diff options
| -rw-r--r-- | crypto/pem/pem_pk8.c | 8 | ||||
| -rw-r--r-- | test/evp_extra_test2.c | 37 |
2 files changed, 44 insertions, 1 deletions
diff --git a/crypto/pem/pem_pk8.c b/crypto/pem/pem_pk8.c index 86a66b586c..5e28907be3 100644 --- a/crypto/pem/pem_pk8.c +++ b/crypto/pem/pem_pk8.c @@ -93,7 +93,13 @@ static int do_pk8pkey(BIO *bp, const EVP_PKEY *x, int isder, int nid, } } - if (OSSL_ENCODER_CTX_get_num_encoders(ctx) != 0) { + /* + * NOTE: There is no attempt to do a EVP_CIPHER_fetch() using the nid, + * since the nid is a PBE algorithm which can't be fetched currently. + * (e.g. NID_pbe_WithSHA1And2_Key_TripleDES_CBC). Just use the legacy + * path if the NID is passed. + */ + if (nid == -1 && OSSL_ENCODER_CTX_get_num_encoders(ctx) != 0) { ret = 1; if (enc != NULL) { ret = 0; diff --git a/test/evp_extra_test2.c b/test/evp_extra_test2.c index 6d5303ab9d..2e5861c77f 100644 --- a/test/evp_extra_test2.c +++ b/test/evp_extra_test2.c @@ -290,6 +290,40 @@ done: return ret; } +#ifndef OPENSSL_NO_DES +static int test_pkcs8key_nid_bio(void) +{ + int ret; + const int nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; + static const char pwd[] = "PASSWORD"; + EVP_PKEY *pkey = NULL, *pkey_dec = NULL; + BIO *in = NULL, *enc_bio = NULL; + char *enc_data = NULL; + long enc_datalen = 0; + OSSL_PROVIDER *provider = NULL; + + ret = TEST_ptr(provider = OSSL_PROVIDER_load(NULL, "default")) + && TEST_ptr(enc_bio = BIO_new(BIO_s_mem())) + && TEST_ptr(in = BIO_new_mem_buf(kExampleRSAKeyPKCS8, + sizeof(kExampleRSAKeyPKCS8))) + && TEST_ptr(pkey = d2i_PrivateKey_ex_bio(in, NULL, NULL, NULL)) + && TEST_int_eq(i2d_PKCS8PrivateKey_nid_bio(enc_bio, pkey, nid, + pwd, sizeof(pwd) - 1, + NULL, NULL), 1) + && TEST_int_gt(enc_datalen = BIO_get_mem_data(enc_bio, &enc_data), 0) + && TEST_ptr(pkey_dec = d2i_PKCS8PrivateKey_bio(enc_bio, NULL, NULL, + (void *)pwd)) + && TEST_true(EVP_PKEY_eq(pkey, pkey_dec)); + + EVP_PKEY_free(pkey_dec); + EVP_PKEY_free(pkey); + BIO_free(in); + BIO_free(enc_bio); + OSSL_PROVIDER_unload(provider); + return ret; +} +#endif /* OPENSSL_NO_DES */ + static int test_alternative_default(void) { OSSL_LIB_CTX *oldctx; @@ -727,6 +761,9 @@ int setup_tests(void) ADD_TEST(test_pkey_todata_null); ADD_TEST(test_pkey_export_null); ADD_TEST(test_pkey_export); +#ifndef OPENSSL_NO_DES + ADD_TEST(test_pkcs8key_nid_bio); +#endif return 1; } |