git.ipfire.org Git - thirdparty/openssl.git/commit

author	Viktor Dukhovni <openssl-users@dukhovni.org>
	Tue, 13 May 2025 15:23:25 +0000 (01:23 +1000)
committer	Tomas Mraz <tomas@openssl.org>
	Tue, 10 Jun 2025 17:46:35 +0000 (19:46 +0200)
commit	299bcd58fcb5d3c1b16d5fb0397a15b6b4f1f6ae
tree	8ab461ca5bf2afc485ed0fcd62d4845904d16b80	tree
parent	a1bc41238ac904579fefd97d3047b8d6301769ef	commit \| diff

Allow keygen after dup of minimal PKEY ctx

It should be possible to repeatedly duplicate a PKEY CTX created via
EVP_PKEY_CTX_new_from_name() that has not yet been assigned an
"operation" (e.g. via EVP_PKEY_CTX_keygen_init()), and then perform
keygen_init() and keygen() on the duplicated copies.

When the operation is not yet set, all that's needed is to not try to
use the key if one isn't set yet.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27662)

(cherry picked from commit 2c74a8d1ef4e9c4b4468afefedb1f72425772a37)

crypto/evp/pmeth_lib.c		diff \| blob \| blame \| history
doc/man3/EVP_PKEY_CTX_new.pod		diff \| blob \| blame \| history
test/evp_pkey_provided_test.c		diff \| blob \| blame \| history