[PATCH 1/4] OpenSSL: clear the correct flag in crypto_ec_key_get_ecprivate_key
Cedric Izoard
cedric.izoard at ceva-dsp.com
Fri Oct 29 02:05:30 PDT 2021
From: "(4401 440) Cedric Izoard (France)" <cedric.izoard at ceva-dsp.com>
In case public Key was not included in the EC private key ASN1
sequence, the flag cleared was not the right one.
Signed-off-by: Cedric Izoard <cedric.izoard at ceva-dsp.com>
---
src/crypto/crypto_openssl.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index 96ce493e3..c198748de 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -2501,15 +2501,18 @@ struct wpabuf * crypto_ec_key_get_ecprivate_key(struct crypto_ec_key *key,
unsigned char *der = NULL;
int der_len;
struct wpabuf *buf;
+ unsigned int key_flags;
eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *) key);
if (!eckey)
return NULL;
+ key_flags = EC_KEY_get_enc_flags(eckey);
if (include_pub)
- EC_KEY_clear_flags(eckey, EC_PKEY_NO_PUBKEY);
+ key_flags &= ~EC_PKEY_NO_PUBKEY;
else
- EC_KEY_set_enc_flags(eckey, EC_PKEY_NO_PUBKEY);
+ key_flags |= EC_PKEY_NO_PUBKEY;
+ EC_KEY_set_enc_flags(eckey, key_flags);
EC_KEY_set_conv_form(eckey, POINT_CONVERSION_UNCOMPRESSED);
--
2.25.1
More information about the Hostap
mailing list