]> granicus.if.org Git - openssl/commit
Rework cipher / digest fetching for legacy nids with multiple name support
authorRichard Levitte <levitte@openssl.org>
Sat, 21 Sep 2019 18:57:51 +0000 (20:57 +0200)
committerRichard Levitte <levitte@openssl.org>
Mon, 23 Sep 2019 07:13:25 +0000 (09:13 +0200)
commit320408382046db015c9a9cc04ae91c2bcd0e5c4c
tree46d9721a3d9ce06444f5052bedcd334f38d94315
parent15dbf3a5a1ec27315753ef5a9148f6ad69277909
Rework cipher / digest fetching for legacy nids with multiple name support

With multiple names, it's no longer viable to just grab the "first" in
the set and use that to find the legacy NID.  Instead, all names for
an algorithm must be checked, and if we encounter more than one NID
asssociated with those names, we consider it an error and make that
method unloadable.

This ensures that all methods that do have an internal NID associated
will get that NID in their structure, thereby ensuring that other
parts of libcrypto that haven't gone away from using NIDs for
comparison will continue to work as expected.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9969)
crypto/evp/digest.c
crypto/evp/evp_enc.c
crypto/evp/evp_fetch.c
crypto/evp/evp_locl.h