git.openssl.org Git - openssl.git/commit

author	Richard Levitte <levitte@openssl.org>
	Wed, 8 Apr 2020 13:41:05 +0000 (15:41 +0200)
committer	Richard Levitte <levitte@openssl.org>
	Fri, 10 Apr 2020 20:15:25 +0000 (22:15 +0200)
commit	aec8de1a5f0b3f6e6279266b45836d6c9f6878df
tree	2cfe0510c4b3ae191bc30a70b22a23a37df209da	tree \| snapshot
parent	1ae56f2f43d36618e54cbb8dd47a7107b74505b6	commit \| diff

CMS KARI: Temporarly downgrade newly generated EVP_PKEYs to legacy

The EVP_PKEY_ASN1_METHOD code used by CMS_RecipientInfo_kari_decrypt()
and cms_RecipientInfo_kari_encrypt() is quite complex and needs more
careful thought to work with provider side keys. Unfortunately, we
need to get key generation in place, among others for ECC keys, so we
add a temporary hack, similar to what's already done in TLS code, that
downgrades a provider side EVP_PKEY to become EVP_PKEY_ASN1_METHOD /
EVP_PKEY_METHOD based.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11501)

crypto/cms/cms_err.c		diff \| blob \| history
crypto/cms/cms_kari.c		diff \| blob \| history
crypto/err/openssl.txt		diff \| blob \| history
include/openssl/cmserr.h		diff \| blob \| history