EVP: make it possible to init EVP_PKEY_CTX with provided EVP_PKEY

The case when EVP_PKEY_CTX_new() is called with a provided EVP_PKEY
(no legacy data) wasn't handled properly.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10618)

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 7563c800f791e3df492734a45b3f245339d9ddc4..b1bbb9c57e314c8531b0b0aeb173c0c1aa74dcba 100644 (file)
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -127,11 +127,28 @@ static EVP_PKEY_CTX *int_ctx_new(OPENSSL_CTX *libctx,
     if (pkey == NULL && e == NULL && id == -1)
         goto common;
 
+    /*
+     * If the key doesn't contain anything legacy, then it must be provided,
+     * so we extract the necessary information and use that.
+     */
+    if (pkey != NULL && pkey->pkey.ptr == NULL) {
+        /* If we have an engine, something went wrong somewhere... */
+        if (!ossl_assert(e == NULL))
+            return NULL;
+        name = evp_first_name(pkey->pkeys[0].keymgmt->prov,
+                              pkey->pkeys[0].keymgmt->name_id);
+        /*
+         * TODO: I wonder if the EVP_PKEY should have the name and propquery
+         * that were used when building it....  /RL
+         */
+        goto common;
+    }
+
     /* TODO(3.0) Legacy code should be removed when all is provider based */
     /* BEGIN legacy */
     if (id == -1) {
         if (pkey == NULL)
-            return 0;
+            return NULL;
         id = pkey->type;
     }