[openssl/openssl] 6207f2: Don't add the msblob/pvk decoders if they're not s...
Matt Caswell
noreply at github.com
Tue Aug 1 18:11:19 UTC 2023
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: 6207f2b657b5ba1823681b49c7c34c619da0dd00
https://github.com/openssl/openssl/commit/6207f2b657b5ba1823681b49c7c34c619da0dd00
Author: Matt Caswell <matt at openssl.org>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M providers/implementations/encode_decode/decode_msblob2key.c
M providers/implementations/encode_decode/decode_pvk2key.c
Log Message:
-----------
Don't add the msblob/pvk decoders if they're not suitable
msblob only decodes public/private keys (not just params).
pvk only decodes private keys.
If the requested selection doesn't intersect with the above then don't
consider those decoders.
Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21603)
Commit: 564e5b754a4680dfad38585dd73bcf025567b448
https://github.com/openssl/openssl/commit/564e5b754a4680dfad38585dd73bcf025567b448
Author: Matt Caswell <matt at openssl.org>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M crypto/encode_decode/decoder_lib.c
Log Message:
-----------
Always add a suitable error if we fail to decode
We're always supposed to add the fallback "unsupported" error if we don't
have anything better. However in some cases this wasn't happening because
we were incorrectly setting "flag_construct_called" - even though the
construct function had failed.
Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21603)
Commit: 0d0791eedff7f0747503d816184810aa093f523e
https://github.com/openssl/openssl/commit/0d0791eedff7f0747503d816184810aa093f523e
Author: Matt Caswell <matt at openssl.org>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M crypto/pem/pem_pkey.c
Log Message:
-----------
The PEM_read_bio_Parameters() function should not ask for a password
The PEM_read_bio_Parameters[_ex] function does not have the capability
of specifying a password callback. We should not use the fallback password
callback in this case because it will attempt to send a prompt for the
password which might not be the correct thing to do. We should just not
use a password in that case.
Fixes #21588
Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21603)
Commit: df3d609030bdb0868d1ccca14227bb6829ad954c
https://github.com/openssl/openssl/commit/df3d609030bdb0868d1ccca14227bb6829ad954c
Author: Matt Caswell <matt at openssl.org>
Date: 2023-08-01 (Tue, 01 Aug 2023)
Changed paths:
M test/pemtest.c
Log Message:
-----------
Add a test for PEM_read_bio_Parameters()
We must not ask for a password when attempting to read parameters.
Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21603)
Compare: https://github.com/openssl/openssl/compare/780ce3849f9e...df3d609030bd
More information about the openssl-commits
mailing list