode around. This cuts
down on a case of outside modules reaching into crypto/evp method
tables.
Change-Id: I30db2eed836d560056ba9d1425b960d0602c3cf2
Reviewed-on: https://boringssl-review.googlesource.com/6865
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/evp/internal.h | 1 | ||||
-rw-r--r-- | crypto/evp/p_dsa_asn1.c | 5 | ||||
-rw-r--r-- | crypto/evp/p_ec_asn1.c | 5 | ||||
-rw-r--r-- | crypto/evp/p_rsa_asn1.c | 5 | ||||
-rw-r--r-- | crypto/x509/i2d_pr.c | 36 |
5 files changed, 18 insertions, 34 deletions
diff --git a/crypto/evp/internal.h b/crypto/evp/internal.h index 90ccfec3..ffe768ce 100644 --- a/crypto/evp/internal.h +++ b/crypto/evp/internal.h @@ -139,7 +139,6 @@ struct evp_pkey_asn1_method_st { int (*old_priv_decode)(EVP_PKEY *pkey, const uint8_t **pder, int derlen); - int (*old_priv_encode)(const EVP_PKEY *pkey, uint8_t **pder); /* Converting parameters to/from AlgorithmIdentifier (X509_ALGOR). */ int (*digest_verify_init_from_algorithm)(EVP_MD_CTX *ctx, diff --git a/crypto/evp/p_dsa_asn1.c b/crypto/evp/p_dsa_asn1.c index 8cd7179c..5bd8c793 100644 --- a/crypto/evp/p_dsa_asn1.c +++ b/crypto/evp/p_dsa_asn1.c @@ -447,10 +447,6 @@ static int old_dsa_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, return 1; } -static int old_dsa_priv_encode(const EVP_PKEY *pkey, uint8_t **pder) { - return i2d_DSAPrivateKey(pkey->pkey.dsa, pder); -} - static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx) { DSA_SIG *dsa_sig; @@ -520,7 +516,6 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meth = { int_dsa_free, old_dsa_priv_decode, - old_dsa_priv_encode, NULL /* digest_verify_init_from_algorithm */, NULL /* digest_sign_algorithm */, diff --git a/crypto/evp/p_ec_asn1.c b/crypto/evp/p_ec_asn1.c index 25081b82..f072ffe0 100644 --- a/crypto/evp/p_ec_asn1.c +++ b/crypto/evp/p_ec_asn1.c @@ -461,10 +461,6 @@ static int old_ec_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, return 1; } -static int old_ec_priv_encode(const EVP_PKEY *pkey, uint8_t **pder) { - return i2d_ECPrivateKey(pkey->pkey.ec, pder); -} - const EVP_PKEY_ASN1_METHOD ec_asn1_meth = { EVP_PKEY_EC, 0, @@ -493,7 +489,6 @@ const EVP_PKEY_ASN1_METHOD ec_asn1_meth = { int_ec_free, old_ec_priv_decode, - old_ec_priv_encode, NULL /* digest_verify_init_from_algorithm */, NULL /* digest_sign_algorithm */, diff --git a/crypto/evp/p_rsa_asn1.c b/crypto/evp/p_rsa_asn1.c index e2362e02..dc6c0f99 100644 --- a/crypto/evp/p_rsa_asn1.c +++ b/crypto/evp/p_rsa_asn1.c @@ -461,10 +461,6 @@ static int old_rsa_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, return 1; } -static int old_rsa_priv_encode(const EVP_PKEY *pkey, uint8_t **pder) { - return i2d_RSAPrivateKey(pkey->pkey.rsa, pder); -} - /* allocate and set algorithm ID from EVP_MD, default SHA1 */ static int rsa_md_to_algor(X509_ALGOR **palg, const EVP_MD *md) { if (EVP_MD_type(md) == NID_sha1) { @@ -734,7 +730,6 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meth = { int_rsa_free, old_rsa_priv_decode, - old_rsa_priv_encode, rsa_digest_verify_init_from_algorithm, rsa_digest_sign_algorithm, diff --git a/crypto/x509/i2d_pr.c b/crypto/x509/i2d_pr.c index 7504f2d4..c3fb8a8a 100644 --- a/crypto/x509/i2d_pr.c +++ b/crypto/x509/i2d_pr.c @@ -55,29 +55,29 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ -#include <openssl/x509.h> - #include <openssl/asn1.h> +#include <openssl/ec_key.h> #include <openssl/err.h> #include <openssl/evp.h> +#include <openssl/rsa.h> +#include <openssl/dsa.h> -#include "../evp/internal.h" -int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp) +int i2d_PrivateKey(const EVP_PKEY *a, uint8_t **pp) { - if (a->ameth && a->ameth->old_priv_encode) { - return a->ameth->old_priv_encode(a, pp); - } - if (a->ameth && a->ameth->priv_encode) { - PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8((EVP_PKEY *)a); - int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp); - PKCS8_PRIV_KEY_INFO_free(p8); - return ret; + switch (EVP_PKEY_id(a)) { + case EVP_PKEY_RSA: + return i2d_RSAPrivateKey(a->pkey.rsa, pp); + case EVP_PKEY_EC: + return i2d_ECPrivateKey(a->pkey.ec, pp); + case EVP_PKEY_DSA: + return i2d_DSAPrivateKey(a->pkey.dsa, pp); + default: + /* + * Although this file is in crypto/x509 for layering reasons, it emits + * an error code from ASN1 for OpenSSL compatibility. + */ + OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + return -1; } - /* - * Although this file is in crypto/x509 for layering reasons, it emits an - * error code from ASN1 for OpenSSL compatibility. - */ - OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return -1; } |