diff options
author | Richard Levitte <levitte@openssl.org> | 2020-02-20 20:26:16 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-02-29 05:39:43 +0100 |
commit | 3c6ed9555c7735c24d5f59c8b4ab7b9c4d807c77 (patch) | |
tree | 663b632b0655551629e64f860c64d8b892513449 /crypto/asn1 | |
parent | 49119647639b0b3ecd4db3d99b653653b41d1d20 (diff) | |
download | openssl-new-3c6ed9555c7735c24d5f59c8b4ab7b9c4d807c77.tar.gz |
Rethink the EVP_PKEY cache of provider side keys
The role of this cache was two-fold:
1. It was a cache of key copies exported to providers with which an
operation was initiated.
2. If the EVP_PKEY didn't have a legacy key, item 0 of the cache was
the corresponding provider side origin, while the rest was the
actual cache.
This dual role for item 0 made the code a bit confusing, so we now
make a separate keymgmt / keydata pair outside of that cache, which is
the provider side "origin" key.
A hard rule is that an EVP_PKEY cannot hold a legacy "origin" and a
provider side "origin" at the same time.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11148)
Diffstat (limited to 'crypto/asn1')
-rw-r--r-- | crypto/asn1/i2d_pr.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c index dd2a82da74..73b4461306 100644 --- a/crypto/asn1/i2d_pr.c +++ b/crypto/asn1/i2d_pr.c @@ -30,7 +30,7 @@ int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp) } return ret; } - if (a->pkeys[0].keymgmt != NULL) { + if (a->keymgmt != NULL) { const char *serprop = OSSL_SERIALIZER_PrivateKey_TO_DER_PQ; OSSL_SERIALIZER_CTX *ctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(a, serprop); |