From: Richard Levitte <levitte@openssl.org>
Date: Sat, 4 Jan 2020 18:24:39 +0000 (+0100)
Subject: EVP: Fix method to determine if a PKEY is legacy or not
X-Git-Tag: openssl-3.0.0-alpha1~740
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=60a3399721a48931b137ae4d966a9ef4b6a85d11;p=oweals%2Fopenssl.git

EVP: Fix method to determine if a PKEY is legacy or not

For the implementation of EVP_PKEY_CTX_new(), we determined if an
EVP_PKEY wass legacy or not by looking at 'pkey->pkey.ptr'.  It turns
out that this code could get an unassigned EVP_PKEY, with that pointer
being NULL, and the determination proven incorrect.

The check now looks at 'pkey->ameth' instead.

Fixes #10704

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10758)
---

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index b1bbb9c57e..8b49baf6ab 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -131,7 +131,7 @@ static EVP_PKEY_CTX *int_ctx_new(OPENSSL_CTX *libctx,
      * If the key doesn't contain anything legacy, then it must be provided,
      * so we extract the necessary information and use that.
      */
-    if (pkey != NULL && pkey->pkey.ptr == NULL) {
+    if (pkey != NULL && pkey->ameth == NULL) {
         /* If we have an engine, something went wrong somewhere... */
         if (!ossl_assert(e == NULL))
             return NULL;