Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

key_app_writer writes invalid private key DER file #2239

Merged
merged 2 commits into from
Mar 6, 2019

Conversation

cwalther
Copy link
Contributor

@cwalther cwalther commented Nov 28, 2018

Description

The same bug as reported in #1257 and fixed in #1258 for public key output also exists in the private key output: When writing the private key in DER format, the contents of the file are shifted by one byte, which makes it an invalid DER file.

Status

READY

Requires Backporting

Yes: mbedtls-2.1, mbedtls-2.7

Migrations

NO

Todos

Steps to test or reproduce

programs/pkey/gen_key
programs/pkey/key_app_writer mode=private filename=keyfile.key output_mode=private output_file=keyfile.der output_format=der
programs/pkey/key_app mode=private filename=keyfile.der 

Expected result:

  . Loading the private key ... ok
  . Key information    ...
...

Actual result:

  . Loading the private key ... failed
  !  mbedtls_pk_parse_keyfile returned -0x3d00
  !  Last error was: PK - Invalid key tag or value

@cwalther
Copy link
Contributor Author

ChangeLog: Apparently I’m supposed to make an entry there, but I’m not sure where it should go – I was expecting an “unreleased” section at the top of the file, but don’t see one.
Backports: Am I supposed to make separate pull requests for those, or will the maintainers just cherry-pick the change?

@RonEld
Copy link
Contributor

RonEld commented Nov 28, 2018

@cwalther Thank you for your contribution!

As I believe this is your Mbed account, your CLA is valid.

As for the ChangeLog, if there is no section to put new entries, we simply create one. You can look at this commit for reference.
This usually happens if no PR has been merged since a release, so no section has been created yet

Please make a new commit to htis PR, with the section and the ChangeLog entry

@RonEld RonEld added bug CLA valid needs-review Every commit must be reviewed by at least two team members, component-x509 labels Nov 28, 2018
@cwalther
Copy link
Contributor Author

Thanks for the quick response!

Yes, this is the correct Mbed account.

@RonEld RonEld requested a review from AndrzejKurek December 4, 2018 14:54
@simonbutcher simonbutcher added approved Design and code approved - may be waiting for CI or backports needs-backports Backports are missing or are pending review and approval. and removed needs-review Every commit must be reviewed by at least two team members, labels Dec 24, 2018
@RonEld
Copy link
Contributor

RonEld commented Jan 31, 2019

Backports available at #2400 and #2401

@RonEld
Copy link
Contributor

RonEld commented Feb 6, 2019

Both backports have been fully approved, so removing the "needs backports" label.
cc @sbutcher-arm

@RonEld RonEld removed the needs-backports Backports are missing or are pending review and approval. label Feb 6, 2019
@Patater Patater merged commit e0f90f6 into Mbed-TLS:development Mar 6, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Design and code approved - may be waiting for CI or backports bug component-x509
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants