diff options
author | Richard Levitte <levitte@openssl.org> | 2021-01-28 09:00:58 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2021-02-24 10:17:14 +0100 |
commit | 10315851d0230646947213ac148747bc64c56798 (patch) | |
tree | e42ace1a1251dc13083d5a1258f4b2fddec63916 /providers | |
parent | ce0b307ea01bc5e3e178cd4dba45f9bb9d4ba5df (diff) |
X509: Refactor X509_PUBKEY processing to include provider side keys
When a SubjectPublicKeyInfo (SPKI) is decoded into an X509_PUBKEY
structure, the corresponding EVP_PKEY is automatically added as well.
This used to only support our built-in keytypes, and only in legacy
form.
This is now refactored by making The ASN1 implementation of the
X509_PUBKEY an EXTERN_ASN1, resulting in a more manual implementation
of the basic support routines. Specifically, the d2i routine will do
what was done in the callback before, and try to interpret the input
as an EVP_PKEY, first in legacy form, and then using OSSL_DECODER.
Fixes #13893
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14281)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/implementations/encode_decode/decode_der2key.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c index 466a73f908..5073e660cd 100644 --- a/providers/implementations/encode_decode/decode_der2key.c +++ b/providers/implementations/encode_decode/decode_der2key.c @@ -31,6 +31,7 @@ #include "crypto/evp.h" #include "crypto/ecx.h" #include "crypto/rsa.h" +#include "crypto/x509.h" #include "prov/bio.h" #include "prov/implementations.h" #include "endecoder_local.h" @@ -330,7 +331,7 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { RESET_ERR_MARK(); derp = der; - pkey = d2i_PUBKEY_ex(NULL, &derp, der_len, libctx, NULL); + pkey = d2i_PUBKEY_legacy(NULL, &derp, der_len); } if (pkey != NULL) { |