[openssl] master update
Richard Levitte
levitte at openssl.org
Fri May 15 14:44:31 UTC 2020
The branch master has been updated
via 92dc275f95a5a87465a1ae3bac54bb2ead9732ca (commit)
from 80627240638673eb605f48486b2651712690985f (commit)
- Log -----------------------------------------------------------------
commit 92dc275f95a5a87465a1ae3bac54bb2ead9732ca
Author: Richard Levitte <levitte at openssl.org>
Date: Thu May 14 14:04:41 2020 +0200
SSL: refactor ssl_cert_lookup_by_pkey() to work with provider side keys
Fixes #11720
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11828)
-----------------------------------------------------------------------
Summary of changes:
ssl/ssl_cert.c | 21 +++++++++++----------
1 file changed, 11 insertions(+), 10 deletions(-)
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 408404958e..e81542a89e 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -1068,19 +1068,20 @@ int ssl_cert_lookup_by_nid(int nid, size_t *pidx)
const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk, size_t *pidx)
{
- int nid = EVP_PKEY_id(pk);
- size_t tmpidx;
-
- if (nid == NID_undef)
- return NULL;
+ size_t i;
- if (!ssl_cert_lookup_by_nid(nid, &tmpidx))
- return NULL;
+ for (i = 0; i < OSSL_NELEM(ssl_cert_info); i++) {
+ const SSL_CERT_LOOKUP *tmp_lu = &ssl_cert_info[i];
- if (pidx != NULL)
- *pidx = tmpidx;
+ if (EVP_PKEY_is_a(pk, OBJ_nid2sn(tmp_lu->nid))
+ || EVP_PKEY_is_a(pk, OBJ_nid2ln(tmp_lu->nid))) {
+ if (pidx != NULL)
+ *pidx = i;
+ return tmp_lu;
+ }
+ }
- return &ssl_cert_info[tmpidx];
+ return NULL;
}
const SSL_CERT_LOOKUP *ssl_cert_lookup_by_idx(size_t idx)
More information about the openssl-commits
mailing list