Fix up encoder/decoder issues caused by not passing a library context to the PKCS8...

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14587)

diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c
index 01c050ccb05521087a3e0d330d70910b94024dd8..b3fd87ca05b0f3c53969180d03c6e79c15416ef6 100644 (file)
--- a/providers/implementations/encode_decode/decode_der2key.c
+++ b/providers/implementations/encode_decode/decode_der2key.c
@@ -134,7 +134,7 @@ static void *der2key_decode_p8(const unsigned char **input_der,
         if (!pw_cb(pbuf, sizeof(pbuf), &plen, NULL, pw_cbarg))
             ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE);
         else
-            p8inf = PKCS8_decrypt(p8, pbuf, plen);
+            p8inf = PKCS8_decrypt_ex(p8, pbuf, plen, PROV_LIBCTX_OF(ctx->provctx), NULL);
         if (p8inf == NULL)
             ctx->flag_fatal = 1;
         X509_SIG_free(p8);

diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c
index cd2c3f8daaeabb7ab6ba1ca285ea134a752e0c76..f95c785522302b39afba0e6162c05a17c89cd59b 100644 (file)
--- a/providers/implementations/encode_decode/encode_key2any.c
+++ b/providers/implementations/encode_decode/encode_key2any.c
@@ -117,8 +117,7 @@ static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info,
         return NULL;
     }
     /* First argument == -1 means "standard" */
-    p8 = PKCS8_encrypt_ex(-1, ctx->cipher, kstr, klen, NULL, 0, 0, p8info,
-                          libctx, NULL);
+    p8 = PKCS8_encrypt_ex(-1, ctx->cipher, kstr, klen, NULL, 0, 0, p8info, libctx, NULL);
     OPENSSL_cleanse(kstr, klen);
     return p8;
 }