summaryrefslogtreecommitdiff
path: root/ssl
diff options
context:
space:
mode:
authorRichard Levitte <levitte@openssl.org>2020-05-14 14:04:41 +0200
committerRichard Levitte <levitte@openssl.org>2020-05-15 16:43:31 +0200
commit92dc275f95a5a87465a1ae3bac54bb2ead9732ca (patch)
treec52b0536440e4ed917065bc5f736559508d7bef2 /ssl
parent80627240638673eb605f48486b2651712690985f (diff)
downloadopenssl-new-92dc275f95a5a87465a1ae3bac54bb2ead9732ca.tar.gz
SSL: refactor ssl_cert_lookup_by_pkey() to work with provider side keys
Fixes #11720 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11828)
Diffstat (limited to 'ssl')
-rw-r--r--ssl/ssl_cert.c21
1 files changed, 11 insertions, 10 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 408404958e..e81542a89e 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -1068,19 +1068,20 @@ int ssl_cert_lookup_by_nid(int nid, size_t *pidx)
const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk, size_t *pidx)
{
- int nid = EVP_PKEY_id(pk);
- size_t tmpidx;
-
- if (nid == NID_undef)
- return NULL;
+ size_t i;
- if (!ssl_cert_lookup_by_nid(nid, &tmpidx))
- return NULL;
+ for (i = 0; i < OSSL_NELEM(ssl_cert_info); i++) {
+ const SSL_CERT_LOOKUP *tmp_lu = &ssl_cert_info[i];
- if (pidx != NULL)
- *pidx = tmpidx;
+ if (EVP_PKEY_is_a(pk, OBJ_nid2sn(tmp_lu->nid))
+ || EVP_PKEY_is_a(pk, OBJ_nid2ln(tmp_lu->nid))) {
+ if (pidx != NULL)
+ *pidx = i;
+ return tmp_lu;
+ }
+ }
- return &ssl_cert_info[tmpidx];
+ return NULL;
}
const SSL_CERT_LOOKUP *ssl_cert_lookup_by_idx(size_t idx)
View Lorry Controller Status