diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-05-14 15:11:00 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <dev@ddvo.net> | 2022-01-06 09:13:31 +0100 |
| commit | 7a30610902d6d19cfd1698498d3d4129f308e285 (patch) | |
| tree | 5d4cff3cc2bb2e6bba44bcb35741f4111bb9ddee | |
| parent | f762f91f9506927ed036bca5f78f392e039911df (diff) | |
OSSL_STORE: Prevent spurious error during loading private keys
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15283)
(cherry picked from commit da198adb9c5626f31c52613fe2ae59a7066c3366)
| -rw-r--r-- | providers/implementations/encode_decode/decode_der2key.c | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c index 356e65b403..9e3b86b46e 100644 --- a/providers/implementations/encode_decode/decode_der2key.c +++ b/providers/implementations/encode_decode/decode_der2key.c @@ -204,19 +204,24 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, if (!ok) goto next; - ok = 0; /* Assume that we fail */ + ok = 0; /* Assume that we fail */ + ERR_set_mark(); if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { derp = der; if (ctx->desc->d2i_PKCS8 != NULL) { key = ctx->desc->d2i_PKCS8(NULL, &derp, der_len, ctx); - if (ctx->flag_fatal) + if (ctx->flag_fatal) { + ERR_clear_last_mark(); goto end; + } } else if (ctx->desc->d2i_private_key != NULL) { key = ctx->desc->d2i_private_key(NULL, &derp, der_len); } - if (key == NULL && ctx->selection != 0) + if (key == NULL && ctx->selection != 0) { + ERR_clear_last_mark(); goto next; + } } if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { derp = der; @@ -224,16 +229,24 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len); else key = ctx->desc->d2i_public_key(NULL, &derp, der_len); - if (key == NULL && ctx->selection != 0) + if (key == NULL && ctx->selection != 0) { + ERR_clear_last_mark(); goto next; + } } if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) { derp = der; if (ctx->desc->d2i_key_params != NULL) key = ctx->desc->d2i_key_params(NULL, &derp, der_len); - if (key == NULL && ctx->selection != 0) + if (key == NULL && ctx->selection != 0) { + ERR_clear_last_mark(); goto next; + } } + if (key == NULL) + ERR_clear_last_mark(); + else + ERR_pop_to_mark(); /* * Last minute check to see if this was the correct type of key. This |