return (**ret)();
}
-static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e,
+static EVP_PKEY_CTX *int_ctx_new(OPENSSL_CTX *libctx,
+ EVP_PKEY *pkey, ENGINE *e,
const char *name, const char *propquery,
int id)
{
if (e == NULL)
name = OBJ_nid2sn(id);
propquery = NULL;
+ /*
+ * We were called using legacy data, or an EVP_PKEY, but an EVP_PKEY
+ * isn't tied to a specific library context, so we fall back to the
+ * default library context.
+ * TODO(v3.0): an EVP_PKEY that doesn't originate from a leagacy key
+ * structure only has the pkeys[] cache, where the first element is
+ * considered the "origin". Investigate if that could be a suitable
+ * way to find a library context.
+ */
+ libctx = NULL;
#ifndef OPENSSL_NO_ENGINE
if (e == NULL && pkey != NULL)
EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
+ ret->libctx = libctx;
ret->algorithm = name;
ret->propquery = propquery;
ret->engine = e;
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
{
- return int_ctx_new(pkey, e, NULL, NULL, -1);
+ return int_ctx_new(NULL, pkey, e, NULL, NULL, -1);
}
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
{
- return int_ctx_new(NULL, e, NULL, NULL, id);
+ return int_ctx_new(NULL, NULL, e, NULL, NULL, id);
}
-EVP_PKEY_CTX *EVP_PKEY_CTX_new_provided(const char *name,
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_provided(OPENSSL_CTX *libctx,
+ const char *name,
const char *propquery)
{
- return int_ctx_new(NULL, NULL, name, propquery, -1);
+ return int_ctx_new(libctx, NULL, NULL, name, propquery, -1);
}
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
EVP_PKEY_up_ref(pctx->pkey);
rctx->pkey = pctx->pkey;
rctx->operation = pctx->operation;
+ rctx->libctx = pctx->libctx;
rctx->algorithm = pctx->algorithm;
rctx->propquery = pctx->propquery;
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
- EVP_PKEY_CTX *EVP_PKEY_CTX_new_provided(const char *name,
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new_provided(OPENSSL_CTX *libctx,
+ const char *name,
const char *propquery);
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
The EVP_PKEY_CTX_new_id() function allocates public key algorithm context
using the algorithm specified by I<id> and ENGINE I<e>.
-The EVP_PKEY_CTX_new_provided() function allocates a public key
-algorithm context using the algorithm specified by I<name> and the
-property query I<propquery>. The strings aren't duplicated, so they
-must remain unchanged for the lifetime of the returned B<EVP_PKEY_CTX>
-or of any of its duplicates.
+The EVP_PKEY_CTX_new_provided() function allocates a public key algorithm
+context using the library context I<libctx> (see L<OPENSSL_CTX(3)>), the
+algorithm specified by I<name> and the property query I<propquery>. None
+of the arguments are duplicated, so they must remain unchanged for the
+lifetime of the returned B<EVP_PKEY_CTX> or of any of its duplicates.
EVP_PKEY_CTX_new_id() and EVP_PKEY_CTX_new_provided() are normally
used when no B<EVP_PKEY> structure is associated with the operations,
projects / oweals / openssl.git / commitdiff