From 3aceb9ec51beb2ec266c2aba75ee14721c693659 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 18 Mar 2020 12:57:48 +0000 Subject: [PATCH] Use the libctx and properties when constructing an EVP_PKEY_CTX When constructing an RSA ClientKeyExchange make sure we construct our EVP_PKEY_CTX using the correct libctx and properties Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/11357) --- ssl/statem/statem_clnt.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 99459a8c6a..dfc6f5a721 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2990,7 +2990,8 @@ static int tls_construct_cke_rsa(SSL *s, WPACKET *pkt) ERR_R_INTERNAL_ERROR); goto err; } - pctx = EVP_PKEY_CTX_new(pkey, NULL); + + pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, pkey, s->ctx->propq); if (pctx == NULL || EVP_PKEY_encrypt_init(pctx) <= 0 || EVP_PKEY_encrypt(pctx, NULL, &enclen, pms, pmslen) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_RSA, -- 2.25.1