diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-04-13 17:31:08 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-04-19 11:36:16 +0200 |
commit | b247113c053903ebb61a54ba5324847ba883ed70 (patch) | |
tree | d01dfc99a0b4f52ba94b186ff1e476f1b1916e2f /crypto/ec | |
parent | 5ae52001e115452ca285713feb1c2feaf07902ad (diff) |
Detect low-level engine and app method based keys
The low-level engine and app method based keys have to be treated
as foreign and must be used with old legacy pmeths.
Fixes #14632
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14859)
Diffstat (limited to 'crypto/ec')
-rw-r--r-- | crypto/ec/ec_backend.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/crypto/ec/ec_backend.c b/crypto/ec/ec_backend.c index 0189a33a91..e9843eb4ac 100644 --- a/crypto/ec/ec_backend.c +++ b/crypto/ec/ec_backend.c @@ -520,6 +520,16 @@ int ossl_ec_key_otherparams_fromdata(EC_KEY *ec, const OSSL_PARAM params[]) return 1; } +int ossl_ec_key_is_foreign(const EC_KEY *ec) +{ +#ifndef FIPS_MODULE + if (ec->engine != NULL || EC_KEY_get_method(ec) != EC_KEY_OpenSSL()) + return 1; +#endif + return 0; + +} + EC_KEY *ossl_ec_key_dup(const EC_KEY *src, int selection) { EC_KEY *ret = ossl_ec_key_new_method_int(src->libctx, src->propq, |