[openssl] openssl-3.0 update
dev at ddvo.net
dev at ddvo.net
Thu Jan 6 08:13:39 UTC 2022
The branch openssl-3.0 has been updated
via 7a30610902d6d19cfd1698498d3d4129f308e285 (commit)
from f762f91f9506927ed036bca5f78f392e039911df (commit)
- Log -----------------------------------------------------------------
commit 7a30610902d6d19cfd1698498d3d4129f308e285
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date: Fri May 14 15:11:00 2021 +0200
OSSL_STORE: Prevent spurious error during loading private keys
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15283)
(cherry picked from commit da198adb9c5626f31c52613fe2ae59a7066c3366)
-----------------------------------------------------------------------
Summary of changes:
.../implementations/encode_decode/decode_der2key.c | 23 +++++++++++++++++-----
1 file changed, 18 insertions(+), 5 deletions(-)
diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c
index 356e65b403..9e3b86b46e 100644
--- a/providers/implementations/encode_decode/decode_der2key.c
+++ b/providers/implementations/encode_decode/decode_der2key.c
@@ -204,19 +204,24 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
if (!ok)
goto next;
- ok = 0; /* Assume that we fail */
+ ok = 0; /* Assume that we fail */
+ ERR_set_mark();
if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
derp = der;
if (ctx->desc->d2i_PKCS8 != NULL) {
key = ctx->desc->d2i_PKCS8(NULL, &derp, der_len, ctx);
- if (ctx->flag_fatal)
+ if (ctx->flag_fatal) {
+ ERR_clear_last_mark();
goto end;
+ }
} else if (ctx->desc->d2i_private_key != NULL) {
key = ctx->desc->d2i_private_key(NULL, &derp, der_len);
}
- if (key == NULL && ctx->selection != 0)
+ if (key == NULL && ctx->selection != 0) {
+ ERR_clear_last_mark();
goto next;
+ }
}
if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) {
derp = der;
@@ -224,16 +229,24 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len);
else
key = ctx->desc->d2i_public_key(NULL, &derp, der_len);
- if (key == NULL && ctx->selection != 0)
+ if (key == NULL && ctx->selection != 0) {
+ ERR_clear_last_mark();
goto next;
+ }
}
if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) {
derp = der;
if (ctx->desc->d2i_key_params != NULL)
key = ctx->desc->d2i_key_params(NULL, &derp, der_len);
- if (key == NULL && ctx->selection != 0)
+ if (key == NULL && ctx->selection != 0) {
+ ERR_clear_last_mark();
goto next;
+ }
}
+ if (key == NULL)
+ ERR_clear_last_mark();
+ else
+ ERR_pop_to_mark();
/*
* Last minute check to see if this was the correct type of key. This
More information about the openssl-commits
mailing list