[openssl/openssl] c67a19: no-engine: fix signing with legacy app method base...
Matthias St. Pierre
noreply at github.com
Fri Sep 22 19:29:30 UTC 2023
Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: c67a1988fcf8fe34b1d31e29849f2528d553dd66
https://github.com/openssl/openssl/commit/c67a1988fcf8fe34b1d31e29849f2528d553dd66
Author: Matthias St. Pierre <matthias.st.pierre at ncp-e.com>
Date: 2023-09-22 (Fri, 22 Sep 2023)
Changed paths:
M crypto/evp/pmeth_lib.c
Log Message:
-----------
no-engine: fix signing with legacy app method based keys
Signing with an app method based key (i.e. an `EVP_PKEY` which wraps an
`RSA` key with an application defined `RSA_METHOD`) used to work in 1.1.1.
That feature was broken in commit 60488d2434, but later on fixed by @t8m
in commit b247113c05 (see #14859).
This commit corrects a minor flaw of the fix, which affects only
`no-engine` builds: the special treatment for foreign keys is guarded
by an `OPENSSL_NO_ENGINE` check.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Todd Short <todd.short at me.com>
(Merged from https://github.com/openssl/openssl/pull/22163)
(cherry picked from commit 1acc3e8cc3c69187b55cc557c1bc03278ab38063)
More information about the openssl-commits
mailing list