From 2db985b7b1e20ac670d196981aa7e8f31881d2eb Mon Sep 17 00:00:00 2001
From: Shane Lontis <shane.lontis@oracle.com>
Date: Fri, 5 Feb 2021 13:55:50 +1000
Subject: Simplify the EVP_PKEY_XXX_fromdata_XX methods.

The existing names such as EVP_PKEY_param_fromdata_settable were a bit
confusing since the 'param' referred to key params not OSSL_PARAM. To simplify
the interface a 'selection' parameter will be passed instead. The
changes are:

(1) EVP_PKEY_fromdata_init() replaces both EVP_PKEY_key_fromdata_init() and EVP_PKEY_param_fromdata_init().
(2) EVP_PKEY_fromdata() has an additional selection parameter.
(3) EVP_PKEY_fromdata_settable() replaces EVP_PKEY_key_fromdata_settable() and EVP_PKEY_param_fromdata_settable().
    EVP_PKEY_fromdata_settable() also uses a selection parameter.

Fixes #12989

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14076)
---
 ssl/statem/statem_clnt.c | 4 ++--
 ssl/t1_lib.c             | 5 +++--
 2 files changed, 5 insertions(+), 4 deletions(-)

(limited to 'ssl')

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index cff522604f..1e9ab00976 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2063,8 +2063,8 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
         goto err;
     }
-    if (EVP_PKEY_key_fromdata_init(pctx) <= 0
-            || EVP_PKEY_fromdata(pctx, &peer_tmp, params) <= 0) {
+    if (EVP_PKEY_fromdata_init(pctx) <= 0
+            || EVP_PKEY_fromdata(pctx, &peer_tmp, EVP_PKEY_KEYPAIR, params) <= 0) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_BAD_DH_VALUE);
         goto err;
     }
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index a7b5a6cc3f..684e8494fc 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2901,7 +2901,7 @@ EVP_PKEY *ssl_get_auto_dh(SSL *s)
 
     pctx = EVP_PKEY_CTX_new_from_name(s->ctx->libctx, "DH", s->ctx->propq);
     if (pctx == NULL
-            || EVP_PKEY_key_fromdata_init(pctx) != 1)
+            || EVP_PKEY_fromdata_init(pctx) != 1)
         goto err;
 
     tmpl = OSSL_PARAM_BLD_new();
@@ -2911,7 +2911,8 @@ EVP_PKEY *ssl_get_auto_dh(SSL *s)
         goto err;
 
     params = OSSL_PARAM_BLD_to_param(tmpl);
-    if (params == NULL || EVP_PKEY_fromdata(pctx, &dhp, params) != 1)
+    if (params == NULL
+            || EVP_PKEY_fromdata(pctx, &dhp, EVP_PKEY_KEY_PARAMETERS, params) != 1)
         goto err;
 
 err:
-- 
cgit v1.2.3