[openssl/openssl] c67a19: no-engine: fix signing with legacy app method base...

Matthias St. Pierre noreply at github.com
Fri Sep 22 19:29:30 UTC 2023


  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: c67a1988fcf8fe34b1d31e29849f2528d553dd66
      https://github.com/openssl/openssl/commit/c67a1988fcf8fe34b1d31e29849f2528d553dd66
  Author: Matthias St. Pierre <matthias.st.pierre at ncp-e.com>
  Date:   2023-09-22 (Fri, 22 Sep 2023)

  Changed paths:
    M crypto/evp/pmeth_lib.c

  Log Message:
  -----------
  no-engine: fix signing with legacy app method based keys

Signing with an app method based key (i.e. an `EVP_PKEY` which wraps an
`RSA` key with an application defined `RSA_METHOD`) used to work in 1.1.1.
That feature was broken in commit 60488d2434, but later on fixed by @t8m
in commit b247113c05 (see #14859).

This commit corrects a  minor flaw of the fix, which affects only
`no-engine` builds: the special treatment for foreign keys is guarded
by an `OPENSSL_NO_ENGINE` check.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Todd Short <todd.short at me.com>
(Merged from https://github.com/openssl/openssl/pull/22163)

(cherry picked from commit 1acc3e8cc3c69187b55cc557c1bc03278ab38063)




More information about the openssl-commits mailing list