Browse Source

keymgmt: better detect when a key manager can be reused

Fixes #14159

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15652)
master
Pauli 5 months ago
parent
commit
1af9b646e8
1 changed files with 10 additions and 2 deletions
  1. +10
    -2
      crypto/evp/keymgmt_lib.c

+ 10
- 2
crypto/evp/keymgmt_lib.c View File

@ -107,8 +107,16 @@ void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt)
if (pk->keydata == NULL)
return NULL;
/* If |keymgmt| matches the "origin" |keymgmt|, no more to do */
if (pk->keymgmt == keymgmt)
/*
* If |keymgmt| matches the "origin" |keymgmt|, there is no more to do.
* The "origin" is determined by the |keymgmt| pointers being identical
* or when the provider and the name ID match. The latter case handles the
* situation where the fetch cache is flushed and a "new" key manager is
* created.
*/
if (pk->keymgmt == keymgmt
|| (pk->keymgmt->name_id == keymgmt->name_id
&& pk->keymgmt->prov == keymgmt->prov))
return pk->keydata;
if (!CRYPTO_THREAD_read_lock(pk->lock))


Loading…
Cancel
Save