git.ipfire.org Git - thirdparty/openssl.git/commit

author	Viktor Dukhovni <openssl-users@dukhovni.org>
	Tue, 13 May 2025 15:23:25 +0000 (01:23 +1000)
committer	Tomas Mraz <tomas@openssl.org>
	Tue, 10 Jun 2025 17:44:10 +0000 (19:44 +0200)
commit	62112cdcde26767b9e294365e92eaf5fd998a74f
tree	2acf7a25b89a2d2892a403b559bab34323829c34	tree
parent	c0c32025aa5b5d244fc74d736df9274a285518bf	commit \| diff

Allow keygen after dup of minimal PKEY ctx

It should be possible to repeatedly duplicate a PKEY CTX created via
EVP_PKEY_CTX_new_from_name() that has not yet been assigned an
"operation" (e.g. via EVP_PKEY_CTX_keygen_init()), and then perform
keygen_init() and keygen() on the duplicated copies.

When the operation is not yet set, all that's needed is to not try to
use the key if one isn't set yet.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27662)

(cherry picked from commit 2c74a8d1ef4e9c4b4468afefedb1f72425772a37)

crypto/evp/pmeth_lib.c		diff \| blob \| blame \| history
doc/man3/EVP_PKEY_CTX_new.pod		diff \| blob \| blame \| history
test/evp_pkey_provided_test.c		diff \| blob \| blame \| history