Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8

PEM_write_bio_PrivateKey_traditional() uses i2d_PrivateKey() to do the actual encoding to DER. However, i2d_PrivateKey() is a generic function that will do what it can to produce output according to what the associated EVP_PKEY_ASN1_METHOD offers. If that method offers a function 'old_priv_encode', which is expected to produce the "traditional" encoded form, then i2d_PrivateKey() uses that. If not, i2d_PrivateKey() will go on and used more modern methods, which are all expected to produce PKCS#8. To ensure that PEM_write_bio_PrivateKey_traditional() never produces more modern encoded forms, an extra check that 'old_priv_encode' is non-NULL is added. If it is NULL, an error is returned. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12728)
author: Richard Levitte <levitte@openssl.org> 2020-08-27 07:18:55 +0200
committer: Richard Levitte <levitte@openssl.org> 2020-08-28 20:48:27 +0200
commit: 87d91d223b869855c11f51b54541ba8139d30d8e (patch)
tree: 10219efed302ad89f237e9fa8f3b2897d054dc14 /include
parent: b6ef3c7089e887427cde8c550e28211dc0c22dd1 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/include/openssl/pemerr.h b/include/openssl/pemerr.h
index e3450e5eed..a8ad9f2c87 100644
--- a/include/openssl/pemerr.h
+++ b/include/openssl/pemerr.h
@@ -102,5 +102,6 @@ int ERR_load_PEM_strings(void);
 # define PEM_R_UNSUPPORTED_CIPHER                         113
 # define PEM_R_UNSUPPORTED_ENCRYPTION                     114
 # define PEM_R_UNSUPPORTED_KEY_COMPONENTS                 126
+# define PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE                110
 
 #endif
author	Richard Levitte <levitte@openssl.org>	2020-08-27 07:18:55 +0200
committer	Richard Levitte <levitte@openssl.org>	2020-08-28 20:48:27 +0200
commit	87d91d223b869855c11f51b54541ba8139d30d8e (patch)
tree	10219efed302ad89f237e9fa8f3b2897d054dc14 /include
parent	b6ef3c7089e887427cde8c550e28211dc0c22dd1 (diff)