diff options
| author | Tomas Mraz <tomas@openssl.org> | 2023-07-21 17:40:31 +0200 |
|---|---|---|
| committer | Todd Short <todd.short@me.com> | 2023-08-04 16:09:44 +0200 |
| commit | 2acb0d363c0032b5b97c4f6596609f40bd7d842f (patch) | |
| tree | 5ca1bcac26a1b2728d44be79f8253805a850c3e8 /providers | |
| parent | Avoid exporting bogus (empty) data if empty selection is used (diff) | |
| download | openssl-2acb0d363c0032b5b97c4f6596609f40bd7d842f.tar.xz openssl-2acb0d363c0032b5b97c4f6596609f40bd7d842f.zip | |
When exporting/importing decoded keys do not use 0 as selection
When decoding 0 as the selection means to decode anything
you get.
However when exporting and then importing the key data 0 as
selection is not meaningful.
So we set it to OSSL_KEYMGMT_SELECT_ALL to make the export/import
function export/import everything that we have decoded.
Fixes #21493
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21519)
Diffstat (limited to 'providers')
3 files changed, 15 insertions, 3 deletions
diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c index 2657760a62..5f094a32dc 100644 --- a/providers/implementations/encode_decode/decode_der2key.c +++ b/providers/implementations/encode_decode/decode_der2key.c @@ -317,10 +317,14 @@ static int der2key_export_object(void *vctx, void *keydata; if (reference_sz == sizeof(keydata) && export != NULL) { + int selection = ctx->selection; + + if (selection == 0) + selection = OSSL_KEYMGMT_SELECT_ALL; /* The contents of the reference is the address to our object */ keydata = *(void **)reference; - return export(keydata, ctx->selection, export_cb, export_cbarg); + return export(keydata, selection, export_cb, export_cbarg); } return 0; } diff --git a/providers/implementations/encode_decode/decode_msblob2key.c b/providers/implementations/encode_decode/decode_msblob2key.c index 3bf4cf4537..7c4f993b89 100644 --- a/providers/implementations/encode_decode/decode_msblob2key.c +++ b/providers/implementations/encode_decode/decode_msblob2key.c @@ -221,10 +221,14 @@ msblob2key_export_object(void *vctx, void *keydata; if (reference_sz == sizeof(keydata) && export != NULL) { + int selection = ctx->selection; + + if (selection == 0) + selection = OSSL_KEYMGMT_SELECT_ALL; /* The contents of the reference is the address to our object */ keydata = *(void **)reference; - return export(keydata, ctx->selection, export_cb, export_cbarg); + return export(keydata, selection, export_cb, export_cbarg); } return 0; } diff --git a/providers/implementations/encode_decode/decode_pvk2key.c b/providers/implementations/encode_decode/decode_pvk2key.c index 819014231c..cae1d9897a 100644 --- a/providers/implementations/encode_decode/decode_pvk2key.c +++ b/providers/implementations/encode_decode/decode_pvk2key.c @@ -190,10 +190,14 @@ static int pvk2key_export_object(void *vctx, void *keydata; if (reference_sz == sizeof(keydata) && export != NULL) { + int selection = ctx->selection; + + if (selection == 0) + selection = OSSL_KEYMGMT_SELECT_ALL; /* The contents of the reference is the address to our object */ keydata = *(void **)reference; - return export(keydata, ctx->selection, export_cb, export_cbarg); + return export(keydata, selection, export_cb, export_cbarg); } return 0; } |