Detect low-level engine and app method based keys

The low-level engine and app method based keys have to be treated as foreign and must be used with old legacy pmeths. Fixes #14632 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14859)
author: Tomas Mraz <tomas@openssl.org> 2021-04-13 17:31:08 +0200
committer: Tomas Mraz <tomas@openssl.org> 2021-04-19 11:36:16 +0200
commit: b247113c053903ebb61a54ba5324847ba883ed70 (patch)
tree: d01dfc99a0b4f52ba94b186ff1e476f1b1916e2f /crypto/evp/pmeth_lib.c
parent: 5ae52001e115452ca285713feb1c2feaf07902ad (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index f145bdfdc6..f00394e081 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -224,7 +224,7 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx,
      */
     if (!ossl_assert(e == NULL || keytype == NULL))
         return NULL;
-    if (e == NULL)
+    if (e == NULL && (pkey == NULL || pkey->foreign == 0))
         keytype = OBJ_nid2sn(id);
 
 # ifndef OPENSSL_NO_ENGINE
@@ -246,6 +246,8 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx,
      */
     if (e != NULL)
         pmeth = ENGINE_get_pkey_meth(e, id);
+    else if (pkey != NULL && pkey->foreign)
+        pmeth = EVP_PKEY_meth_find(id);
     else
 # endif
         pmeth = evp_pkey_meth_find_added_by_application(id);
author	Tomas Mraz <tomas@openssl.org>	2021-04-13 17:31:08 +0200
committer	Tomas Mraz <tomas@openssl.org>	2021-04-19 11:36:16 +0200
commit	b247113c053903ebb61a54ba5324847ba883ed70 (patch)
tree	d01dfc99a0b4f52ba94b186ff1e476f1b1916e2f /crypto/evp/pmeth_lib.c
parent	5ae52001e115452ca285713feb1c2feaf07902ad (diff)