CMS KARI: Temporarly downgrade newly generated EVP_PKEYs to legacy

The EVP_PKEY_ASN1_METHOD code used by CMS_RecipientInfo_kari_decrypt() and cms_RecipientInfo_kari_encrypt() is quite complex and needs more careful thought to work with provider side keys. Unfortunately, we need to get key generation in place, among others for ECC keys, so we add a temporary hack, similar to what's already done in TLS code, that downgrades a provider side EVP_PKEY to become EVP_PKEY_ASN1_METHOD / EVP_PKEY_METHOD based. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11501)
author: Richard Levitte <levitte@openssl.org> 2020-04-08 15:41:05 +0200
committer: Richard Levitte <levitte@openssl.org> 2020-04-10 22:15:25 +0200
commit: aec8de1a5f0b3f6e6279266b45836d6c9f6878df (patch)
tree: 2cfe0510c4b3ae191bc30a70b22a23a37df209da /include
parent: 1ae56f2f43d36618e54cbb8dd47a7107b74505b6 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/include/openssl/cmserr.h b/include/openssl/cmserr.h
index 494ae6191a..d4d8134171 100644
--- a/include/openssl/cmserr.h
+++ b/include/openssl/cmserr.h
@@ -87,6 +87,7 @@ int ERR_load_CMS_strings(void);
 #   define CMS_F_CMS_RECEIPT_VERIFY                         0
 #   define CMS_F_CMS_RECIPIENTINFO_DECRYPT                  0
 #   define CMS_F_CMS_RECIPIENTINFO_ENCRYPT                  0
+#   define CMS_F_CMS_RECIPIENTINFO_KARI_DECRYPT             0
 #   define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT             0
 #   define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG            0
 #   define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID        0
author	Richard Levitte <levitte@openssl.org>	2020-04-08 15:41:05 +0200
committer	Richard Levitte <levitte@openssl.org>	2020-04-10 22:15:25 +0200
commit	aec8de1a5f0b3f6e6279266b45836d6c9f6878df (patch)
tree	2cfe0510c4b3ae191bc30a70b22a23a37df209da /include
parent	1ae56f2f43d36618e54cbb8dd47a7107b74505b6 (diff)