mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

When asked if an ECX key has parameters we should answer "true"

Browse Source 
An ECX key doesn't have any parameters associated with it. Therefore it
always has all the parameters it needs, and the "has" function should
return 1 if asked about parameters. Without this
EVP_PKEY_missing_parameters() fails for ECX keys.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11898)
This commit is contained in:
Matt Caswell 2020-05-21 11:36:21 +01:00
parent 11391da217
commit 7fa2b2673e
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
providers/implementations/keymgmt/ecx_kmgmt.c
View File

@ -101,8 +101,11 @@ static int ecx_has(void *keydata, int selection)
int ok = 0; int ok = 0;
if (key != NULL) { if (key != NULL) {
if ((selection & ECX_POSSIBLE_SELECTIONS) != 0) /*
ok = 1; * ECX keys always have all the parameters they need (i.e. none).
* Therefore we always return with 1, if asked about parameters.
*/
ok = 1;
if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)
ok = ok && key->haspubkey; ok = ok && key->haspubkey;

3
test/evp_pkey_provided_test.c
View File

@ -855,7 +855,8 @@ static int test_fromdata_ecx(int tst)
goto err; goto err;
if (!TEST_ptr(copy_pk = EVP_PKEY_new()) if (!TEST_ptr(copy_pk = EVP_PKEY_new())
|| !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk))) /* This should succeed because there are no parameters to copy */
|| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
goto err; goto err;
if (!TEST_true(EVP_PKEY_get_octet_string_param( if (!TEST_true(EVP_PKEY_get_octet_string_param(