[openssl] master update

Dr. Paul Dale pauli at openssl.org
Tue Aug 4 04:35:39 UTC 2020

The branch master has been updated
       via  b5b6669fb63702233124c8fd5504e8477e559d07 (commit)
      from  19b4e6f8feba9aeec5d4e0d0aacb11d143b59340 (commit)

- Log -----------------------------------------------------------------
commit b5b6669fb63702233124c8fd5504e8477e559d07
Author: Richard Levitte <levitte at openssl.org>
Date:   Sun Aug 2 13:12:54 2020 +0200

    PROV: Make the DER to KEY deserializer decode parameters too
    It should be noted that this may be dodgy if we ever encounter
    parameter objects that look like something else.  However, experience
    with the OSSL_STORE 'file:' loader, which does exactly this kind of
    thing, has worked fine so far.
    A possibility could be that to decode parameters specifically, we
    demand that there's an incoming data type specifying this, which
    demands by extension that parameters can only come from a file format
    that has the parameter type encoded, such as PEM.  This would be a
    future effort.
    Fixes #12568
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12569)


Summary of changes:
 providers/implementations/serializers/deserialize_der2key.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/providers/implementations/serializers/deserialize_der2key.c b/providers/implementations/serializers/deserialize_der2key.c
index a544d8522c..87ac7b5e12 100644
--- a/providers/implementations/serializers/deserialize_der2key.c
+++ b/providers/implementations/serializers/deserialize_der2key.c
@@ -130,6 +130,11 @@ static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin,
         pkey = d2i_PUBKEY(NULL, &derp, der_len);
+    if (pkey == NULL) {
+        derp = der;
+        pkey = d2i_KeyParams(ctx->desc->type, NULL, &derp, der_len);
+    }
     if (pkey != NULL) {
          * Tear out the low-level key pointer from the pkey,

More information about the openssl-commits mailing list