mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-11 14:22:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
e48fe79840
openssl/util
History
Richard Levitte 839ffdd11c EVP: Allow a fallback for operations that work with an EVP_PKEY 
Functions like EVP_PKEY_sign_init() do an implicit fetch of the
operation implementation (EVP_SIGNATURE in this case), then get the
KEYMGMT from the same provider, and tries to export the key there if
necessary.

If an export of the key isn't possible (because the provider that
holds the key is an HSM and therefore can't export), we would simply
fail without looking any further.

This change modifies the behaviour a bit by trying a second fetch of
the operation implementation, but specifically from the provider of
the EVP_PKEY that's being used.  This is done with the same properties
that were used with the initial operation implementation fetch, and
should therefore be safe, allowing only what those properties allow.

Fixes #16614

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16725)
2021-10-27 12:41:13 +02:00
..
perl OpenSSL::Ordinals::set_version() should only be given the short version 2021-09-09 12:07:33 +02:00
add-depends.pl util/add-depends.pl: Rebuild the build file after reconfiguration 2021-08-19 20:45:00 +02:00
build.info Make util/wrap.pl work better on VMS 2021-06-18 09:08:16 +02:00
c-compress-test.pl
cavs-to-evptest.pl
check-format-test-negatives.c
check-format-test-positives.c
check-format.pl always use the same perl in $PATH 2021-09-02 12:55:39 +10:00
check-malloc-errs
ck_errf.pl
copy.pl
dofile.pl
echo.pl always use the same perl in $PATH 2021-09-02 12:55:39 +10:00
engines.num
err-to-raise
find-doc-nits
find-unused-errs
fips-checksums.sh always use the same perl in $PATH 2021-09-02 12:55:39 +10:00
fix-deprecation always use the same perl in $PATH 2021-09-02 12:55:39 +10:00
fix-includes
fix-includes.sed
indent.pro
lang-compress.pl
libcrypto.num make update 2021-07-29 15:50:27 +01:00
libssl.num
local_shlib.com.in Configuration: Fix incorrect $unified_info{attributes} references 2021-06-16 14:47:39 +01:00
markdownlint.rb
merge-err-lines
missingcrypto111.txt
missingcrypto-internal.txt
missingcrypto.txt
missingmacro111.txt
missingmacro.txt
missingssl111.txt
missingssl-internal.txt
missingssl.txt
mk-fipsmodule-cnf.pl
mkbuildinf.pl
mkdef.pl
mkdir-p.pl
mkerr.pl
mknum.pl Ensure ordinals are created during release process 2021-06-29 09:51:30 +10:00
mkpod2html.pl Fix util/mkpod2html.pl to call pod2html with absolute paths 2021-09-21 11:05:53 +02:00
mkrc.pl
mktar.sh
opensslwrap.sh
other-internal.syms
other.syms EVP: Allow a fallback for operations that work with an EVP_PKEY 2021-10-27 12:41:13 +02:00
providers.num
shlib_wrap.sh.in
su-filter.pl
unlocal_shlib.com.in Configuration: Fix incorrect $unified_info{attributes} references 2021-06-16 14:47:39 +01:00
withlibctx.pl
wrap.pl.in util: add -fips option to wrap.pl to make using the FIPS provider easier 2021-07-06 18:14:08 +10:00
write-man-symlinks