DER writer: Make context-specific tags constructed (i.e. explicit)

For now, that's what we see being used.  It's possible that we will
have to figure out a way to specific if these should be implicit or
explicit on a case by case basis.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12544)

diff --git a/crypto/der_writer.c b/crypto/der_writer.c
index 876278750470374c1c3577122374082729ff7aed..117b5dff90f00917537cecf5f631dfcaaf050f33 100644 (file)
--- a/crypto/der_writer.c
+++ b/crypto/der_writer.c
@@ -38,10 +38,14 @@ static int int_end_context(WPACKET *pkt, int tag)
         return 1;
     if (!ossl_assert(tag <= 30))
         return 0;
+
+    /* Context specific are normally (?) constructed */
+    tag |= DER_F_CONSTRUCTED | DER_C_CONTEXT;
+
     return WPACKET_get_total_written(pkt, &size1)
         && WPACKET_close(pkt)
         && WPACKET_get_total_written(pkt, &size2)
-        && (size1 == size2 || WPACKET_put_bytes_u8(pkt, DER_C_CONTEXT | tag));
+        && (size1 == size2 || WPACKET_put_bytes_u8(pkt, tag));
 }
 
 int DER_w_precompiled(WPACKET *pkt, int tag,