Make EVP_PKEY_type into the identity function

This function exists because callers sometimes write
EVP_PKEY_type(EVP_PKEY_id(pkey)), which is equivalent to
EVP_PKEY_base_id(pkey).

In OpenSSL, all this existed so that a type parsed as EVP_PKEY_RSA2
could still be mapped to EVP_PKEY_RSA. We haven't supported this since
2015, so this purely exists as a way to check that the key type exists.
In doing so, it currently pulls in the full implementation of every key
type.

I could replicate the list of keys, but that is one more place we have
to keep things up-to-date. Instead, just make this function the
identity. Looking through callers, it did not appear anyone depended on
the error condition.

Update-Note: EVP_PKEY_type used to return NID_undef when given a garbage
key type. Given it is only ever used in concert with EVP_PKEY_id, this
is unlikely to impact anyone. If it does, we can do the more tedious
option.

Bug: 497
Change-Id: Ibf68a07ef6906398df0fec425c869c107b8c90f4
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67109
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>

1 files changed, 3 insertions, 4 deletions

diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 8a9d620..93b2eb3 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -136,10 +136,6 @@ OPENSSL_EXPORT int EVP_PKEY_bits(const EVP_PKEY *pkey);
 // values.
 OPENSSL_EXPORT int EVP_PKEY_id(const EVP_PKEY *pkey);
 
-// EVP_PKEY_type returns |nid| if |nid| is a known key type and |NID_undef|
-// otherwise.
-OPENSSL_EXPORT int EVP_PKEY_type(int nid);
-
 
 // Getting and setting concrete public key types.
 //
@@ -1036,6 +1032,9 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_set_dsa_paramgen_q_bits(EVP_PKEY_CTX *ctx,
 // Use the |EVP_PKEY_assign_*| functions instead.
 OPENSSL_EXPORT int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);
 
+// EVP_PKEY_type returns |nid|.
+OPENSSL_EXPORT int EVP_PKEY_type(int nid);
+
 
 // Preprocessor compatibility section (hidden).
 //