It exists in master but not in 1.1.1 or previous: the incomplete EVP_PKEY object of #12612 in previous versions would have failed validation, where its correctness as a math entity and as a programming object is tested.
That is why I am baffled by the use of "regression" to describe this issue, and the reason why I commented on the "lack of enforcement" argument. Cheers, Nicola On Mon, Nov 16, 2020, 18:53 Richard Levitte <levi...@openssl.org> wrote: > On Wed, 11 Nov 2020 23:34:53 +0100, > Nicola Tuveri wrote: > > > > By design the consistency checks and validation checks are omitted > > unless these functions are called, and there is no > > EVP_PKEY_private_check. > > Just a small point, this is in master: > > $ grep private_check include/openssl/evp.h > int EVP_PKEY_private_check(EVP_PKEY_CTX *ctx); > > Cheers, > Richard > > -- > Richard Levitte levi...@openssl.org > OpenSSL Project http://www.openssl.org/~levitte/ >
