From: Richard Levitte <levitte@openssl.org>
Date: Thu, 9 Apr 2020 04:07:54 +0000 (+0200)
Subject: EVP: legacy_ctrl_to_param() to handle provider side keys
X-Git-Tag: openssl-3.0.0-alpha1~118
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=cc572c25647f6ab0c026a4a3057dc706e4a4a412;p=oweals%2Fopenssl.git

EVP: legacy_ctrl_to_param() to handle provider side keys

There was one spot where this function would look at ctx->pmeth
directly to determine if it's for RSASSA-PSS, which fails when
presented with an EVP_PKEY_CTX holding a provider side key.
Switching to use EVP_PKEY_is_a() should make things better.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11501)
---

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index da50ebf18a..f36a7363db 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -890,7 +890,8 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
         case EVP_PKEY_CTRL_CMS_DECRYPT:
         case EVP_PKEY_CTRL_CMS_ENCRYPT:
 # endif
-            if (ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS)
+            /* TODO (3.0) Temporary hack, this should probe */
+            if (!EVP_PKEY_is_a(EVP_PKEY_CTX_get0_pkey(ctx), "RSASSA-PSS"))
                 return 1;
             ERR_raise(ERR_LIB_EVP,
                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);