root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider. 

RSA keys in the 'base' provider are different from a fips provider RSA key (since they have different object structures).
To use a fips provider key in the base serializer the key needs to be exported.
The fix was suggested by @levitte.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12162)
This commit is contained in:
Shane Lontis 2020-08-10 10:16:26 +10:00
parent 7c9a7cf127
commit af88e64a98
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/serializer/serializer_pkey.c
View File

@ -150,7 +150,8 @@ static int serializer_EVP_PKEY_to_bio(OSSL_SERIALIZER_CTX *ctx, BIO *out)
if (ctx->ser == NULL)
return 0;
if (ctx->ser->serialize_object == NULL) {
if (ctx->ser->serialize_object == NULL
|| OSSL_SERIALIZER_provider(ctx->ser) != EVP_KEYMGMT_provider(keymgmt)) {
struct serializer_write_data_st write_data;
write_data.ctx = ctx;