diff options
Diffstat (limited to 'crypto/evp/p_lib.c')
-rw-r--r-- | crypto/evp/p_lib.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 06a127a820..f7893d453d 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1916,7 +1916,15 @@ void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, * If |tmp_keymgmt| is present in the operation cache, it means * that export doesn't need to be redone. In that case, we take * token copies of the cached pointers, to have token success - * values to return. + * values to return. It is possible (e.g. in a no-cached-fetch + * build), for op->keymgmt to be a different pointer to tmp_keymgmt + * even though the name/provider must be the same. In other words + * the keymgmt instance may be different but still equivalent, i.e. + * same algorithm/provider instance - but we make the simplifying + * assumption that the keydata can be used with either keymgmt + * instance. Not doing so introduces significant complexity and + * probably requires refactoring - since we would have to ripple + * the change in keymgmt instance up the call chain. */ if (op != NULL && op->keymgmt != NULL) { keydata = op->keydata; |