Use EVP_PKEY_X25519, EVP_PKEY_ED25519 instead of NIDs where appropriate. (d2916a5b) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/ec/ecx_meth.c

+10 −9

Original line number	Diff line number	Diff line
		@@ -78,7 +78,7 @@ static int ecx_key_op(EVP_PKEY pkey, int id, const X509_ALGOR palg,
		OPENSSL_free(xkey);
		return 0;
		}
		if (id == NID_X25519) {
		if (id == EVP_PKEY_X25519) {
		xkey->privkey[0] &= 248;
		xkey->privkey[31] &= 127;
		xkey->privkey[31] \|= 64;
		@@ -86,7 +86,7 @@ static int ecx_key_op(EVP_PKEY pkey, int id, const X509_ALGOR palg,
		} else {
		memcpy(xkey->privkey, p, X25519_KEYLEN);
		}
		if (id == NID_X25519)
		if (id == EVP_PKEY_X25519)
		X25519_public_from_private(xkey->pubkey, xkey->privkey);
		else
		ED25519_public_from_private(xkey->pubkey, xkey->privkey);
		@@ -282,7 +282,8 @@ static int ecx_ctrl(EVP_PKEY pkey, int op, long arg1, void arg2)
		switch (op) {

		case ASN1_PKEY_CTRL_SET1_TLS_ENCPT:
		return ecx_key_op(pkey, NID_X25519, NULL, arg2, arg1, X25519_PUBLIC);
		return ecx_key_op(pkey, EVP_PKEY_X25519, NULL, arg2, arg1,
		X25519_PUBLIC);

		case ASN1_PKEY_CTRL_GET1_TLS_ENCPT:
		if (pkey->pkey.ptr != NULL) {
		@@ -305,8 +306,8 @@ static int ecx_ctrl(EVP_PKEY pkey, int op, long arg1, void arg2)
		}

		const EVP_PKEY_ASN1_METHOD ecx25519_asn1_meth = {
		NID_X25519,
		NID_X25519,
		EVP_PKEY_X25519,
		EVP_PKEY_X25519,
		0,
		"X25519",
		"OpenSSL X25519 algorithm",
		@@ -380,8 +381,8 @@ static int ecd_sig_info_set(X509_SIG_INFO siginf, const X509_ALGOR alg,
		}

		const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth = {
		NID_ED25519,
		NID_ED25519,
		EVP_PKEY_ED25519,
		EVP_PKEY_ED25519,
		0,
		"ED25519",
		"OpenSSL ED25519 algorithm",
		@@ -451,7 +452,7 @@ static int pkey_ecx_ctrl(EVP_PKEY_CTX ctx, int type, int p1, void p2)
		}

		const EVP_PKEY_METHOD ecx25519_pkey_meth = {
		NID_X25519,
		EVP_PKEY_X25519,
		0, 0, 0, 0, 0, 0, 0,
		pkey_ecx_keygen,
		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
		@@ -510,7 +511,7 @@ static int pkey_ecd_ctrl(EVP_PKEY_CTX ctx, int type, int p1, void p2)
		}

		const EVP_PKEY_METHOD ed25519_pkey_meth = {
		NID_ED25519, EVP_PKEY_FLAG_SIGCTX_CUSTOM,
		EVP_PKEY_ED25519, EVP_PKEY_FLAG_SIGCTX_CUSTOM,
		0, 0, 0, 0, 0, 0,
		pkey_ecx_keygen,
		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,

crypto/x509/x509type.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -41,7 +41,7 @@ int X509_certificate_type(const X509 x, const EVP_PKEY pkey)
		case EVP_PKEY_EC:
		ret = EVP_PK_EC \| EVP_PKT_SIGN \| EVP_PKT_EXCH;
		break;
		case NID_ED25519:
		case EVP_PKEY_ED25519:
		ret = EVP_PKT_SIGN;
		break;
		case EVP_PKEY_DH:

doc/man7/Ed25519.pod

+2 −2

Original line number	Diff line number	Diff line
		@@ -31,7 +31,7 @@ or X509_sign_ctx() in the usual way.

		A context for the B<Ed25519> algorithm can be obtained by calling:

		EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(NID_ED25519, NULL);
		EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);

		=head1 EXAMPLE

		@@ -42,7 +42,7 @@ output in PEM format:
		#include <openssl/pem.h>
		...
		EVP_PKEY *pkey = NULL;
		EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(NID_ED25519, NULL);
		EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
		EVP_PKEY_keygen_init(pctx);
		EVP_PKEY_keygen(pctx, &pkey);
		EVP_PKEY_CTX_free(pctx);

doc/man7/X25519.pod

+2 −2

Original line number	Diff line number	Diff line
		@@ -19,7 +19,7 @@ performing key derivation.

		A context for the B<X25519> algorithm can be obtained by calling:

		EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(NID_X25519, NULL);
		EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);

		=head1 EXAMPLE

		@@ -30,7 +30,7 @@ output in PEM format:
		#include <openssl/pem.h>
		...
		EVP_PKEY *pkey = NULL;
		EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(NID_X25519, NULL);
		EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);
		EVP_PKEY_keygen_init(pctx);
		EVP_PKEY_keygen(pctx, &pkey);
		EVP_PKEY_CTX_free(pctx);

include/openssl/evp.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -56,6 +56,8 @@
		# define EVP_PKEY_HKDF NID_hkdf
		# define EVP_PKEY_POLY1305 NID_poly1305
		# define EVP_PKEY_SIPHASH NID_siphash
		# define EVP_PKEY_X25519 NID_X25519
		# define EVP_PKEY_ED25519 NID_ED25519

		#ifdef __cplusplus
		extern "C" {