From: Richard Levitte Date: Sun, 2 Aug 2020 11:12:54 +0000 (+0200) Subject: PROV: Make the DER to KEY deserializer decode parameters too X-Git-Tag: openssl-3.0.0-alpha6~13 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b5b6669fb63702233124c8fd5504e8477e559d07;p=thirdparty%2Fopenssl.git PROV: Make the DER to KEY deserializer decode parameters too It should be noted that this may be dodgy if we ever encounter parameter objects that look like something else. However, experience with the OSSL_STORE 'file:' loader, which does exactly this kind of thing, has worked fine so far. A possibility could be that to decode parameters specifically, we demand that there's an incoming data type specifying this, which demands by extension that parameters can only come from a file format that has the parameter type encoded, such as PEM. This would be a future effort. Fixes #12568 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12569) --- diff --git a/providers/implementations/serializers/deserialize_der2key.c b/providers/implementations/serializers/deserialize_der2key.c index a544d8522c3..87ac7b5e122 100644 --- a/providers/implementations/serializers/deserialize_der2key.c +++ b/providers/implementations/serializers/deserialize_der2key.c @@ -130,6 +130,11 @@ static int der2key_deserialize(void *vctx, OSSL_CORE_BIO *cin, pkey = d2i_PUBKEY(NULL, &derp, der_len); } + if (pkey == NULL) { + derp = der; + pkey = d2i_KeyParams(ctx->desc->type, NULL, &derp, der_len); + } + if (pkey != NULL) { /* * Tear out the low-level key pointer from the pkey,