A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://github.com/cloudflare/cfssl/commit/87a2fe70720844802207b55cd96f7fedc5d833ed below:

Ignore EC parameters when parsing private keys · cloudflare/cfssl@87a2fe7 · GitHub

File tree Expand file treeCollapse file tree 3 files changed

+31

-2

lines changed

Filter options

Expand file treeCollapse file tree 3 files changed

+31

-2

lines changed Original file line number Diff line number Diff line change

@@ -18,7 +18,7 @@ import (

18 18

"io/ioutil"

19 19

"os"

20 20 21 -

"github.com/google/certificate-transparency-go"

21 +

ct "github.com/google/certificate-transparency-go"

22 22

cttls "github.com/google/certificate-transparency-go/tls"

23 23

ctx509 "github.com/google/certificate-transparency-go/x509"

24 24

"golang.org/x/crypto/ocsp"

@@ -378,7 +378,15 @@ func ParsePrivateKeyPEMWithPassword(keyPEM []byte, password []byte) (key crypto.

378 378 379 379

// GetKeyDERFromPEM parses a PEM-encoded private key and returns DER-format key bytes.

380 380

func GetKeyDERFromPEM(in []byte, password []byte) ([]byte, error) {

381 -

keyDER, _ := pem.Decode(in)

381 +

// Ignore any EC PARAMETERS blocks when looking for a key (openssl includes

382 +

// them by default).

383 +

var keyDER *pem.Block

384 +

for {

385 +

keyDER, in = pem.Decode(in)

386 +

if keyDER == nil || keyDER.Type != "EC PARAMETERS" {

387 +

break

388 +

}

389 +

}

382 390

if keyDER != nil {

383 391

if procType, ok := keyDER.Headers["Proc-Type"]; ok {

384 392

if strings.Contains(procType, "ENCRYPTED") {

Original file line number Diff line number Diff line change

@@ -32,6 +32,7 @@ const (

32 32

testPrivateRSAKey = "testdata/priv_rsa_key.pem"

33 33

testPrivateECDSAKey = "testdata/private_ecdsa_key.pem"

34 34

testPrivateEd25519Key = "testdata/private_ed25519_key.pem"

35 +

testPrivateOpenSSLECKey = "testdata/openssl_secp384.pem"

35 36

testUnsupportedECDSAKey = "testdata/secp256k1-key.pem"

36 37

testMessedUpPrivateKey = "testdata/messed_up_priv_key.pem"

37 38

testEncryptedPrivateKey = "testdata/enc_priv_key.pem"

@@ -374,11 +375,22 @@ func TestParsePrivateKeyPEM(t *testing.T) {

374 375

if err != nil {

375 376

t.Fatal(err)

376 377

}

378 + 377 379

_, err = ParsePrivateKeyPEM(testEd25519PEM)

378 380

if err != nil {

379 381

t.Fatal(err)

380 382

}

381 383 384 +

testOpenSSLECKey, err := ioutil.ReadFile(testPrivateOpenSSLECKey)

385 +

if err != nil {

386 +

t.Fatal(err)

387 +

}

388 + 389 +

_, err = ParsePrivateKeyPEM(testOpenSSLECKey)

390 +

if err != nil {

391 +

t.Fatal(err)

392 +

}

393 + 382 394

// error cases

383 395

errCases := []string{

384 396

testMessedUpPrivateKey, // a few lines deleted

Original file line number Diff line number Diff line change

@@ -0,0 +1,9 @@

1 +

-----BEGIN EC PARAMETERS-----

2 +

BgUrgQQAIg==

3 +

-----END EC PARAMETERS-----

4 +

-----BEGIN EC PRIVATE KEY-----

5 +

MIGkAgEBBDCn5safCQ6/JAUEbf1/BvOBvP9XHfcsEvQooEd0g0v4akMNmH53nXKQ

6 +

qvsZBUP14X6gBwYFK4EEACKhZANiAAR1q1+sGy8Pmgdco9LEB10gJkIO0lBid8aK

7 +

0xmtEL7U1RTQnNyraswwI0hxHwzwSHHKojD8Msdy5uOngxKnGrUBTuMubezfGbWz

8 +

ULOFvrTemUIlNmSsWMcrzEBEnZxvOqY=

9 +

-----END EC PRIVATE KEY-----

You can’t perform that action at this time.


RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4