Tolerate PKCS#8 DSA format with negative private key.

author: Dr. Stephen Henson <steve@openssl.org> 2010-01-22 20:17:12 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2010-01-22 20:17:12 +0000
commit: ba64ae6cd13182f4f1d99beed8274e17bf8a92b7 (patch)
tree: 2b40d7d1c7f273aefce953b53262107074af68ff /crypto/dsa/dsa_ameth.c
parent: 3a88efd48c4de1e6d46f1b379dd3ff84847297d5 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c
index a588740cd8..5482330c84 100644
--- a/crypto/dsa/dsa_ameth.c
+++ b/crypto/dsa/dsa_ameth.c
@@ -237,8 +237,16 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
 		}
 	else
 		{
+		const unsigned char *q = p;
 		if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
 			goto decerr;
+		if (privkey->type == V_ASN1_NEG_INTEGER)
+			{
+			p8->broken = PKCS8_NEG_PRIVKEY;
+			ASN1_INTEGER_free(privkey);
+			if (!(privkey=d2i_ASN1_UINTEGER(NULL, &q, pklen)))
+				goto decerr;
+			}
 		if (ptype != V_ASN1_SEQUENCE)
 			goto decerr;
 		}
author	Dr. Stephen Henson <steve@openssl.org>	2010-01-22 20:17:12 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2010-01-22 20:17:12 +0000
commit	ba64ae6cd13182f4f1d99beed8274e17bf8a92b7 (patch)
tree	2b40d7d1c7f273aefce953b53262107074af68ff /crypto/dsa/dsa_ameth.c
parent	3a88efd48c4de1e6d46f1b379dd3ff84847297d5 (diff)