From: Richard Levitte <levitte@openssl.org>
Date: Mon, 2 Dec 2019 11:00:58 +0000 (+0100)
Subject: EVP: make it possible to init EVP_PKEY_CTX with provided EVP_PKEY
X-Git-Tag: openssl-3.0.0-alpha1~810
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=982efd7765f42ba0329e5db6e3434b072d90842c;p=oweals%2Fopenssl.git

EVP: make it possible to init EVP_PKEY_CTX with provided EVP_PKEY

The case when EVP_PKEY_CTX_new() is called with a provided EVP_PKEY
(no legacy data) wasn't handled properly.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10618)
---

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 7563c800f7..b1bbb9c57e 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -127,11 +127,28 @@ static EVP_PKEY_CTX *int_ctx_new(OPENSSL_CTX *libctx,
     if (pkey == NULL && e == NULL && id == -1)
         goto common;
 
+    /*
+     * If the key doesn't contain anything legacy, then it must be provided,
+     * so we extract the necessary information and use that.
+     */
+    if (pkey != NULL && pkey->pkey.ptr == NULL) {
+        /* If we have an engine, something went wrong somewhere... */
+        if (!ossl_assert(e == NULL))
+            return NULL;
+        name = evp_first_name(pkey->pkeys[0].keymgmt->prov,
+                              pkey->pkeys[0].keymgmt->name_id);
+        /*
+         * TODO: I wonder if the EVP_PKEY should have the name and propquery
+         * that were used when building it....  /RL
+         */
+        goto common;
+    }
+
     /* TODO(3.0) Legacy code should be removed when all is provider based */
     /* BEGIN legacy */
     if (id == -1) {
         if (pkey == NULL)
-            return 0;
+            return NULL;
         id = pkey->type;
     }