From a5d0541b1b07e2be305dadb0d01226ea58ff2994 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 9 Oct 2017 14:37:21 +0100 Subject: [PATCH] Don't ignore passed ENGINE. If we are passed an ENGINE to use in int_ctx_new e.g. via EVP_PKEY_CTX_new() use it instead of the default. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/4503) (cherry picked from commit c2976edf4b22691d8bebb0e3ca2db18b3d0c71c6) --- crypto/evp/pmeth_lib.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index b7f06be5df..877fbd072e 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -89,7 +89,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) id = pkey->ameth->pkey_id; } #ifndef OPENSSL_NO_ENGINE - if (pkey && pkey->engine) + if (e == NULL && pkey != NULL) e = pkey->engine; /* Try to find an ENGINE which implements this method */ if (e) { @@ -97,8 +97,9 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) EVPerr(EVP_F_INT_CTX_NEW, ERR_R_ENGINE_LIB); return NULL; } - } else + } else { e = ENGINE_get_pkey_meth_engine(id); + } /* * If an ENGINE handled this method look it up. Otherwise use internal -- 2.25.1