This allows to set EC_KEY's private key to NULL and fixes regression
issue following OTC guideline in
https://github.com/openssl/openssl/issues/18744#issuecomment-
1195175696
Fixes #18744.
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18874)
&& key->meth->set_private(key, priv_key) == 0)
return 0;
+ /*
+ * Return `0` to comply with legacy behavior for this function, see
+ * https://github.com/openssl/openssl/issues/18744#issuecomment-1195175696
+ */
+ if (priv_key == NULL) {
+ BN_clear_free(key->priv_key);
+ key->priv_key = NULL;
+ return 0; /* intentional for legacy compatibility */
+ }
+
/*
* We should never leak the bit length of the secret scalar in the key,
* so we always set the `BN_FLG_CONSTTIME` flag on the internal `BIGNUM`