mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-02 07:35:26 +00:00
Code Issues Releases Wiki Activity

Make OpenSSL keypair comparation a generic helper function

Browse Source
This commit is contained in:
Timo Teräs
2022-12-28 17:11:21 +02:00
committed by Ondřej Surý
parent 326e85e08d
commit 02efa591ef
3 changed files with 28 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/dns/dst_openssl.h
View File

@@ -45,4 +45,7 @@ isc_result_t
dst__openssl_fromlabel(int key_base_id, const char *engine, const char *label, dst__openssl_fromlabel(int key_base_id, const char *engine, const char *label,
const char *pin, EVP_PKEY **ppub, EVP_PKEY **ppriv); const char *pin, EVP_PKEY **ppub, EVP_PKEY **ppriv);
bool
dst__openssl_compare_keypair(const dst_key_t *key1, const dst_key_t *key2);
ISC_LANG_ENDDECLS ISC_LANG_ENDDECLS

24
lib/dns/openssl_link.c
View File

@@ -353,4 +353,28 @@ dst__openssl_fromlabel(int key_base_id, const char *engine, const char *label,
ppub, ppriv)); ppub, ppriv));
} }
bool
dst__openssl_compare_keypair(const dst_key_t *key1, const dst_key_t *key2) {
EVP_PKEY *pkey1 = key1->keydata.pkeypair.pub;
EVP_PKEY *pkey2 = key2->keydata.pkeypair.pub;
if (pkey1 == NULL && pkey2 == NULL) {
return (true);
} else if (pkey1 == NULL || pkey2 == NULL) {
return (false);
}
/* `EVP_PKEY_eq` checks only the public components and parameters. */
if (EVP_PKEY_eq(pkey1, pkey2) != 1) {
return (false);
}
/* The private key presence must be same for keys to match. */
if ((key1->keydata.pkeypair.priv != NULL) !=
(key2->keydata.pkeypair.priv != NULL))
{
return (false);
}
return (true);
}
/*! \file */ /*! \file */

26
lib/dns/opensslrsa_link.c
View File

@@ -343,30 +343,6 @@ opensslrsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
return (opensslrsa_verify2(dctx, 0, sig)); return (opensslrsa_verify2(dctx, 0, sig));
} }
static bool
opensslrsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
EVP_PKEY *pkey1 = key1->keydata.pkeypair.pub;
EVP_PKEY *pkey2 = key2->keydata.pkeypair.pub;
if (pkey1 == NULL && pkey2 == NULL) {
return (true);
} else if (pkey1 == NULL || pkey2 == NULL) {
return (false);
}
/* `EVP_PKEY_eq` checks only the public components and parameters. */
if (EVP_PKEY_eq(pkey1, pkey2) != 1) {
return (false);
}
/* The private key presence must be same for keys to match. */
if ((key1->keydata.pkeypair.priv != NULL) !=
(key2->keydata.pkeypair.priv != NULL))
{
return (false);
}
return (true);
}
#if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000
static int static int
progress_cb(int p, int n, BN_GENCB *cb) { progress_cb(int p, int n, BN_GENCB *cb) {
@@ -1139,7 +1115,7 @@ static dst_func_t opensslrsa_functions = {
opensslrsa_verify, opensslrsa_verify,
opensslrsa_verify2, opensslrsa_verify2,
NULL, /*%< computesecret */ NULL, /*%< computesecret */
opensslrsa_compare, dst__openssl_compare_keypair,
NULL, /*%< paramcompare */ NULL, /*%< paramcompare */
opensslrsa_generate, opensslrsa_generate,
opensslrsa_isprivate, opensslrsa_isprivate,