Add EVP_PKEY_supports_digest_nid() (ecbb2fca) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/evp/p_lib.c

+20 −0

Original line number	Original line	Diff line number	Diff line
	@@ -667,6 +667,26 @@ int EVP_PKEY_get_default_digest_nid(EVP_PKEY pkey, int pnid)
	return evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 0, pnid);		return evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, 0, pnid);
	}		}

			int EVP_PKEY_supports_digest_nid(EVP_PKEY *pkey, int nid)
			{
			int rv, default_nid;

			rv = evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_SUPPORTS_MD_NID, nid, NULL);
			if (rv == -2) {
			/*
			* If there is a mandatory default digest and this isn't it, then
			* the answer is 'no'.
			*/
			rv = EVP_PKEY_get_default_digest_nid(pkey, &default_nid);
			if (rv == 2)
			return (nid == default_nid);
			/* zero is an error from EVP_PKEY_get_default_digest_nid() */
			if (rv == 0)
			return -1;
			}
			return rv;
			}

	int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey,		int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey,
	const unsigned char *pt, size_t ptlen)		const unsigned char *pt, size_t ptlen)
	{		{

doc/man3/EVP_PKEY_ASN1_METHOD.pod

+1 −0

Original line number	Original line	Diff line number	Diff line
	@@ -257,6 +257,7 @@ L<EVP_PKEY_set_type_str(3)>, and L<EVP_PKEY_assign(3)>.

	The pkey_ctrl() method adds extra algorithm specific control.		The pkey_ctrl() method adds extra algorithm specific control.
	It's called by L<EVP_PKEY_get_default_digest_nid(3)>,		It's called by L<EVP_PKEY_get_default_digest_nid(3)>,
			L<EVP_PKEY_supports_digest_nid(3)>,
	L<EVP_PKEY_set1_tls_encodedpoint(3)>,		L<EVP_PKEY_set1_tls_encodedpoint(3)>,
	L<EVP_PKEY_get1_tls_encodedpoint(3)>, L<PKCS7_SIGNER_INFO_set(3)>,		L<EVP_PKEY_get1_tls_encodedpoint(3)>, L<PKCS7_SIGNER_INFO_set(3)>,
	L<PKCS7_RECIP_INFO_set(3)>, ...		L<PKCS7_RECIP_INFO_set(3)>, ...

doc/man3/EVP_PKEY_get_default_digest_nid.pod

+2 −1

Original line number	Original line	Diff line number	Diff line
	@@ -18,7 +18,7 @@ a digest during signing. In this case B<pnid> will be set to NID_undef.

	=head1 NOTES		=head1 NOTES

	For all current standard OpenSSL public key algorithms SHA1 is returned.		For all current standard OpenSSL public key algorithms SHA256 is returned.

	=head1 RETURN VALUES		=head1 RETURN VALUES

	@@ -32,6 +32,7 @@ public key algorithm.

	L<EVP_PKEY_CTX_new(3)>,		L<EVP_PKEY_CTX_new(3)>,
	L<EVP_PKEY_sign(3)>,		L<EVP_PKEY_sign(3)>,
			L<EVP_PKEY_supports_digest_nid(3)>,
	L<EVP_PKEY_verify(3)>,		L<EVP_PKEY_verify(3)>,
	L<EVP_PKEY_verify_recover(3)>,		L<EVP_PKEY_verify_recover(3)>,

doc/man3/EVP_PKEY_supports_digest_nid.pod

0 → 100644

+53 −0

Original line number	Original line	Diff line number	Diff line
			=pod

			=head1 NAME

			EVP_PKEY_supports_digest_nid - indicate support for signature digest

			=head1 SYNOPSIS

			#include <openssl/evp.h>
			int EVP_PKEY_supports_digest_nid(EVP_PKEY *pkey, int nid);

			=head1 DESCRIPTION

			The EVP_PKEY_supports_digest_nid() function queries whether the message digest
			NID B<nid> is supported for public key signature operations associated with key
			B<pkey>.

			=head1 NOTES

			If the EVP_PKEY implementation does not explicitly support this method, but
			L<EVP_PKEY_get_default_digest_nid(3)> returns a mandatory digest result, then
			only that mandatory digest will be supported.

			=head1 RETURN VALUES

			The EVP_PKEY_supports_digest_nid() function returns 1 if the message digest
			algorithm identified by B<nid> can be used for public key signature operations
			associated with key B<pkey> and 0 if it cannot be used. It returns a negative
			value for failure. In particular a return value of -2 indicates the query
			operation is not supported by the public key algorithm.

			=head1 SEE ALSO

			L<EVP_PKEY_CTX_new(3)>,
			L<EVP_PKEY_get_default_digest_nid(3)>,
			L<EVP_PKEY_sign(3)>,
			L<EVP_PKEY_verify(3)>,
			L<EVP_PKEY_verify_recover(3)>,

			=head1 HISTORY

			This function was first added to OpenSSL 1.1.2.

			=head1 COPYRIGHT

			Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.

			Licensed under the OpenSSL license (the "License"). You may not use
			this file except in compliance with the License. You can obtain a copy
			in the file LICENSE in the source distribution or at
			L<https://www.openssl.org/source/license.html>.

			=cut

include/openssl/evp.h

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -1111,6 +1111,7 @@ int EVP_PKEY_print_params(BIO out, const EVP_PKEY pkey,
	int indent, ASN1_PCTX *pctx);		int indent, ASN1_PCTX *pctx);

	int EVP_PKEY_get_default_digest_nid(EVP_PKEY pkey, int pnid);		int EVP_PKEY_get_default_digest_nid(EVP_PKEY pkey, int pnid);
			int EVP_PKEY_supports_digest_nid(EVP_PKEY *pkey, int nid);

	int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey,		int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey,
	const unsigned char *pt, size_t ptlen);		const unsigned char *pt, size_t ptlen);
	@@ -1187,6 +1188,7 @@ int EVP_PBE_get(int ptype, int ppbe_nid, size_t num);

	# define ASN1_PKEY_CTRL_SET1_TLS_ENCPT 0x9		# define ASN1_PKEY_CTRL_SET1_TLS_ENCPT 0x9
	# define ASN1_PKEY_CTRL_GET1_TLS_ENCPT 0xa		# define ASN1_PKEY_CTRL_GET1_TLS_ENCPT 0xa
			# define ASN1_PKEY_CTRL_SUPPORTS_MD_NID 0xb

	int EVP_PKEY_asn1_get_count(void);		int EVP_PKEY_asn1_get_count(void);
	const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);		const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);

Admin message