Tolerate PKCS#8 DSA format with negative private key.

[openssl.git] / crypto / dsa / dsa_ameth.c

diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c
index a588740cd80c327ed652bc9e27d3748f456560cc..5482330c84ded5b47aeb24e21dcd7a9019465231 100644 (file)
--- a/crypto/dsa/dsa_ameth.c
+++ b/crypto/dsa/dsa_ameth.c
@@ -237,8 +237,16 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
                }
        else
                {
+               const unsigned char *q = p;
                if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
                        goto decerr;
+               if (privkey->type == V_ASN1_NEG_INTEGER)
+                       {
+                       p8->broken = PKCS8_NEG_PRIVKEY;
+                       ASN1_INTEGER_free(privkey);
+                       if (!(privkey=d2i_ASN1_UINTEGER(NULL, &q, pklen)))
+                               goto decerr;
+                       }
                if (ptype != V_ASN1_SEQUENCE)
                        goto decerr;
                }