From: Dr. Stephen Henson Date: Thu, 18 Feb 2016 13:18:48 +0000 (+0000) Subject: Remove DSA negative integer workaround code. X-Git-Tag: OpenSSL_1_1_0-pre4~586 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=dfb10af92e9663ce4eefaa1d6b678817fa85344d;p=oweals%2Fopenssl.git Remove DSA negative integer workaround code. Remove DSA private key code which tolerates broken implementations which use negative integers. Reviewed-by: Emilia Käsper --- diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 459a733b98..5c45078e0c 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -183,7 +183,7 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { - const unsigned char *p, *q, *pm; + const unsigned char *p, *pm; int pklen, pmlen; int ptype; void *pval; @@ -200,17 +200,9 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) return 0; X509_ALGOR_get0(NULL, &ptype, &pval, palg); - q = p; - if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) goto decerr; - if (privkey->type == V_ASN1_NEG_INTEGER) { - p8->broken = PKCS8_NEG_PRIVKEY; - ASN1_STRING_clear_free(privkey); - if ((privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen)) == NULL) - goto decerr; - } - if (ptype != V_ASN1_SEQUENCE) + if (privkey->type == V_ASN1_NEG_INTEGER || ptype != V_ASN1_SEQUENCE) goto decerr; pstr = pval;