From 2cd3474e9df46842c3d7fa17f15998f3f54b24f6 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Fri, 17 Jan 2020 06:53:26 -0800
Subject: [PATCH] Improve "keyFormat" to always set based on "algId" and let
 the later key parsing code produce failure.

---
 src/ssl.c           | 17 +----------------
 wolfcrypt/src/asn.c | 34 ++--------------------------------
 2 files changed, 3 insertions(+), 48 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 2eb35f4c8..a2d3f3f2b 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -5635,22 +5635,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
     }
     else if (type == PRIVATEKEY_TYPE && format != WOLFSSL_FILETYPE_RAW) {
     #if defined(WOLFSSL_ENCRYPTED_KEYS) || defined(HAVE_PKCS8)
-        #ifndef NO_DSA
-        if (algId == DSAk)
-            keyFormat = DSAk;
-        #endif
-        #ifdef HAVE_ECC
-        if (algId == ECDSAk)
-            keyFormat = ECDSAk;
-        #endif
-        #ifndef NO_DH
-        if (algId == DHk)
-            keyFormat = DHk;
-        #endif
-        #ifdef HAVE_ED25519
-        if (algId == ED25519k)
-            keyFormat = ED25519k;
-        #endif
+        keyFormat = algId;
     #endif
 
         ret = ProcessBufferTryDecode(ctx, ssl, der, &keySz, &idx, &resetSuites,
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index b64e863cc..79d4a0502 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -10331,22 +10331,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
         if ((ret = ToTraditional_ex(der->buffer, der->length, &algId)) > 0) {
             der->length = ret;
             if (keyFormat) {
-                #ifndef NO_DSA
-                if (algId == DSAk)
-                    *keyFormat = DSAk;
-                #endif
-                #ifdef HAVE_ECC
-                if (algId == ECDSAk)
-                    *keyFormat = ECDSAk;
-                #endif
-                #ifndef NO_DH
-                if (algId == DHk)
-                    *keyFormat = DHk;
-                #endif
-                #ifdef HAVE_ED25519
-                if (algId == ED25519k)
-                    *keyFormat = ED25519k;
-                #endif
+                *keyFormat = algId;
             }
         }
         else {
@@ -10392,22 +10377,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
                 if (ret >= 0) {
                     der->length = ret;
                     if (keyFormat) {
-                        #ifndef NO_DSA
-                        if (algId == DSAk)
-                            *keyFormat = DSAk;
-                        #endif
-                        #ifdef HAVE_ECC
-                        if (algId == ECDSAk)
-                            *keyFormat = ECDSAk;
-                        #endif
-                        #ifndef NO_DH
-                        if (algId == DHk)
-                            *keyFormat = DHk;
-                        #endif
-                        #ifdef HAVE_ED25519
-                        if (algId == ED25519k)
-                            *keyFormat = ED25519k;
-                        #endif
+                        *keyFormat = algId;
                     }
                     ret = 0;
                 }