When PEM_X509_INFO_read_bio() was updated "to correctly assign private
keys" in 2006, a regression was introduced with processing RSA private
keys. Here is the diff:
http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=43c9825c2a2f2f552517d45d3f3e386a0fe37f2f
(or http://cvs.openssl.org/chngview?cn=15273)
The "d2i=(D2I_OF(void))d2i_RSAPrivateKey;" line was dropped by mistake,
with the unfortunate effect that an RSA private key will no longer
be properly processed if it happens to come first:
- d2i will remain at its initial value of "0"
- the "if (d2i != NULL)" block - where d2i_PrivateKey/d2i is expected
to deal with the private key - will be skipped, and dec_pkey will
remain NULL
If something other than an RSA private key is appearing first, things
will work "by chance", though:
- d2i will still have its previous value (it isn't set to NULL
in the for loop except for the case of unknown objects)
- ptype will be EVP_PKEY_RSA, so d2i_PrivateKey will be called
While rewriting the function (as mentioned in the 2006 commit message)
might be preferrable as a long-term solution, I suggest to fix the
regression by re-inserting that line. 0.9.8 is not affected, but 1.0.0
and all subsequent releases.
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index 1b2be52..cc7f24a 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -167,6 +167,7 @@ start:
#ifndef OPENSSL_NO_RSA
if (strcmp(name,PEM_STRING_RSA) == 0)
{
+ d2i=(D2I_OF(void))d2i_RSAPrivateKey;
if (xi->x_pkey != NULL)
{
if (!sk_X509_INFO_push(ret,xi)) goto err;
