feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Improve "keyFormat" to always set based on "algId" and let the later key parsing code produce failure.

Browse Source
This commit is contained in:
David Garske
2020-01-17 06:53:26 -08:00
parent 0489cc97a8
commit 2cd3474e9d
2 changed files with 3 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/ssl.c
View File

@ -5635,22 +5635,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
}
else if (type == PRIVATEKEY_TYPE && format != WOLFSSL_FILETYPE_RAW) {
#if defined(WOLFSSL_ENCRYPTED_KEYS) || defined(HAVE_PKCS8)
#ifndef NO_DSA
if (algId == DSAk)
keyFormat = DSAk;
#endif
#ifdef HAVE_ECC
if (algId == ECDSAk)
keyFormat = ECDSAk;
#endif
#ifndef NO_DH
if (algId == DHk)
keyFormat = DHk;
#endif
#ifdef HAVE_ED25519
if (algId == ED25519k)
keyFormat = ED25519k;
#endif
keyFormat = algId;
#endif
ret = ProcessBufferTryDecode(ctx, ssl, der, &keySz, &idx, &resetSuites,

34
wolfcrypt/src/asn.c
View File

@ -10331,22 +10331,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
if ((ret = ToTraditional_ex(der->buffer, der->length, &algId)) > 0) {
der->length = ret;
if (keyFormat) {
#ifndef NO_DSA
if (algId == DSAk)
*keyFormat = DSAk;
#endif
#ifdef HAVE_ECC
if (algId == ECDSAk)
*keyFormat = ECDSAk;
#endif
#ifndef NO_DH
if (algId == DHk)
*keyFormat = DHk;
#endif
#ifdef HAVE_ED25519
if (algId == ED25519k)
*keyFormat = ED25519k;
#endif
*keyFormat = algId;
}
}
else {
@ -10392,22 +10377,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
if (ret >= 0) {
der->length = ret;
if (keyFormat) {
#ifndef NO_DSA
if (algId == DSAk)
*keyFormat = DSAk;
#endif
#ifdef HAVE_ECC
if (algId == ECDSAk)
*keyFormat = ECDSAk;
#endif
#ifndef NO_DH
if (algId == DHk)
*keyFormat = DHk;
#endif
#ifdef HAVE_ED25519
if (algId == ED25519k)
*keyFormat = ED25519k;
#endif
*keyFormat = algId;
}
ret = 0;
}