[openssl/openssl] 64683b: Don't add the msblob/pvk decoders if they're not s...

Matt Caswell noreply at github.com
Tue Aug 1 18:11:37 UTC 2023 

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 64683ba54e28e730c84beaf06c49a393f15b5d6e
      https://github.com/openssl/openssl/commit/64683ba54e28e730c84beaf06c49a393f15b5d6e
  Author: Matt Caswell <matt at openssl.org>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M providers/implementations/encode_decode/decode_msblob2key.c
    M providers/implementations/encode_decode/decode_pvk2key.c

  Log Message:
  -----------
  Don't add the msblob/pvk decoders if they're not suitable

msblob only decodes public/private keys (not just params).
pvk only decodes private keys.

If the requested selection doesn't intersect with the above then don't
consider those decoders.

Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21603)

(cherry picked from commit 6207f2b657b5ba1823681b49c7c34c619da0dd00)


  Commit: 4b52d80c48fe1f4858f43030be0be92cc2158668
      https://github.com/openssl/openssl/commit/4b52d80c48fe1f4858f43030be0be92cc2158668
  Author: Matt Caswell <matt at openssl.org>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M crypto/encode_decode/decoder_lib.c

  Log Message:
  -----------
  Always add a suitable error if we fail to decode

We're always supposed to add the fallback "unsupported" error if we don't
have anything better. However in some cases this wasn't happening because
we were incorrectly setting "flag_construct_called" - even though the
construct function had failed.

Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21603)

(cherry picked from commit 564e5b754a4680dfad38585dd73bcf025567b448)


  Commit: 3cc07fe0ff42be45d8931a21d7bef78ba5085ccb
      https://github.com/openssl/openssl/commit/3cc07fe0ff42be45d8931a21d7bef78ba5085ccb
  Author: Matt Caswell <matt at openssl.org>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M crypto/pem/pem_pkey.c

  Log Message:
  -----------
  The PEM_read_bio_Parameters() function should not ask for a password

The PEM_read_bio_Parameters[_ex] function does not have the capability
of specifying a password callback. We should not use the fallback password
callback in this case because it will attempt to send a prompt for the
password which might not be the correct thing to do. We should just not
use a password in that case.

Fixes #21588

Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21603)

(cherry picked from commit 0d0791eedff7f0747503d816184810aa093f523e)


  Commit: a24eaa828354ea71f9f09a6f565b9228012aecaf
      https://github.com/openssl/openssl/commit/a24eaa828354ea71f9f09a6f565b9228012aecaf
  Author: Matt Caswell <matt at openssl.org>
  Date:   2023-08-01 (Tue, 01 Aug 2023)

  Changed paths:
    M test/pemtest.c

  Log Message:
  -----------
  Add a test for PEM_read_bio_Parameters()

We must not ask for a password when attempting to read parameters.

Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21603)

(cherry picked from commit df3d609030bdb0868d1ccca14227bb6829ad954c)


Compare: https://github.com/openssl/openssl/compare/0059bb5dac42...a24eaa828354

More information about the openssl-commits mailing list