diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c index 36ba4242799d91..06d16a8a7b29d4 100644 --- a/crypto/cmp/cmp_msg.c +++ b/crypto/cmp/cmp_msg.c @@ -1156,8 +1156,8 @@ X509 *ossl_cmp_certresponse_get1_cert(const OSSL_CMP_CTX *ctx, const OSSL_CMP_CE ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_PRIVATE_KEY); return NULL; } - crt = OSSL_CRMF_ENCRYPTEDKEY_get1_encCert(coec->value.encryptedCert, pkey, 0, - ctx->libctx, ctx->propq); + crt = OSSL_CRMF_ENCRYPTEDKEY_get1_encCert(coec->value.encryptedCert, + ctx->libctx, ctx->propq, pkey, 0); break; default: ERR_raise(ERR_LIB_CMP, CMP_R_UNKNOWN_CERT_TYPE); diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c index f6252713a695e5..fef718b8a695da 100644 --- a/crypto/crmf/crmf_lib.c +++ b/crypto/crmf/crmf_lib.c @@ -694,7 +694,7 @@ EVP_PKEY *OSSL_CRMF_ENCRYPTEDKEY_get1_pkey(const OSSL_CRMF_ENCRYPTEDKEY *encrypt int len; p = OSSL_CRMF_ENCRYPTEDVALUE_decrypt(encryptedKey->value.encryptedValue, - pkey, &len, libctx, propq); + libctx, propq, pkey, &len); if ((p_copy = p) != NULL) ret = d2i_AutoPrivateKey_ex(NULL, &p_copy, len, libctx, propq); OPENSSL_free(p); @@ -762,8 +762,8 @@ EVP_PKEY *OSSL_CRMF_ENCRYPTEDKEY_get1_pkey(const OSSL_CRMF_ENCRYPTEDKEY *encrypt unsigned char *OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE *enc, - EVP_PKEY *pkey, int *outlen, - OSSL_LIB_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq, + EVP_PKEY *pkey, int *outlen) { EVP_CIPHER_CTX *evp_ctx = NULL; /* context for symmetric encryption */ unsigned char *ek = NULL; /* decrypted symmetric encryption key */ @@ -875,7 +875,7 @@ X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecer int len; X509 *cert = NULL; - buf = OSSL_CRMF_ENCRYPTEDVALUE_decrypt(ecert, pkey, &len, libctx, propq); + buf = OSSL_CRMF_ENCRYPTEDVALUE_decrypt(ecert, libctx, propq, pkey, &len); if ((p = buf) == NULL || (cert = X509_new_ex(libctx, propq)) == NULL) goto end; @@ -897,8 +897,8 @@ X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecer * returns NULL on error or if no certificate available */ X509 *OSSL_CRMF_ENCRYPTEDKEY_get1_encCert(const OSSL_CRMF_ENCRYPTEDKEY *ecert, - EVP_PKEY *pkey, unsigned int flags, - OSSL_LIB_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq, + EVP_PKEY *pkey, unsigned int flags) { #ifndef OPENSSL_NO_CMS BIO *bio; diff --git a/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod index d4fe4b73fff45a..e6bd39d8521147 100644 --- a/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod +++ b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod @@ -40,8 +40,8 @@ OSSL_CRMF_MSG_centralKeygen_requested const X509_NAME *OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid); X509 *OSSL_CRMF_ENCRYPTEDKEY_get1_encCert(const OSSL_CRMF_ENCRYPTEDKEY *ecert, - EVP_PKEY *pkey, unsigned int flags - OSSL_LIB_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq, + EVP_PKEY *pkey, unsigned int flags); EVP_PKEY *OSSL_CRMF_ENCRYPTEDKEY_get1_pkey(OSSL_CRMF_ENCRYPTEDKEY *encryptedKey, X509_STORE *ts, STACK_OF(X509) *extra, @@ -53,11 +53,11 @@ OSSL_CRMF_MSG_centralKeygen_requested unsigned char *OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE *enc, - EVP_PKEY *pkey, int *outlen, - OSSL_LIB_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq, + EVP_PKEY *pkey, int *outlen); X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert, - OSSL_LIB_CTX *libctx, const char *propq + OSSL_LIB_CTX *libctx, const char *propq, EVP_PKEY *pkey); int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm); diff --git a/include/openssl/crmf.h.in b/include/openssl/crmf.h.in index 083fc469a9ca09..9ecd9768849b28 100644 --- a/include/openssl/crmf.h.in +++ b/include/openssl/crmf.h.in @@ -185,12 +185,12 @@ X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecer OSSL_LIB_CTX *libctx, const char *propq, EVP_PKEY *pkey); X509 *OSSL_CRMF_ENCRYPTEDKEY_get1_encCert(const OSSL_CRMF_ENCRYPTEDKEY *ecert, - EVP_PKEY *pkey, unsigned int flags, - OSSL_LIB_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq, + EVP_PKEY *pkey, unsigned int flags); unsigned char *OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE *enc, - EVP_PKEY *pkey, int *outlen, - OSSL_LIB_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq, + EVP_PKEY *pkey, int *outlen); EVP_PKEY *OSSL_CRMF_ENCRYPTEDKEY_get1_pkey(const OSSL_CRMF_ENCRYPTEDKEY *encryptedKey, X509_STORE *ts, STACK_OF(X509) *extra, EVP_PKEY *pkey, X509 *cert, ASN1_OCTET_STRING *secret,