From: Matt Caswell <matt@openssl.org>
Date: Wed, 18 Mar 2020 12:57:48 +0000 (+0000)
Subject: Use the libctx and properties when constructing an EVP_PKEY_CTX
X-Git-Tag: openssl-3.0.0-alpha1~224
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=3aceb9ec51beb2ec266c2aba75ee14721c693659;hp=cab33afb711e467f459e5b5e669bf7a5c4fe797a;ds=sidebyside

Use the libctx and properties when constructing an EVP_PKEY_CTX

When constructing an RSA ClientKeyExchange make sure we construct our
EVP_PKEY_CTX using the correct libctx and properties

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11357)
---

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 99459a8c6a..dfc6f5a721 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2990,7 +2990,8 @@ static int tls_construct_cke_rsa(SSL *s, WPACKET *pkt)
                  ERR_R_INTERNAL_ERROR);
         goto err;
     }
-    pctx = EVP_PKEY_CTX_new(pkey, NULL);
+
+    pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, pkey, s->ctx->propq);
     if (pctx == NULL || EVP_PKEY_encrypt_init(pctx) <= 0
         || EVP_PKEY_encrypt(pctx, NULL, &enclen, pms, pmslen) <= 0) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_RSA,