git.ipfire.org Git - thirdparty/openssl.git/commit

author	Daniel Van Geest <daniel.vangeest@cryptonext-security.com>
	Mon, 23 Jun 2025 11:45:59 +0000 (12:45 +0100)
committer	Tomas Mraz <tomas@openssl.org>
	Tue, 1 Jul 2025 17:08:15 +0000 (19:08 +0200)
commit	8337d8fe532b801543e04ffd850cc3196a6072c1
tree	78b327befef36bba9fde51c068487178a04bb659	tree
parent	4b93d477dcb7a5be0841ede0bc17ffe45034163f	commit \| diff

decoders: Fix prioritization of decoders via property query

When a property query string was used, it was not being applied to decoders.
When multiple providers supporting the same algorithm were loaded, it was
undefined which provider would be used when decoding a key, even when a
propquery string was provided. This fix scores decoder instances based on
property query matching and selects the highest scored decoder instance when
building the decoder chain.

The fake_rsa test provider is updated to support basic encoding and decoding.
A test is added using the fake_rsa provider to ensure that property query
strings are respected when loading decoders.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27876)

(cherry picked from commit 60775e31123e6ef66a7cf86f199289d6e250dceb)

crypto/encode_decode/decoder_lib.c		diff \| blob \| blame \| history
crypto/encode_decode/decoder_pkey.c		diff \| blob \| blame \| history
crypto/encode_decode/encoder_local.h		diff \| blob \| blame \| history
test/fake_rsaprov.c		diff \| blob \| blame \| history
test/provider_pkey_test.c		diff \| blob \| blame \| history