Deprecate the EVP_PKEY controls for CMS and PKCS#7

[thirdparty/openssl.git] / providers / implementations / signature / rsa.c

diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index f521f0190dbd4b81343869955a6fab9fb0d7f2db..bfaa7b4e80085661a381e82f8d11217c31b2c889 100644 (file)
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -365,9 +365,14 @@ static int rsa_signverify_init(void *vprsactx, void *vrsa,
     if (!ossl_prov_is_running())
         return 0;
 
-    if (prsactx == NULL || vrsa == NULL || !RSA_up_ref(vrsa))
+    if (prsactx == NULL || vrsa == NULL)
         return 0;
 
+    if (!ossl_rsa_check_key(vrsa, operation))
+        return 0;
+
+    if (!RSA_up_ref(vrsa))
+        return 0;
     RSA_free(prsactx->rsa);
     prsactx->rsa = vrsa;
     prsactx->operation = operation;
@@ -375,11 +380,6 @@ static int rsa_signverify_init(void *vprsactx, void *vrsa,
     if (!rsa_set_ctx_params(prsactx, params))
         return 0;
 
-    if (!ossl_rsa_check_key(vrsa, operation == EVP_PKEY_OP_SIGN)) {
-        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
-        return 0;
-    }
-
     /* Maximum for sign, auto for verify */
     prsactx->saltlen = RSA_PSS_SALTLEN_AUTO;
     prsactx->min_saltlen = -1;