diff options
author | David Benjamin <davidben@google.com> | 2024-03-17 15:29:54 +1000 |
---|---|---|
committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2024-03-19 01:42:31 +0000 |
commit | 8ede9514dac7cace2084d95502d4bd8ea39b08b6 (patch) | |
tree | 676fb94fa5df66e9bfed7cc2358c3edba91c2eb4 /include | |
parent | 044fbc86ef5505d5fdab2befd476992ad1074665 (diff) | |
download | boringssl-8ede9514dac7cace2084d95502d4bd8ea39b08b6.zip boringssl-8ede9514dac7cace2084d95502d4bd8ea39b08b6.tar.gz boringssl-8ede9514dac7cace2084d95502d4bd8ea39b08b6.tar.bz2 |
Make EVP_PKEY_type into the identity function
This function exists because callers sometimes write
EVP_PKEY_type(EVP_PKEY_id(pkey)), which is equivalent to
EVP_PKEY_base_id(pkey).
In OpenSSL, all this existed so that a type parsed as EVP_PKEY_RSA2
could still be mapped to EVP_PKEY_RSA. We haven't supported this since
2015, so this purely exists as a way to check that the key type exists.
In doing so, it currently pulls in the full implementation of every key
type.
I could replicate the list of keys, but that is one more place we have
to keep things up-to-date. Instead, just make this function the
identity. Looking through callers, it did not appear anyone depended on
the error condition.
Update-Note: EVP_PKEY_type used to return NID_undef when given a garbage
key type. Given it is only ever used in concert with EVP_PKEY_id, this
is unlikely to impact anyone. If it does, we can do the more tedious
option.
Bug: 497
Change-Id: Ibf68a07ef6906398df0fec425c869c107b8c90f4
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67109
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/evp.h | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 8a9d620..93b2eb3 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -136,10 +136,6 @@ OPENSSL_EXPORT int EVP_PKEY_bits(const EVP_PKEY *pkey); // values. OPENSSL_EXPORT int EVP_PKEY_id(const EVP_PKEY *pkey); -// EVP_PKEY_type returns |nid| if |nid| is a known key type and |NID_undef| -// otherwise. -OPENSSL_EXPORT int EVP_PKEY_type(int nid); - // Getting and setting concrete public key types. // @@ -1036,6 +1032,9 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_set_dsa_paramgen_q_bits(EVP_PKEY_CTX *ctx, // Use the |EVP_PKEY_assign_*| functions instead. OPENSSL_EXPORT int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key); +// EVP_PKEY_type returns |nid|. +OPENSSL_EXPORT int EVP_PKEY_type(int nid); + // Preprocessor compatibility section (hidden). // |