diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-04-13 17:31:08 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-04-19 11:36:16 +0200 |
commit | b247113c053903ebb61a54ba5324847ba883ed70 (patch) | |
tree | d01dfc99a0b4f52ba94b186ff1e476f1b1916e2f /crypto/evp/pmeth_lib.c | |
parent | 5ae52001e115452ca285713feb1c2feaf07902ad (diff) |
Detect low-level engine and app method based keys
The low-level engine and app method based keys have to be treated
as foreign and must be used with old legacy pmeths.
Fixes #14632
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14859)
Diffstat (limited to 'crypto/evp/pmeth_lib.c')
-rw-r--r-- | crypto/evp/pmeth_lib.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index f145bdfdc6..f00394e081 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -224,7 +224,7 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, */ if (!ossl_assert(e == NULL || keytype == NULL)) return NULL; - if (e == NULL) + if (e == NULL && (pkey == NULL || pkey->foreign == 0)) keytype = OBJ_nid2sn(id); # ifndef OPENSSL_NO_ENGINE @@ -246,6 +246,8 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, */ if (e != NULL) pmeth = ENGINE_get_pkey_meth(e, id); + else if (pkey != NULL && pkey->foreign) + pmeth = EVP_PKEY_meth_find(id); else # endif pmeth = evp_pkey_meth_find_added_by_application(id); |