Implement provider-side keymgmt_dup function

[openssl.git] / crypto / ec / ecx_meth.c

diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c
index c4d534e48c79f9641f6756460e9f3dd1dce27527..df4b620829976d73ecc4f08e9914540a9037d2ea 100644 (file)
--- a/crypto/ec/ecx_meth.c
+++ b/crypto/ec/ecx_meth.c
@@ -379,7 +379,7 @@ static int ecx_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
 
  err:
     OSSL_PARAM_BLD_free(tmpl);
-    OSSL_PARAM_BLD_free_params(params);
+    OSSL_PARAM_free(params);
     return rv;
 }
 
@@ -406,16 +406,18 @@ static int ecx_generic_import_from(const OSSL_PARAM params[], void *vpctx,
 
 static int ecx_pkey_copy(EVP_PKEY *to, EVP_PKEY *from)
 {
-    ECX_KEY *ecx = from->pkey.ecx;
+    ECX_KEY *ecx = from->pkey.ecx, *dupkey = NULL;
     int ret;
 
-    /* We can do just up-ref as ECX keys are immutable */
-    if (ecx != NULL && !ossl_ecx_key_up_ref(ecx))
-        return 0;
+    if (ecx != NULL) {
+        dupkey = ossl_ecx_key_dup(ecx);
+        if (dupkey == NULL)
+            return 0;
+    }
 
-    ret = EVP_PKEY_assign(to, from->type, ecx);
+    ret = EVP_PKEY_assign(to, from->type, dupkey);
     if (!ret)
-        ossl_ecx_key_free(ecx);
+        ossl_ecx_key_free(dupkey);
     return ret;
 }