diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2021-04-15 18:25:17 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-04-26 19:52:11 +0200 |
commit | f1ffaaeece5efb7d2f4859a59e3164edf9b4b769 (patch) | |
tree | a125dfda9f44ef0702f8bae025ccec829eb33652 /crypto/evp/dh_support.c | |
parent | 6c9bc258d2e9e7b500236a1c696da1f384f0b907 (diff) | |
download | openssl-new-f1ffaaeece5efb7d2f4859a59e3164edf9b4b769.tar.gz |
Fixes related to separation of DH and DHX types
Fix dh_rfc5114 option in genpkey.
Fixes #14145
Fixes #13956
Fixes #13952
Fixes #13871
Fixes #14054
Fixes #14444
Updated documentation for app to indicate what options are available for
DH and DHX keys.
DH and DHX now have different keymanager gen_set_params() methods.
Added CHANGES entry to indicate the breaking change.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14883)
Diffstat (limited to 'crypto/evp/dh_support.c')
-rw-r--r-- | crypto/evp/dh_support.c | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/crypto/evp/dh_support.c b/crypto/evp/dh_support.c index 7e0256bd00..87296ffbee 100644 --- a/crypto/evp/dh_support.c +++ b/crypto/evp/dh_support.c @@ -15,14 +15,25 @@ typedef struct dh_name2id_st{ const char *name; int id; + int type; } DH_GENTYPE_NAME2ID; -static const DH_GENTYPE_NAME2ID dhtype2id[]= +/* Indicates that the paramgen_type can be used for either DH or DHX */ +#define TYPE_ANY -1 +#ifndef OPENSSL_NO_DH +# define TYPE_DH DH_FLAG_TYPE_DH +# define TYPE_DHX DH_FLAG_TYPE_DHX +#else +# define TYPE_DH 0 +# define TYPE_DHX 0 +#endif + +static const DH_GENTYPE_NAME2ID dhtype2id[] = { - { "fips186_4", DH_PARAMGEN_TYPE_FIPS_186_4 }, - { "fips186_2", DH_PARAMGEN_TYPE_FIPS_186_2 }, - { "group", DH_PARAMGEN_TYPE_GROUP }, - { "generator", DH_PARAMGEN_TYPE_GENERATOR } + { "group", DH_PARAMGEN_TYPE_GROUP, TYPE_ANY }, + { "generator", DH_PARAMGEN_TYPE_GENERATOR, TYPE_DH }, + { "fips186_4", DH_PARAMGEN_TYPE_FIPS_186_4, TYPE_DHX }, + { "fips186_2", DH_PARAMGEN_TYPE_FIPS_186_2, TYPE_DHX }, }; const char *ossl_dh_gen_type_id2name(int id) @@ -36,13 +47,17 @@ const char *ossl_dh_gen_type_id2name(int id) return NULL; } -int ossl_dh_gen_type_name2id(const char *name) +#ifndef OPENSSL_NO_DH +int ossl_dh_gen_type_name2id(const char *name, int type) { size_t i; for (i = 0; i < OSSL_NELEM(dhtype2id); ++i) { - if (strcmp(dhtype2id[i].name, name) == 0) + if ((dhtype2id[i].type == TYPE_ANY + || type == dhtype2id[i].type) + && strcmp(dhtype2id[i].name, name) == 0) return dhtype2id[i].id; } return -1; } +#endif |