Add evp_keymgmt_clear_pkey_cache() and use it

[openssl.git] / crypto / evp / keymgmt_lib.c

diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c
index 76c4a30a1c80c53df00ea86cc82c16b6c9fe7cc5..7169f4270ed988838a78f6f8f4bec192e8a17b37 100644 (file)
--- a/crypto/evp/keymgmt_lib.c
+++ b/crypto/evp/keymgmt_lib.c
@@ -80,13 +80,7 @@ void *evp_keymgmt_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt)
             return NULL;
 
         if (pk->ameth->dirty_cnt(pk) != pk->dirty_cnt_copy)
-            for (i = 0;
-                 i < OSSL_NELEM(pk->pkeys) && pk->pkeys[i].keymgmt != NULL;
-                 i++) {
-                pk->pkeys[i].keymgmt->freekey(pk->pkeys[i].provkey);
-                pk->pkeys[i].keymgmt = NULL;
-                pk->pkeys[i].provkey = NULL;
-            }
+            evp_keymgmt_clear_pkey_cache(pk);
     }
 
     /*
@@ -186,3 +180,22 @@ void *evp_keymgmt_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt)
     }
     return provkey;
 }
+
+void evp_keymgmt_clear_pkey_cache(EVP_PKEY *pk)
+{
+    size_t i;
+
+    if (pk != NULL) {
+        for (i = 0;
+             i < OSSL_NELEM(pk->pkeys) && pk->pkeys[i].keymgmt != NULL;
+             i++) {
+            EVP_KEYMGMT *keymgmt = pk->pkeys[i].keymgmt;
+            void *provkey = pk->pkeys[i].provkey;
+
+            pk->pkeys[i].keymgmt = NULL;
+            pk->pkeys[i].provkey = NULL;
+            keymgmt->freekey(provkey);
+            EVP_KEYMGMT_free(keymgmt);
+        }
+    }
+}