generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Tolerate PKCS#8 DSA format with negative private key.

Browse Source
This commit is contained in:
Dr. Stephen Henson 2010-01-22 20:17:30 +00:00
parent ad8ee3d7d1
commit 1699389a46
5 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@ -4,6 +4,9 @@
Changes between 0.9.8m (?) and 1.0.0 [xx XXX xxxx] Changes between 0.9.8m (?) and 1.0.0 [xx XXX xxxx]
*) Tolerate yet another broken PKCS#8 key format: private key value negative.
[Steve Henson]
*) Add new -subject_hash_old and -issuer_hash_old options to x509 utility to *) Add new -subject_hash_old and -issuer_hash_old options to x509 utility to
output hashes compatible with older versions of OpenSSL. output hashes compatible with older versions of OpenSSL.
[Willy Weisz <weisz@vcpc.univie.ac.at>] [Willy Weisz <weisz@vcpc.univie.ac.at>]

4
apps/pkcs8.c
View File

@ -403,6 +403,10 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "DSA public key include in PrivateKey\n"); BIO_printf(bio_err, "DSA public key include in PrivateKey\n");
break; break;
case PKCS8_NEG_PRIVKEY:
BIO_printf(bio_err, "DSA private key value is negative\n");
break;
default: default:
BIO_printf(bio_err, "Unknown broken type\n"); BIO_printf(bio_err, "Unknown broken type\n");
break; break;

8
crypto/dsa/dsa_ameth.c
View File

@ -237,8 +237,16 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
} }
else else
{ {
const unsigned char *q = p;
if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen))) if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
goto decerr; goto decerr;
if (privkey->type == V_ASN1_NEG_INTEGER)
{
p8->broken = PKCS8_NEG_PRIVKEY;
ASN1_INTEGER_free(privkey);
if (!(privkey=d2i_ASN1_UINTEGER(NULL, &q, pklen)))
goto decerr;
}
if (ptype != V_ASN1_SEQUENCE) if (ptype != V_ASN1_SEQUENCE)
goto decerr; goto decerr;
} }

1
crypto/x509/x509.h
View File

@ -585,6 +585,7 @@ struct pkcs8_priv_key_info_st
#define PKCS8_NO_OCTET 1 #define PKCS8_NO_OCTET 1
#define PKCS8_EMBEDDED_PARAM 2 #define PKCS8_EMBEDDED_PARAM 2
#define PKCS8_NS_DB 3 #define PKCS8_NS_DB 3
#define PKCS8_NEG_PRIVKEY 4
ASN1_INTEGER *version; ASN1_INTEGER *version;
X509_ALGOR *pkeyalg; X509_ALGOR *pkeyalg;
ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */ ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */

4
doc/ssl/SSL_CTX_set_options.pod
View File

@ -247,7 +247,9 @@ If an unpatched client attempts to connect to a patched OpenSSL server then
the attempt will succeed but renegotiation is not permitted. As required the attempt will succeed but renegotiation is not permitted. As required
by the standard a B<no_renegotiation> alert is sent back to the client if by the standard a B<no_renegotiation> alert is sent back to the client if
the TLS v1.0 protocol is used. If SSLv3.0 is used then renegotiation results the TLS v1.0 protocol is used. If SSLv3.0 is used then renegotiation results
in a fatal B<handshake_failed> alert. in a fatal B<handshake_failed> alert. If the patched server attempts to
renegotiate (existing applications which renegotiate may well do this) then
a fatal B<handshake_failed> alert is sent.
If a patched OpenSSL client attempts to connect to an unpatched server If a patched OpenSSL client attempts to connect to an unpatched server
then the connection will fail because it is not possible to determine then the connection will fail because it is not possible to determine