diff options
author | Richard Levitte <levitte@openssl.org> | 2020-08-27 07:18:55 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-08-28 20:48:27 +0200 |
commit | 87d91d223b869855c11f51b54541ba8139d30d8e (patch) | |
tree | 10219efed302ad89f237e9fa8f3b2897d054dc14 /crypto/err | |
parent | b6ef3c7089e887427cde8c550e28211dc0c22dd1 (diff) |
Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8
PEM_write_bio_PrivateKey_traditional() uses i2d_PrivateKey() to do the
actual encoding to DER. However, i2d_PrivateKey() is a generic
function that will do what it can to produce output according to what
the associated EVP_PKEY_ASN1_METHOD offers. If that method offers a
function 'old_priv_encode', which is expected to produce the
"traditional" encoded form, then i2d_PrivateKey() uses that. If not,
i2d_PrivateKey() will go on and used more modern methods, which are
all expected to produce PKCS#8.
To ensure that PEM_write_bio_PrivateKey_traditional() never produces
more modern encoded forms, an extra check that 'old_priv_encode' is
non-NULL is added. If it is NULL, an error is returned.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12728)
Diffstat (limited to 'crypto/err')
-rw-r--r-- | crypto/err/openssl.txt | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index b530098d2f..43114dc545 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -2768,6 +2768,7 @@ PEM_R_UNEXPECTED_DEK_IV:130:unexpected dek iv PEM_R_UNSUPPORTED_CIPHER:113:unsupported cipher PEM_R_UNSUPPORTED_ENCRYPTION:114:unsupported encryption PEM_R_UNSUPPORTED_KEY_COMPONENTS:126:unsupported key components +PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE:110:unsupported public key type PKCS12_R_CANT_PACK_STRUCTURE:100:cant pack structure PKCS12_R_CONTENT_TYPE_NOT_DATA:121:content type not data PKCS12_R_DECODE_ERROR:101:decode error |