|
@@ -1916,7 +1916,15 @@ void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx,
|
|
|
* If |tmp_keymgmt| is present in the operation cache, it means
|
|
|
* that export doesn't need to be redone. In that case, we take
|
|
|
* token copies of the cached pointers, to have token success
|
|
|
- * values to return.
|
|
|
+ * values to return. It is possible (e.g. in a no-cached-fetch
|
|
|
+ * build), for op->keymgmt to be a different pointer to tmp_keymgmt
|
|
|
+ * even though the name/provider must be the same. In other words
|
|
|
+ * the keymgmt instance may be different but still equivalent, i.e.
|
|
|
+ * same algorithm/provider instance - but we make the simplifying
|
|
|
+ * assumption that the keydata can be used with either keymgmt
|
|
|
+ * instance. Not doing so introduces significant complexity and
|
|
|
+ * probably requires refactoring - since we would have to ripple
|
|
|
+ * the change in keymgmt instance up the call chain.
|
|
|
*/
|
|
|
if (op != NULL && op->keymgmt != NULL) {
|
|
|
keydata = op->keydata;
|