diff options
| author | Richard Levitte <levitte@openssl.org> | 2021-01-26 17:01:15 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2021-02-03 17:20:56 +0100 |
| commit | 60488d2434c5be15dc14e1fa2a8733f076d9ccf4 (patch) | |
| tree | e06163ad2fcbd0f05e03ca16e085a6f1e843b0dc | |
| parent | 8ce04db808dd1799a4051d938112b7d591fc5fc2 (diff) | |
EVP: Don't find standard EVP_PKEY_METHODs automatically
EVP_PKEY_meth_find() got called automatically any time a new
EVP_PKEY_CTX allocator was called with some sort of key type data.
Since we have now moved all our standard algorithms to our providers,
this is no longer necessary.
We do retain looking up EVP_PKEY_METHODs that are added by the calling
application.
Fixes #11424
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13973)
| -rw-r--r-- | crypto/evp/pmeth_lib.c | 31 |
1 files changed, 21 insertions, 10 deletions
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 7fb32df86a..bc58ea367c 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -88,22 +88,33 @@ static int pmeth_cmp(const EVP_PKEY_METHOD *const *a, return ((*a)->pkey_id - (*b)->pkey_id); } -const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type) +static const EVP_PKEY_METHOD *evp_pkey_meth_find_added_by_application(int type) { - pmeth_fn *ret; - EVP_PKEY_METHOD tmp; - const EVP_PKEY_METHOD *t = &tmp; - - tmp.pkey_id = type; - if (app_pkey_methods) { + if (app_pkey_methods != NULL) { int idx; + EVP_PKEY_METHOD tmp; + + tmp.pkey_id = type; idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp); if (idx >= 0) return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx); } + return NULL; +} + +const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type) +{ + pmeth_fn *ret; + EVP_PKEY_METHOD tmp; + const EVP_PKEY_METHOD *t; + + if ((t = evp_pkey_meth_find_added_by_application(type)) != NULL) + return t; + + tmp.pkey_id = type; + t = &tmp; ret = OBJ_bsearch_pmeth_func(&t, standard_methods, - sizeof(standard_methods) / - sizeof(pmeth_fn)); + OSSL_NELEM(standard_methods)); if (ret == NULL || *ret == NULL) return NULL; return (**ret)(); @@ -245,7 +256,7 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, pmeth = ENGINE_get_pkey_meth(e, id); else # endif - pmeth = EVP_PKEY_meth_find(id); + pmeth = evp_pkey_meth_find_added_by_application(id); /* END legacy */ #endif /* FIPS_MODULE */ |