diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index a2d3933700..620c828159 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -832,9 +832,7 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) return ret; } # endif /* OPENSSL_NO_DSA */ -#endif /* FIPS_MODULE */ -#ifndef FIPS_MODULE # ifndef OPENSSL_NO_EC static const ECX_KEY *evp_pkey_get0_ECX_KEY(const EVP_PKEY *pkey, int type) { @@ -927,7 +925,6 @@ int EVP_PKEY_base_id(const EVP_PKEY *pkey) return EVP_PKEY_type(pkey->type); } -#ifndef FIPS_MODULE /* * These hard coded cases are pure hackery to get around the fact * that names in crypto/objects/objects.txt are a mess. There is @@ -981,17 +978,14 @@ const char *evp_pkey_type2name(int type) return OBJ_nid2sn(type); } -#endif int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name) { -#ifndef FIPS_MODULE if (pkey->keymgmt == NULL) { int type = evp_pkey_name2type(name); return pkey->type == type; } -#endif return EVP_KEYMGMT_is_a(pkey->keymgmt, name); } @@ -1017,17 +1011,17 @@ int EVP_PKEY_can_sign(const EVP_PKEY *pkey) switch (EVP_PKEY_base_id(pkey)) { case EVP_PKEY_RSA: return 1; -#ifndef OPENSSL_NO_DSA +# ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: return 1; -#endif -#ifndef OPENSSL_NO_EC +# endif +# ifndef OPENSSL_NO_EC case EVP_PKEY_ED25519: case EVP_PKEY_ED448: return 1; case EVP_PKEY_EC: /* Including SM2 */ return EC_KEY_can_sign(pkey->pkey.ec); -#endif +# endif default: break; } @@ -1150,6 +1144,47 @@ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, pctx); } +# ifndef OPENSSL_NO_STDIO +int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx) +{ + int ret; + BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); + + if (b == NULL) + return 0; + ret = EVP_PKEY_print_public(b, pkey, indent, pctx); + BIO_free(b); + return ret; +} + +int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx) +{ + int ret; + BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); + + if (b == NULL) + return 0; + ret = EVP_PKEY_print_private(b, pkey, indent, pctx); + BIO_free(b); + return ret; +} + +int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx) +{ + int ret; + BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); + + if (b == NULL) + return 0; + ret = EVP_PKEY_print_params(b, pkey, indent, pctx); + BIO_free(b); + return ret; +} +# endif + static void mdname2nid(const char *mdname, void *data) { int *nid = (int *)data; @@ -2186,7 +2221,7 @@ int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey) if (pkey->keymgmt == NULL || pkey->keydata == NULL) { -#ifndef OPENSSL_NO_EC +# ifndef OPENSSL_NO_EC /* Might work through the legacy route */ const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); @@ -2194,9 +2229,9 @@ int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey) return 0; return EC_KEY_get_conv_form(ec); -#else +# else return 0; -#endif +# endif } if (!EVP_PKEY_get_utf8_string_param(pkey, @@ -2226,7 +2261,7 @@ int EVP_PKEY_get_field_type(const EVP_PKEY *pkey) if (pkey->keymgmt == NULL || pkey->keydata == NULL) { -#ifndef OPENSSL_NO_EC +# ifndef OPENSSL_NO_EC /* Might work through the legacy route */ const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); const EC_GROUP *grp; @@ -2238,9 +2273,9 @@ int EVP_PKEY_get_field_type(const EVP_PKEY *pkey) return 0; return EC_GROUP_get_field_type(grp); -#else +# else return 0; -#endif +# endif } if (!EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_EC_FIELD_TYPE, diff --git a/doc/man3/EVP_PKEY_print_private.pod b/doc/man3/EVP_PKEY_print_private.pod index 0e8f889fce..2fe765630e 100644 --- a/doc/man3/EVP_PKEY_print_private.pod +++ b/doc/man3/EVP_PKEY_print_private.pod @@ -2,7 +2,9 @@ =head1 NAME -EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public key algorithm printing routines +EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params, +EVP_PKEY_print_public_fp, EVP_PKEY_print_private_fp, +EVP_PKEY_print_params_fp - public key algorithm printing routines =head1 SYNOPSIS @@ -10,25 +12,35 @@ EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public ke int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); + int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx); int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); + int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx); int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); + int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx); =head1 DESCRIPTION The functions EVP_PKEY_print_public(), EVP_PKEY_print_private() and EVP_PKEY_print_params() print out the public, private or parameter components -of key B respectively. The key is sent to BIO B in human readable -form. The parameter B indicated how far the printout should be indented. +of key I respectively. The key is sent to B I in human readable +form. The parameter I indicates how far the printout should be indented. -The B parameter allows the print output to be finely tuned by using -ASN1 printing options. If B is set to NULL then default values will +The I parameter allows the print output to be finely tuned by using +ASN1 printing options. If I is set to NULL then default values will be used. +The functions EVP_PKEY_print_public_fp(), EVP_PKEY_print_private_fp() and +EVP_PKEY_print_params_fp() do the same as the B based functions +but use B I instead. + =head1 NOTES -Currently no public key algorithms include any options in the B parameter. +Currently no public key algorithms include any options in the I parameter. If the key does not include all the components indicated by the function then only those contained in the key will be printed. For example passing a public @@ -47,7 +59,11 @@ L =head1 HISTORY -These functions were added in OpenSSL 1.0.0. +The functions EVP_PKEY_print_public(), EVP_PKEY_print_private(), +and EVP_PKEY_print_params() were added in OpenSSL 1.0.0. + +The functions EVP_PKEY_print_public_fp(), EVP_PKEY_print_private_fp(), +and EVP_PKEY_print_params_fp() were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/include/openssl/evp.h b/include/openssl/evp.h index e098bc6887..9f3efbd2f5 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -18,6 +18,10 @@ # include +# ifndef OPENSSL_NO_STDIO +# include +# endif + # include # include # include @@ -1354,6 +1358,14 @@ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); +# ifndef OPENSSL_NO_STDIO +int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx); +int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx); +int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey, + int indent, ASN1_PCTX *pctx); +# endif int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid); int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey, diff --git a/util/libcrypto.num b/util/libcrypto.num index bfd44c2325..3fd2e665f2 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5324,3 +5324,6 @@ EVP_PKEY_verify_recover_init_ex ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_encrypt_init_ex ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_decrypt_init_ex ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_derive_init_ex ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_print_public_fp ? 3_0_0 EXIST::FUNCTION:STDIO +EVP_PKEY_print_private_fp ? 3_0_0 EXIST::FUNCTION:STDIO +EVP_PKEY_print_params_fp ? 3_0_0 EXIST::FUNCTION:STDIO