diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-04-08 18:25:26 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-04-15 09:19:39 +0200 |
commit | b4f447c038c05260491eb880e4a9c420b476c119 (patch) | |
tree | 1f77cb414be14032b47264c1c98356c9398b4516 /crypto/dsa | |
parent | 4a9fe33c8e12f4fefae0471c0834f8e674dc7e4e (diff) |
Add selection support to the provider keymgmt_dup function
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14793)
Diffstat (limited to 'crypto/dsa')
-rw-r--r-- | crypto/dsa/dsa_ameth.c | 2 | ||||
-rw-r--r-- | crypto/dsa/dsa_backend.c | 14 |
2 files changed, 11 insertions, 5 deletions
diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 0844e9be09..2e1ad081dc 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -507,7 +507,7 @@ static int dsa_pkey_copy(EVP_PKEY *to, EVP_PKEY *from) int ret; if (dsa != NULL) { - dupkey = ossl_dsa_dup(dsa); + dupkey = ossl_dsa_dup(dsa, OSSL_KEYMGMT_SELECT_ALL); if (dupkey == NULL) return 0; } diff --git a/crypto/dsa/dsa_backend.c b/crypto/dsa/dsa_backend.c index 856203a200..2ef8cbc9f3 100644 --- a/crypto/dsa/dsa_backend.c +++ b/crypto/dsa/dsa_backend.c @@ -64,7 +64,7 @@ static ossl_inline int dsa_bn_dup_check(BIGNUM **out, const BIGNUM *f) return 1; } -DSA *ossl_dsa_dup(const DSA *dsa) +DSA *ossl_dsa_dup(const DSA *dsa, int selection) { DSA *dupkey = NULL; @@ -77,14 +77,20 @@ DSA *ossl_dsa_dup(const DSA *dsa) if ((dupkey = ossl_dsa_new(dsa->libctx)) == NULL) return NULL; - if (!ossl_ffc_params_copy(&dupkey->params, &dsa->params)) + if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0 + && !ossl_ffc_params_copy(&dupkey->params, &dsa->params)) goto err; dupkey->flags = dsa->flags; - if (!dsa_bn_dup_check(&dupkey->pub_key, dsa->pub_key)) + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0 + && ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) == 0 + || !dsa_bn_dup_check(&dupkey->pub_key, dsa->pub_key))) goto err; - if (!dsa_bn_dup_check(&dupkey->priv_key, dsa->priv_key)) + + if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0 + && ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) == 0 + || !dsa_bn_dup_check(&dupkey->priv_key, dsa->priv_key))) goto err; #ifndef FIPS_MODULE |