OpenSSL commit ee22a3741e3fc27c981e7f7e9bcb8d3342b0c65a changed the OpenSSL provider's keymgmt_match() function to be not so strict with the selector bits in regards to matching different key parts.
Adapt the provider's match functions accordingly.
This means, that if the public key is selected to be matched, and the public key matches (together with any also selected parameters), then the private key is no longer checked, although it may also be selected to be matched. This is according to how the OpenSSL function EVP_PKEY_eq() is supposed to behave.
OpenSSL commit ee22a3741e3fc27c981e7f7e9bcb8d3342b0c65a changed the OpenSSL provider's keymgmt_match() function to be not so strict with the selector bits in regards to matching different key parts.
Adapt the provider's match functions accordingly. This means, that if the public key is selected to be matched, and the public key matches (together with any also selected parameters), then the private key is no longer checked, although it may also be selected to be matched. This is according to how the OpenSSL function EVP_PKEY_eq() is supposed to behave.
Signed-off-by: Ingo Franzki ifranzki@linux.ibm.com