From 34a709e89e0c43928d9353aca1fb0c82aaa7e6ab Mon Sep 17 00:00:00 2001 From: rpm-build Date: Wed, 12 Jun 2024 20:14:04 +0900 Subject: [PATCH] kdf: Preserve backward compatibility with older providers Suggested in: https://github.com/openssl/openssl/issues/24611#issuecomment-2162560293 --- crypto/evp/pmeth_lib.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 015f756..e776ea5 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -1068,8 +1068,13 @@ static int evp_pkey_ctx_add1_octet_string(EVP_PKEY_CTX *ctx, int fallback, os_params[0] = OSSL_PARAM_construct_octet_string(param, NULL, 0); os_params[1] = OSSL_PARAM_construct_end(); - if (!EVP_PKEY_CTX_get_params(ctx, os_params)) + if (!EVP_PKEY_CTX_get_params(ctx, os_params)) { + if (EVP_PKEY_CTX_gettable_params(ctx) == NULL) { + /* Older provider that doesn't support gettable parameters */ + return evp_pkey_ctx_set1_octet_string(ctx, fallback, param, op, ctrl, data, datalen); + } return 0; + } /* Older provider that doesn't support getting this parameter */ if (os_params[0].return_size == OSSL_PARAM_UNMODIFIED) -- 2.45.1