On 4 June 2013 13:49, Adam Langley via RT <[email protected]> wrote: > This change saves several EC routines from crashing when an EC_KEY is > missing a public key. The public key is optional in the EC private key > format and, without this patch, running the following through `openssl > ec` causes a crash: > > -----BEGIN EC PRIVATE KEY----- > MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH > -----END EC PRIVATE KEY----- >
Interesting...I'm not sure though that fixing some of the functions in the ec library to handle missing public keys is the correct approach. I believe that the ec library extensively assumes that a public key is mandatory, whilst a private key is optional. Really I think the underlying problem is that the EC_KEY is not being constructed properly in the first place. I propose an alternative fix. If the public key is missing then it should be derived. Here is my patch. Matt
ec-privkey-fix.patch
Description: Binary data
