git.ipfire.org Git - thirdparty/openssl.git/commit

author	Viktor Dukhovni <openssl-users@dukhovni.org>
	Tue, 13 May 2025 15:23:25 +0000 (01:23 +1000)
committer	Tomas Mraz <tomas@openssl.org>
	Tue, 10 Jun 2025 17:43:56 +0000 (19:43 +0200)
commit	2c74a8d1ef4e9c4b4468afefedb1f72425772a37
tree	478bb4382f20cef3f491d8b0dc928a9a7a5bca4f	tree
parent	bef03c6a24f02df4e670697b16b6d7c8b1b604b4	commit \| diff

Allow keygen after dup of minimal PKEY ctx

It should be possible to repeatedly duplicate a PKEY CTX created via
EVP_PKEY_CTX_new_from_name() that has not yet been assigned an
"operation" (e.g. via EVP_PKEY_CTX_keygen_init()), and then perform
keygen_init() and keygen() on the duplicated copies.

When the operation is not yet set, all that's needed is to not try to
use the key if one isn't set yet.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27662)

crypto/evp/pmeth_lib.c		diff \| blob \| blame \| history
doc/man3/EVP_PKEY_CTX_new.pod		diff \| blob \| blame \| history
test/evp_pkey_provided_test.c		diff \| blob \| blame \| history