EVP: legacy_ctrl_to_param() to handle provider side keys

There was one spot where this function would look at ctx->pmeth
directly to determine if it's for RSASSA-PSS, which fails when
presented with an EVP_PKEY_CTX holding a provider side key.
Switching to use EVP_PKEY_is_a() should make things better.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11501)

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index da50ebf18adf762fc93a0e632d98f7977c1ff8d7..f36a7363db52dae735e96979ccb3a87c31e3afdd 100644 (file)
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -890,7 +890,8 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
         case EVP_PKEY_CTRL_CMS_DECRYPT:
         case EVP_PKEY_CTRL_CMS_ENCRYPT:
 # endif
-            if (ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS)
+            /* TODO (3.0) Temporary hack, this should probe */
+            if (!EVP_PKEY_is_a(EVP_PKEY_CTX_get0_pkey(ctx), "RSASSA-PSS"))
                 return 1;
             ERR_raise(ERR_LIB_EVP,
                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);