提交 b5b6669f 编写于 作者: R Richard Levitte 提交者: Pauli

PROV: Make the DER to KEY deserializer decode parameters too

It should be noted that this may be dodgy if we ever encounter
parameter objects that look like something else.  However, experience
with the OSSL_STORE 'file:' loader, which does exactly this kind of
thing, has worked fine so far.

A possibility could be that to decode parameters specifically, we
demand that there's an incoming data type specifying this, which
demands by extension that parameters can only come from a file format
that has the parameter type encoded, such as PEM.  This would be a
future effort.

Fixes #12568
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12569)
上级 19b4e6f8
......@@ -130,6 +130,11 @@ static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
pkey = d2i_PUBKEY(NULL, &derp, der_len);
}
if (pkey == NULL) {
derp = der;
pkey = d2i_KeyParams(ctx->desc->type, NULL, &derp, der_len);
}
if (pkey != NULL) {
/*
* Tear out the low-level key pointer from the pkey,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册