)]}' { "commit": "5b7171f2da10d5dad52d0a2e4426fbc71d4ff146", "tree": "9a1948e0ef38ea812aa64d66069ab488e241a67d", "parents": [ "9b602f2d911db5c528bb9832256477bf63584260" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Aug 15 15:14:56 2025 -0400" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Aug 22 11:29:50 2025 -0700" }, "message": "Make some more half-empty EVP_PKEY states impossible\n\nEVP_PKEY_{assign,set1}_FOO would check for NULL, return an error, but\nstill leave the EVP_PKEY assigned to that type on failure. Check for\nNULL first, so that we don\u0027t leave it in that state.\n\nI originally did this with a slightly more ambitious goal of also\nbanning EVP_PKEY_set1_EC_KEY if the EC_KEY has no parameters. That was\nso that, in the happy future where we have EVP_PKEY_ALGs for P-256 and\nP-384, EVP_PKEY_ASN1_METHOD would simply be renamed EVP_PKEY_ALG and\nevery key would have an associated EVP_PKEY_ALG.\n\nFor that to work, EVP_PKEY_set1_EC_KEY must never be ambiguous about\nwhich EVP_PKEY_ALG to associate with the EVP_PKEY.\n\nHowever, the existence of custom EC_GROUPs throws a spanner in that.\nWe need to support EVP_PKEY_set1_EC_KEY with an custom EC_GROUP (at\nleast until we manage to get Conscrypt to stop using this function). So,\nat least for now, I\u0027m thinking we say that EVP_PKEY_ALGs point to\nEVP_PKEY_ASN1_METHODs but you can\u0027t go from EVP_PKEY back to\nEVP_PKEY_ALG, and we\u0027ll see how irksome of an API that becomes.\n\n(We can always go back to this idea later. The custom EC_GROUPs thing\nisn\u0027t fatal if EC_KEYs with funny EC_GROUPs map to some goofy private\nEVP_PKEY_ALG that can\u0027t parse anything.)\n\nStill, half-empty states are generally bad, so I\u0027m going to keep this\nchange on the branch and see if we can get it to stick.\n\nUpdate-Note: Some half-empty, invalid EVP_PKEY states are now\nimpossible. Running through tests, no callers were tripping this. There\nseems to be no legitimate reason to do this.\n\nBug: 42290409\nChange-Id: I0211a38ab62268a05e3ff1d138a092e4feec10b1\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/81549\nReviewed-by: Lily Chen \u003cchlily@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "12af146ae22a75a51159470422d66f3db20230f0", "old_mode": 33188, "old_path": "crypto/evp/evp_extra_test.cc", "new_id": "f69ccbe1933f803b3e900d77f32587454e351650", "new_mode": 33188, "new_path": "crypto/evp/evp_extra_test.cc" }, { "type": "modify", "old_id": "0f86ed4c943e60fb3d60b3531bd7ed302ac44359", "old_mode": 33188, "old_path": "crypto/evp/p_dh_asn1.cc", "new_id": "13621138d56219ce5470ed9936d17c284e9ef91c", "new_mode": 33188, "new_path": "crypto/evp/p_dh_asn1.cc" }, { "type": "modify", "old_id": "b07a9820209f5a55f98917bcf29ed56d18744c58", "old_mode": 33188, "old_path": "crypto/evp/p_dsa_asn1.cc", "new_id": "6e42764861327f3d0fe83398d6a3b3fc3e28ad8d", "new_mode": 33188, "new_path": "crypto/evp/p_dsa_asn1.cc" }, { "type": "modify", "old_id": "c8047dba2236d7a33963eddcc4e4f2bc69dfcca9", "old_mode": 33188, "old_path": "crypto/evp/p_ec_asn1.cc", "new_id": "c950d9b01f19b373a4a5cb05228a2bf857fdb045", "new_mode": 33188, "new_path": "crypto/evp/p_ec_asn1.cc" }, { "type": "modify", "old_id": "1c6f30b247202ea84cad26acfcf5578784f80a4c", "old_mode": 33188, "old_path": "crypto/evp/p_rsa_asn1.cc", "new_id": "99f414e8fe83e5e0d665a38bf448662fb3fdf274", "new_mode": 33188, "new_path": "crypto/evp/p_rsa_asn1.cc" } ] }