EVP_PKEY_eq: regain compatibility with the 3.0.0 FIPS provider

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19201)
author: Tomáš Mráz <tomas@openssl.org> 2022-09-13 14:37:05 +1000
committer: Pauli <pauli@openssl.org> 2022-09-16 08:34:53 +1000
commit: c342004e07fd2c03a672f79353d13554fe0ffdaf (patch)
tree: 6ee08ea5e8fcb7997b678ee3991578140262efb7 /crypto/evp
parent: 9684335839fcdeac06d21b06628c4c37117b5478 (diff)
download: openssl-new-c342004e07fd2c03a672f79353d13554fe0ffdaf.tar.gz
1 files changed, 10 insertions, 3 deletions
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 170cb89cb0..c8c342b3e9 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -339,9 +339,16 @@ int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b)
     if (a == NULL || b == NULL)
         return 0;
 
-    if (a->keymgmt != NULL || b->keymgmt != NULL)
-        return evp_pkey_cmp_any(a, b, (SELECT_PARAMETERS
-                                       | OSSL_KEYMGMT_SELECT_KEYPAIR));
+    if (a->keymgmt != NULL || b->keymgmt != NULL) {
+        int selection = SELECT_PARAMETERS;
+
+        if (evp_keymgmt_util_has((EVP_PKEY *)a, OSSL_KEYMGMT_SELECT_PUBLIC_KEY)
+            && evp_keymgmt_util_has((EVP_PKEY *)b, OSSL_KEYMGMT_SELECT_PUBLIC_KEY))
+            selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
+        else
+            selection |= OSSL_KEYMGMT_SELECT_KEYPAIR;
+        return evp_pkey_cmp_any(a, b, selection);
+    }
 
     /* All legacy keys */
     if (a->type != b->type)
author	Tomáš Mráz <tomas@openssl.org>	2022-09-13 14:37:05 +1000
committer	Pauli <pauli@openssl.org>	2022-09-16 08:34:53 +1000
commit	c342004e07fd2c03a672f79353d13554fe0ffdaf (patch)
tree	6ee08ea5e8fcb7997b678ee3991578140262efb7 /crypto/evp
parent	9684335839fcdeac06d21b06628c4c37117b5478 (diff)
download	openssl-new-c342004e07fd2c03a672f79353d13554fe0ffdaf.tar.gz