git.ipfire.org Git - thirdparty/openssl.git/commit

author	Viktor Dukhovni <openssl-users@dukhovni.org>
	Tue, 13 May 2025 15:23:25 +0000 (01:23 +1000)
committer	Tomas Mraz <tomas@openssl.org>
	Tue, 10 Jun 2025 17:44:04 +0000 (19:44 +0200)
commit	5f55c57d1e05a2cc5903a8a3e0f9ca4d8ceb0970
tree	0c5f6452e10d878c4cf2d34322803b2ba0946f63	tree
parent	08c64e623232bd05fbd86372970ee81fcccd775b	commit \| diff

Allow keygen after dup of minimal PKEY ctx

It should be possible to repeatedly duplicate a PKEY CTX created via
EVP_PKEY_CTX_new_from_name() that has not yet been assigned an
"operation" (e.g. via EVP_PKEY_CTX_keygen_init()), and then perform
keygen_init() and keygen() on the duplicated copies.

When the operation is not yet set, all that's needed is to not try to
use the key if one isn't set yet.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27662)

(cherry picked from commit 2c74a8d1ef4e9c4b4468afefedb1f72425772a37)

crypto/evp/pmeth_lib.c		diff \| blob \| blame \| history
doc/man3/EVP_PKEY_CTX_new.pod		diff \| blob \| blame \| history
test/evp_pkey_provided_test.c		diff \| blob \| blame \| history