EVP_PKEY2PKCS8() relies on the presence of an EVP_PKEY_ASN1_METHOD,
which requires "downgrading" the EVP_PKEY to have a legacy internal
key.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12587)
return NULL;
}
+ /* Force a key downgrade if that's possible */
+ /* TODO(3.0) Is there a better way for provider-native keys? */
+ if (EVP_PKEY_get0(pkey) == NULL)
+ return NULL;
+
if (pkey->ameth) {
if (pkey->ameth->priv_encode) {
if (!pkey->ameth->priv_encode(p8, pkey)) {