From dfb10af92e9663ce4eefaa1d6b678817fa85344d Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 18 Feb 2016 13:18:48 +0000 Subject: [PATCH] Remove DSA negative integer workaround code. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Remove DSA private key code which tolerates broken implementations which use negative integers. Reviewed-by: Emilia Käsper --- crypto/dsa/dsa_ameth.c | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 459a733b98..5c45078e0c 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -183,7 +183,7 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { - const unsigned char *p, *q, *pm; + const unsigned char *p, *pm; int pklen, pmlen; int ptype; void *pval; @@ -200,17 +200,9 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) return 0; X509_ALGOR_get0(NULL, &ptype, &pval, palg); - q = p; - if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) goto decerr; - if (privkey->type == V_ASN1_NEG_INTEGER) { - p8->broken = PKCS8_NEG_PRIVKEY; - ASN1_STRING_clear_free(privkey); - if ((privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen)) == NULL) - goto decerr; - } - if (ptype != V_ASN1_SEQUENCE) + if (privkey->type == V_ASN1_NEG_INTEGER || ptype != V_ASN1_SEQUENCE) goto decerr; pstr = pval; -- 2.25.1