diff options
author | Richard Levitte <levitte@openssl.org> | 2020-08-05 10:28:51 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-09-03 17:48:32 +0200 |
commit | a10847c427744fb7e7d29953dee130a52251c027 (patch) | |
tree | a009c19372810a87154460cbbebe6e106dcf88c4 /apps/smime.c | |
parent | b5275648843ace1a441521823913ccbbebb8769c (diff) |
"Downgrade" provider-native keys to legacy where needed
Some sub-systems and openssl sub-commands do not yet deal cleanly with
purely provider-native EVP_PKEYs. We compensate that by "downgrading"
keys in select places, or ensure that the 'file:' scheme ENGINE loader
is activated.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12587)
Diffstat (limited to 'apps/smime.c')
-rw-r--r-- | apps/smime.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/apps/smime.c b/apps/smime.c index 5ecdc019d2..dbfcdbeb5a 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -477,6 +477,14 @@ int smime_main(int argc, char **argv) key = load_key(keyfile, keyform, 0, passin, e, "signing key file"); if (key == NULL) goto end; + + /* + * TODO: Remove this when CMS has full support for provider-native + * EVP_PKEYs + */ + if (EVP_PKEY_get0(key) == NULL) + goto end; + } in = bio_open_default(infile, 'r', informat); @@ -571,6 +579,14 @@ int smime_main(int argc, char **argv) key = load_key(keyfile, keyform, 0, passin, e, "signing key file"); if (key == NULL) goto end; + + /* + * TODO: Remove this when CMS has full support for provider-native + * EVP_PKEYs + */ + if (EVP_PKEY_get0(key) == NULL) + goto end; + if (!PKCS7_sign_add_signer(p7, signer, key, sign_md, flags)) goto end; X509_free(signer); |