git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Wed, 24 Feb 2021 16:38:28 +0000 (16:38 +0000)
committer	Matt Caswell <matt@openssl.org>
	Mon, 8 Mar 2021 15:11:31 +0000 (15:11 +0000)
commit	b574c6a9ac96825b4f19c5e835273bf176174af8
tree	0320f1f6cd4905072ce38567868d3fe4881c8859	tree \| snapshot
parent	ec961f866ac048a2d3dfd6adcfa95042114bef52	commit \| diff

Cache legacy keys instead of downgrading them

If someone calls an EVP_PKEY_get0*() function then we create a legacy
key and cache it in the EVP_PKEY - but it doesn't become an "origin" and
it doesn't ever get updated. This will be documented as a restriction of
the EVP_PKEY_get0*() function with provided keys.

Fixes #14020

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14319)

crypto/evp/p_legacy.c		diff \| blob \| history
crypto/evp/p_lib.c		diff \| blob \| history
crypto/evp/pmeth_gn.c		diff \| blob \| history
crypto/evp/pmeth_lib.c		diff \| blob \| history
doc/internal/man3/evp_pkey_export_to_provider.pod		diff \| blob \| history
doc/internal/man7/EVP_PKEY.pod		diff \| blob \| history
include/crypto/evp.h		diff \| blob \| history