Simplify the EVP_PKEY_XXX_fromdata_XX methods.
The existing names such as EVP_PKEY_param_fromdata_settable were a bit
confusing since the 'param' referred to key params not OSSL_PARAM. To simplify
the interface a 'selection' parameter will be passed instead. The
changes are:
(1) EVP_PKEY_fromdata_init() replaces both EVP_PKEY_key_fromdata_init() and EVP_PKEY_param_fromdata_init().
(2) EVP_PKEY_fromdata() has an additional selection parameter.
(3) EVP_PKEY_fromdata_settable() replaces EVP_PKEY_key_fromdata_settable() and EVP_PKEY_param_fromdata_settable().
EVP_PKEY_fromdata_settable() also uses a selection parameter.
Fixes #12989
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14076)
diff --git a/apps/dhparam.c b/apps/dhparam.c
index 8242a1f..cfa399e 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -387,8 +387,8 @@
ctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL);
if (ctx == NULL
- || !EVP_PKEY_param_fromdata_init(ctx)
- || !EVP_PKEY_fromdata(ctx, &pkey, params)) {
+ || !EVP_PKEY_fromdata_init(ctx)
+ || !EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params)) {
BIO_printf(bio_err, "Error, failed to set DH parameters\n");
goto err;
}
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index fc0e5be..fe53b62 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -391,7 +391,7 @@
goto err;
/* May fail if no provider available */
ERR_set_mark();
- if (EVP_PKEY_key_fromdata_init(ctx) == 1) {
+ if (EVP_PKEY_fromdata_init(ctx) == 1) {
OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
ERR_clear_last_mark();
@@ -400,7 +400,7 @@
: OSSL_PKEY_PARAM_PUB_KEY,
(void *)key, len);
- if (EVP_PKEY_fromdata(ctx, &pkey, params) != 1) {
+ if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) != 1) {
ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED);
goto err;
}
@@ -610,7 +610,7 @@
if (ctx == NULL)
goto err;
- if (!EVP_PKEY_key_fromdata_init(ctx)) {
+ if (!EVP_PKEY_fromdata_init(ctx)) {
ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED);
goto err;
}
@@ -629,7 +629,7 @@
# endif
*p = OSSL_PARAM_construct_end();
- if (!EVP_PKEY_fromdata(ctx, &pkey, params)) {
+ if (!EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params)) {
ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED);
goto err;
}
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
index beaa001..bf35088 100644
--- a/crypto/evp/pmeth_gn.c
+++ b/crypto/evp/pmeth_gn.c
@@ -345,22 +345,17 @@
return -2;
}
-int EVP_PKEY_param_fromdata_init(EVP_PKEY_CTX *ctx)
+int EVP_PKEY_fromdata_init(EVP_PKEY_CTX *ctx)
{
- return fromdata_init(ctx, EVP_PKEY_OP_PARAMFROMDATA);
+ return fromdata_init(ctx, EVP_PKEY_OP_FROMDATA);
}
-int EVP_PKEY_key_fromdata_init(EVP_PKEY_CTX *ctx)
-{
- return fromdata_init(ctx, EVP_PKEY_OP_KEYFROMDATA);
-}
-
-int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, OSSL_PARAM params[])
+int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, int selection,
+ OSSL_PARAM params[])
{
void *keydata = NULL;
- int selection;
- if (ctx == NULL || (ctx->operation & EVP_PKEY_OP_TYPE_FROMDATA) == 0) {
+ if (ctx == NULL || (ctx->operation & EVP_PKEY_OP_FROMDATA) == 0) {
ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
return -2;
}
@@ -376,40 +371,17 @@
return -1;
}
- if (ctx->operation == EVP_PKEY_OP_PARAMFROMDATA)
- selection = OSSL_KEYMGMT_SELECT_ALL_PARAMETERS;
- else
- selection = OSSL_KEYMGMT_SELECT_ALL;
- keydata = evp_keymgmt_util_fromdata(*ppkey, ctx->keymgmt, selection,
- params);
-
+ keydata = evp_keymgmt_util_fromdata(*ppkey, ctx->keymgmt, selection, params);
if (keydata == NULL)
return 0;
/* keydata is cached in *ppkey, so we need not bother with it further */
return 1;
}
-/*
- * TODO(3.0) Re-evaluate the names, it's possible that we find these to be
- * better:
- *
- * EVP_PKEY_param_settable()
- * EVP_PKEY_param_gettable()
- */
-const OSSL_PARAM *EVP_PKEY_param_fromdata_settable(EVP_PKEY_CTX *ctx)
+const OSSL_PARAM *EVP_PKEY_fromdata_settable(EVP_PKEY_CTX *ctx, int selection)
{
/* We call fromdata_init to get ctx->keymgmt populated */
- if (fromdata_init(ctx, EVP_PKEY_OP_UNDEFINED))
- return evp_keymgmt_import_types(ctx->keymgmt,
- OSSL_KEYMGMT_SELECT_ALL_PARAMETERS);
- return NULL;
-}
-
-const OSSL_PARAM *EVP_PKEY_key_fromdata_settable(EVP_PKEY_CTX *ctx)
-{
- /* We call fromdata_init to get ctx->keymgmt populated */
- if (fromdata_init(ctx, EVP_PKEY_OP_UNDEFINED))
- return evp_keymgmt_import_types(ctx->keymgmt,
- OSSL_KEYMGMT_SELECT_ALL);
+ if (fromdata_init(ctx, EVP_PKEY_OP_UNDEFINED) == 1)
+ return evp_keymgmt_import_types(ctx->keymgmt, selection);
return NULL;
}
diff --git a/doc/man3/EVP_PKEY_fromdata.pod b/doc/man3/EVP_PKEY_fromdata.pod
index aaf545d..40f39d7 100644
--- a/doc/man3/EVP_PKEY_fromdata.pod
+++ b/doc/man3/EVP_PKEY_fromdata.pod
@@ -2,19 +2,17 @@
=head1 NAME
-EVP_PKEY_param_fromdata_init, EVP_PKEY_key_fromdata_init, EVP_PKEY_fromdata,
-EVP_PKEY_param_fromdata_settable, EVP_PKEY_key_fromdata_settable
-- functions to create key parameters and keys from user data
+EVP_PKEY_fromdata_init, EVP_PKEY_fromdata, EVP_PKEY_fromdata_settable
+- functions to create keys and key parameters from user data
=head1 SYNOPSIS
#include <openssl/evp.h>
- int EVP_PKEY_param_fromdata_init(EVP_PKEY_CTX *ctx);
- int EVP_PKEY_key_fromdata_init(EVP_PKEY_CTX *ctx);
- int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, OSSL_PARAM params[]);
- const OSSL_PARAM *EVP_PKEY_param_fromdata_settable(EVP_PKEY_CTX *ctx);
- const OSSL_PARAM *EVP_PKEY_key_fromdata_settable(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_fromdata_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, int selection,
+ OSSL_PARAM params[]);
+ const OSSL_PARAM *EVP_PKEY_fromdata_settable(EVP_PKEY_CTX *ctx, int selection);
=head1 DESCRIPTION
@@ -29,17 +27,15 @@
The exact key data that the user can pass depends on the key type.
These are passed as an L<OSSL_PARAM(3)> array.
-EVP_PKEY_param_fromdata_init() initializes a public key algorithm context
-for creating key parameters from user data.
+EVP_PKEY_fromdata_init() initializes a public key algorithm context
+for creating a key or key parameters from user data.
-EVP_PKEY_key_fromdata_init() initializes a public key algorithm context for
-creating a key from user data.
-
-EVP_PKEY_fromdata() creates the structure to store key parameters or a
-key, given data from I<params> and a context that's been initialized with
-EVP_PKEY_param_fromdata_init() or EVP_PKEY_key_fromdata_init(). The result is
-written to I<*ppkey>. The parameters that can be used for various types of key
-are as described by the diverse "Common parameters" sections of the
+EVP_PKEY_fromdata() creates the structure to store a key or key parameters,
+given data from I<params>, I<selection> and a context that's been initialized
+with EVP_PKEY_fromdata_init(). The result is written to I<*ppkey>.
+I<selection> is described in L</Selections>.
+The parameters that can be used for various types of key are as described by the
+diverse "Common parameters" sections of the
L<B<EVP_PKEY-RSA>(7)|EVP_PKEY-RSA(7)/Common RSA parameters>,
L<B<EVP_PKEY-DSA>(7)|EVP_PKEY-DSA(7)/Common DSA & DH parameters>,
L<B<EVP_PKEY-DH>(7)|EVP_PKEY-DH(7)/Common DH parameters>,
@@ -52,24 +48,44 @@
=for comment the awful list of links above is made this way so we get nice
rendering as a man-page while still getting proper links in HTML
-EVP_PKEY_param_fromdata_settable() and EVP_PKEY_key_fromdata_settable()
-get a constant B<OSSL_PARAM> array that describes the settable parameters
-that can be used with EVP_PKEY_fromdata().
+EVP_PKEY_fromdata_settable() gets a constant B<OSSL_PARAM> array that describes
+the settable parameters that can be used with EVP_PKEY_fromdata().
+I<selection> is described in L</Selections>.
See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
+=head2 Selections
+
+The following constants can be used for I<selection>:
+
+=over 4
+
+=item B<EVP_PKEY_KEY_PARAMETERS>
+
+Only key parameters will be selected.
+
+=item B<EVP_PKEY_PUBLIC_KEY>
+
+Only public key components will be selected. This includes optional key
+parameters.
+
+=item B<EVP_PKEY_KEYPAIR>
+
+Any keypair components will be selected. This includes the private key,
+public key and key parameters.
+
+=back
+
=head1 NOTES
-These functions only work with key management methods coming from a
-provider.
+These functions only work with key management methods coming from a provider.
=for comment We may choose to make this available for legacy methods too...
=head1 RETURN VALUES
-EVP_PKEY_key_fromdata_init(), EVP_PKEY_param_fromdata_init() and
-EVP_PKEY_fromdata() return 1 for success and 0 or a negative value for
-failure. In particular a return value of -2 indicates the operation is
-not supported by the public key algorithm.
+EVP_PKEY_fromdata_init() and EVP_PKEY_fromdata() return 1 for success and 0 or
+a negative value for failure. In particular a return value of -2 indicates the
+operation is not supported by the public key algorithm.
=head1 EXAMPLES
@@ -110,8 +126,8 @@
EVP_PKEY *pkey = NULL;
if (ctx == NULL
- || EVP_PKEY_key_fromdata_init(ctx) <= 0
- || EVP_PKEY_fromdata(ctx, &pkey, params) <= 0)
+ || EVP_PKEY_fromdata_init(ctx) <= 0
+ || EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0)
exit(1);
/* Do what you want with |pkey| */
@@ -173,8 +189,8 @@
ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
if (ctx == NULL
|| params != NULL
- || EVP_PKEY_key_fromdata_init(ctx) <= 0
- || EVP_PKEY_fromdata(ctx, &pkey, params) <= 0) {
+ || EVP_PKEY_fromdata_init(ctx) <= 0
+ || EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) {
exitcode = 1;
} else {
/* Do what you want with |pkey| */
@@ -199,8 +215,10 @@
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(NULL, argv[1], NULL);
const *OSSL_PARAM *settable_params = NULL;
- if (ctx == NULL
- || (settable_params = EVP_PKEY_key_fromdata_settable(ctx)) == NULL)
+ if (ctx == NULL)
+ exit(1);
+ settable_params = EVP_PKEY_fromdata_settable(ctx, EVP_PKEY_KEYPAIR);
+ if (settable_params == NULL)
exit(1);
for (; settable_params->key != NULL; settable_params++) {
@@ -235,7 +253,7 @@
}
The descriptor L<OSSL_PARAM(3)> returned by
-EVP_PKEY_key_fromdata_settable() may also be used programmatically, for
+EVP_PKEY_fromdata_settable() may also be used programmatically, for
example with L<OSSL_PARAM_allocate_from_text(3)>.
=head1 SEE ALSO
@@ -252,7 +270,7 @@
=head1 COPYRIGHT
-Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 239b107..5f9de9d 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -21,6 +21,7 @@
# include <openssl/opensslconf.h>
# include <openssl/types.h>
# include <openssl/core.h>
+# include <openssl/core_dispatch.h>
# include <openssl/symhacks.h>
# include <openssl/bio.h>
# include <openssl/evperr.h>
@@ -1552,18 +1553,17 @@
# define EVP_PKEY_OP_UNDEFINED 0
# define EVP_PKEY_OP_PARAMGEN (1<<1)
# define EVP_PKEY_OP_KEYGEN (1<<2)
-# define EVP_PKEY_OP_PARAMFROMDATA (1<<3)
-# define EVP_PKEY_OP_KEYFROMDATA (1<<4)
-# define EVP_PKEY_OP_SIGN (1<<5)
-# define EVP_PKEY_OP_VERIFY (1<<6)
-# define EVP_PKEY_OP_VERIFYRECOVER (1<<7)
-# define EVP_PKEY_OP_SIGNCTX (1<<8)
-# define EVP_PKEY_OP_VERIFYCTX (1<<9)
-# define EVP_PKEY_OP_ENCRYPT (1<<10)
-# define EVP_PKEY_OP_DECRYPT (1<<11)
-# define EVP_PKEY_OP_DERIVE (1<<12)
-# define EVP_PKEY_OP_ENCAPSULATE (1<<13)
-# define EVP_PKEY_OP_DECAPSULATE (1<<14)
+# define EVP_PKEY_OP_FROMDATA (1<<3)
+# define EVP_PKEY_OP_SIGN (1<<4)
+# define EVP_PKEY_OP_VERIFY (1<<5)
+# define EVP_PKEY_OP_VERIFYRECOVER (1<<6)
+# define EVP_PKEY_OP_SIGNCTX (1<<7)
+# define EVP_PKEY_OP_VERIFYCTX (1<<8)
+# define EVP_PKEY_OP_ENCRYPT (1<<9)
+# define EVP_PKEY_OP_DECRYPT (1<<10)
+# define EVP_PKEY_OP_DERIVE (1<<11)
+# define EVP_PKEY_OP_ENCAPSULATE (1<<12)
+# define EVP_PKEY_OP_DECAPSULATE (1<<13)
# define EVP_PKEY_OP_TYPE_SIG \
(EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
@@ -1578,8 +1578,6 @@
# define EVP_PKEY_OP_TYPE_GEN \
(EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
-# define EVP_PKEY_OP_TYPE_FROMDATA \
- (EVP_PKEY_OP_PARAMFROMDATA | EVP_PKEY_OP_KEYFROMDATA)
int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key,
int keylen);
@@ -1790,11 +1788,10 @@
typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_param_fromdata_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_key_fromdata_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, OSSL_PARAM param[]);
-const OSSL_PARAM *EVP_PKEY_param_fromdata_settable(EVP_PKEY_CTX *ctx);
-const OSSL_PARAM *EVP_PKEY_key_fromdata_settable(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_fromdata_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, int selection,
+ OSSL_PARAM param[]);
+const OSSL_PARAM *EVP_PKEY_fromdata_settable(EVP_PKEY_CTX *ctx, int selection);
const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey);
int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[]);
int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name,
diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c
index d4102f2..c408339 100644
--- a/providers/fips/self_test_kats.c
+++ b/providers/fips/self_test_kats.c
@@ -392,11 +392,11 @@
kactx = EVP_PKEY_CTX_new_from_name(libctx, t->algorithm, "");
if (kactx == NULL)
goto err;
- if (EVP_PKEY_key_fromdata_init(kactx) <= 0
- || EVP_PKEY_fromdata(kactx, &pkey, params) <= 0)
+ if (EVP_PKEY_fromdata_init(kactx) <= 0
+ || EVP_PKEY_fromdata(kactx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0)
goto err;
- if (EVP_PKEY_key_fromdata_init(kactx) <= 0
- || EVP_PKEY_fromdata(kactx, &peerkey, params_peer) <= 0)
+ if (EVP_PKEY_fromdata_init(kactx) <= 0
+ || EVP_PKEY_fromdata(kactx, &peerkey, EVP_PKEY_KEYPAIR, params_peer) <= 0)
goto err;
/* Create a EVP_PKEY_CTX to perform key derivation */
@@ -464,8 +464,8 @@
kctx = EVP_PKEY_CTX_new_from_name(libctx, t->algorithm, "");
if (kctx == NULL || params == NULL)
goto err;
- if (EVP_PKEY_key_fromdata_init(kctx) <= 0
- || EVP_PKEY_fromdata(kctx, &pkey, params) <= 0)
+ if (EVP_PKEY_fromdata_init(kctx) <= 0
+ || EVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0)
goto err;
/* Create a EVP_PKEY_CTX to use for the signing operation */
@@ -546,8 +546,8 @@
keyctx = EVP_PKEY_CTX_new_from_name(libctx, t->algorithm, NULL);
if (keyctx == NULL || keyparams == NULL)
goto err;
- if (EVP_PKEY_key_fromdata_init(keyctx) <= 0
- || EVP_PKEY_fromdata(keyctx, &key, keyparams) <= 0)
+ if (EVP_PKEY_fromdata_init(keyctx) <= 0
+ || EVP_PKEY_fromdata(keyctx, &key, EVP_PKEY_KEYPAIR, keyparams) <= 0)
goto err;
/* Create a EVP_PKEY_CTX to use for the encrypt or decrypt operation */
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index cff5226..1e9ab00 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2063,8 +2063,8 @@
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
- if (EVP_PKEY_key_fromdata_init(pctx) <= 0
- || EVP_PKEY_fromdata(pctx, &peer_tmp, params) <= 0) {
+ if (EVP_PKEY_fromdata_init(pctx) <= 0
+ || EVP_PKEY_fromdata(pctx, &peer_tmp, EVP_PKEY_KEYPAIR, params) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_BAD_DH_VALUE);
goto err;
}
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index a7b5a6c..684e849 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2901,7 +2901,7 @@
pctx = EVP_PKEY_CTX_new_from_name(s->ctx->libctx, "DH", s->ctx->propq);
if (pctx == NULL
- || EVP_PKEY_key_fromdata_init(pctx) != 1)
+ || EVP_PKEY_fromdata_init(pctx) != 1)
goto err;
tmpl = OSSL_PARAM_BLD_new();
@@ -2911,7 +2911,8 @@
goto err;
params = OSSL_PARAM_BLD_to_param(tmpl);
- if (params == NULL || EVP_PKEY_fromdata(pctx, &dhp, params) != 1)
+ if (params == NULL
+ || EVP_PKEY_fromdata(pctx, &dhp, EVP_PKEY_KEY_PARAMETERS, params) != 1)
goto err;
err:
diff --git a/test/acvp_test.c b/test/acvp_test.c
index 3d4214c..2dc01ae 100644
--- a/test/acvp_test.c
+++ b/test/acvp_test.c
@@ -169,8 +169,9 @@
pub, pub_len) > 0)
|| !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
|| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL))
- || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
- || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, params), expected))
+ || !TEST_true(EVP_PKEY_fromdata_init(ctx))
+ || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_PUBLIC_KEY,
+ params), expected))
goto err;
ret = 1;
@@ -510,8 +511,8 @@
}
if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
|| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL))
- || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
- || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, params)))
+ || !TEST_true(EVP_PKEY_fromdata_init(ctx))
+ || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_PUBLIC_KEY, params)))
goto err;
ret = 1;
@@ -930,8 +931,9 @@
if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
|| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL))
- || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
- || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, params), pass))
+ || !TEST_true(EVP_PKEY_fromdata_init(ctx))
+ || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_KEYPAIR, params),
+ pass))
goto err;
ret = 1;
@@ -1053,8 +1055,8 @@
}
if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
|| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL))
- || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
- || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, params)))
+ || !TEST_true(EVP_PKEY_fromdata_init(ctx))
+ || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_KEYPAIR, params)))
goto err;
ret = 1;
diff --git a/test/ectest.c b/test/ectest.c
index e00e7c2..6d08d04 100644
--- a/test/ectest.c
+++ b/test/ectest.c
@@ -2409,8 +2409,9 @@
if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
|| !TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL))
- || !TEST_int_gt(EVP_PKEY_param_fromdata_init(pctx), 0)
- || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkeyparam, params), 0))
+ || !TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)
+ || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkeyparam,
+ EVP_PKEY_KEY_PARAMETERS, params), 0))
goto err;
/*- Check that all the set values are retrievable -*/
@@ -2869,9 +2870,11 @@
/* create two new provider-native `EVP_PKEY`s */
EVP_PKEY_CTX_free(pctx2);
if (!TEST_ptr(pctx2 = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL))
- || !TEST_true(EVP_PKEY_key_fromdata_init(pctx2))
- || !TEST_true(EVP_PKEY_fromdata(pctx2, &pkey1, params1))
- || !TEST_true(EVP_PKEY_fromdata(pctx2, &pkey2, params2)))
+ || !TEST_true(EVP_PKEY_fromdata_init(pctx2))
+ || !TEST_true(EVP_PKEY_fromdata(pctx2, &pkey1, EVP_PKEY_KEYPAIR,
+ params1))
+ || !TEST_true(EVP_PKEY_fromdata(pctx2, &pkey2, EVP_PKEY_PUBLIC_KEY,
+ params2)))
goto err;
/* compute keyexchange once more using the provider keys */
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index 223a8db..b3f2ec6 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -496,8 +496,9 @@
if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, keytype, NULL)))
goto err;
- if (!TEST_int_gt(EVP_PKEY_key_fromdata_init(pctx), 0)
- || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, params), 0))
+ if (!TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)
+ || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_KEYPAIR,
+ params), 0))
goto err;
if (!TEST_ptr(pkey))
@@ -1954,8 +1955,9 @@
if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
goto err;
- if (!TEST_int_gt(EVP_PKEY_key_fromdata_init(pctx), 0)
- || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, params), 0))
+ if (!TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)
+ || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_KEYPAIR,
+ params), 0))
goto err;
if (!TEST_ptr(pkey))
@@ -2014,8 +2016,9 @@
if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
goto err;
- if (!TEST_int_gt(EVP_PKEY_key_fromdata_init(pctx), 0)
- || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, params), 0))
+ if (!TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)
+ || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_KEYPAIR,
+ params), 0))
goto err;
if (!TEST_ptr(pkey))
diff --git a/test/evp_pkey_provided_test.c b/test/evp_pkey_provided_test.c
index bfc9cd2..85ae542 100644
--- a/test/evp_pkey_provided_test.c
+++ b/test/evp_pkey_provided_test.c
@@ -339,8 +339,9 @@
if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
goto err;
- if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
- || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
+ if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
+ || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
+ fromdata_params))
|| !TEST_int_eq(EVP_PKEY_bits(pk), 32)
|| !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
|| !TEST_int_eq(EVP_PKEY_size(pk), 4))
@@ -411,8 +412,9 @@
|| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
|| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
|| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
- || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
- || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
+ || !TEST_true(EVP_PKEY_fromdata_init(ctx))
+ || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
+ fromdata_params))
|| !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
|| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
|| !TEST_BN_eq(n, n_out))
@@ -501,8 +503,9 @@
if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
goto err;
- if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
- || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
+ if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
+ || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
+ fromdata_params))
|| !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
|| !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
|| !TEST_int_eq(EVP_PKEY_size(pk), 256))
@@ -645,8 +648,9 @@
if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
goto err;
- if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
- || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
+ if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
+ || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
+ fromdata_params))
|| !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
|| !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
|| !TEST_int_eq(EVP_PKEY_size(pk), 256))
@@ -916,8 +920,9 @@
fromdata_params = params;
}
- if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
- || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
+ if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
+ || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
+ fromdata_params))
|| !TEST_int_eq(EVP_PKEY_bits(pk), bits)
|| !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
|| !TEST_int_eq(EVP_PKEY_size(pk), size))
@@ -1028,8 +1033,9 @@
if (!TEST_ptr(ctx))
goto err;
- if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
- || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
+ if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
+ || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
+ fromdata_params))
|| !TEST_int_eq(EVP_PKEY_bits(pk), 256)
|| !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
|| !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2))
@@ -1286,8 +1292,9 @@
if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
goto err;
- if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
- || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
+ if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
+ || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
+ fromdata_params))
|| !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
|| !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
|| !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data))))
diff --git a/test/helpers/predefined_dhparams.c b/test/helpers/predefined_dhparams.c
index 18fb096..1a19470 100644
--- a/test/helpers/predefined_dhparams.c
+++ b/test/helpers/predefined_dhparams.c
@@ -23,7 +23,7 @@
OSSL_PARAM *params = NULL;
EVP_PKEY *dhpkey = NULL;
- if (pctx == NULL || !EVP_PKEY_key_fromdata_init(pctx))
+ if (pctx == NULL || !EVP_PKEY_fromdata_init(pctx))
goto err;
if ((tmpl = OSSL_PARAM_BLD_new()) == NULL
@@ -34,7 +34,8 @@
goto err;
params = OSSL_PARAM_BLD_to_param(tmpl);
- if (params == NULL || !EVP_PKEY_fromdata(pctx, &dhpkey, params))
+ if (params == NULL
+ || !EVP_PKEY_fromdata(pctx, &dhpkey, EVP_PKEY_KEY_PARAMETERS, params))
goto err;
err:
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 7cae297..6f30a7e 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -8221,7 +8221,7 @@
pctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL);
if (!TEST_ptr(pctx)
- || !TEST_true(EVP_PKEY_key_fromdata_init(pctx)))
+ || !TEST_true(EVP_PKEY_fromdata_init(pctx)))
goto end;
tmpl = OSSL_PARAM_BLD_new();
@@ -8236,7 +8236,8 @@
params = OSSL_PARAM_BLD_to_param(tmpl);
if (!TEST_ptr(params)
- || !TEST_true(EVP_PKEY_fromdata(pctx, &dhpkey, params)))
+ || !TEST_true(EVP_PKEY_fromdata(pctx, &dhpkey,
+ EVP_PKEY_KEY_PARAMETERS, params)))
goto end;
tmp_dh_params = dhpkey;
diff --git a/util/libcrypto.num b/util/libcrypto.num
index c591ab8..f72749f 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4798,11 +4798,7 @@
X509_STORE_load_file ? 3_0_0 EXIST::FUNCTION:
X509_STORE_load_path ? 3_0_0 EXIST::FUNCTION:
X509_STORE_load_store ? 3_0_0 EXIST::FUNCTION:
-EVP_PKEY_param_fromdata_init ? 3_0_0 EXIST::FUNCTION:
-EVP_PKEY_key_fromdata_init ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_fromdata ? 3_0_0 EXIST::FUNCTION:
-EVP_PKEY_param_fromdata_settable ? 3_0_0 EXIST::FUNCTION:
-EVP_PKEY_key_fromdata_settable ? 3_0_0 EXIST::FUNCTION:
EVP_ASYM_CIPHER_free ? 3_0_0 EXIST::FUNCTION:
EVP_ASYM_CIPHER_up_ref ? 3_0_0 EXIST::FUNCTION:
EVP_ASYM_CIPHER_provider ? 3_0_0 EXIST::FUNCTION:
@@ -5300,3 +5296,5 @@
EVP_PKEY_get_ec_point_conv_form ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_get_field_type ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_get_params ? 3_0_0 EXIST::FUNCTION:
+EVP_PKEY_fromdata_init ? 3_0_0 EXIST::FUNCTION:
+EVP_PKEY_fromdata_settable ? 3_0_0 EXIST::FUNCTION: