]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5045abb)
ASN1: Make ASN1_item_verify_ctx() work with provider-native keys
authorRichard Levitte <levitte@openssl.org>
Tue, 1 Sep 2020 15:56:11 +0000 (17:56 +0200)
committerRichard Levitte <levitte@openssl.org>
Thu, 3 Sep 2020 15:48:33 +0000 (17:48 +0200)
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12587)

crypto/asn1/a_verify.c patch | blob | blame | history

diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index 2b2c46a85435d6fd603c6013ddc4f3a5069f5f62..e3471c81412b467138520796fdd91348436c6900 100644 (file)
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -163,7 +163,7 @@ int ASN1_item_verify_ctx(const ASN1_ITEM *it, const X509_ALGOR *alg,
         }
 
         /* Check public key OID matches public key type */
-        if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
+        if (!EVP_PKEY_is_a(pkey, OBJ_nid2sn(pknid))) {
             ASN1err(0, ASN1_R_WRONG_PUBLIC_KEY_TYPE);
             goto err;
         }
Mirror of https://github.com/openssl/openssl.git