Merge pull request #7279 from SparkiDev/ssl_priv_load_fail

douzzer · web-flow · commit 03f9b210d738 · 2024-03-01T01:35:50.000-05:00
SSL: Loading bad private key
diff --git a/src/ssl.c b/src/ssl.c
@@ -6543,7 +6543,10 @@ static int ProcessBufferTryDecodeRsa(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
                     "not enabled to try");
         ret = WOLFSSL_BAD_FILE;
     #else
-        ret = 0; /* continue trying other algorithms */
+        if (*keyFormat == 0) {
+            /* Format unknown so keep trying. */
+            ret = 0; /* continue trying other algorithms */
+        }
     #endif
     }
     else {
@@ -6616,7 +6619,10 @@ static int ProcessBufferTryDecodeRsa(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
                         "not enabled to try");
             ret = WOLFSSL_BAD_FILE;
         #else
-            ret = 0; /* continue trying other algorithms */
+            if (*keyFormat == 0) {
+                /* Format unknown so keep trying. */
+                ret = 0; /* continue trying other algorithms */
+            }
         #endif
         }
         else {
@@ -6728,7 +6734,7 @@ static int ProcessBufferTryDecodeEcc(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
                 *resetSuites = 1;
             }
         }
-        else {
+        else if (*keyFormat == 0) {
             ret = 0; /* continue trying other algorithms */
         }
 
@@ -6809,7 +6815,7 @@ static int ProcessBufferTryDecodeEd25519(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
                 }
             }
         }
-        else {
+        else if (*keyFormat == 0) {
             ret = 0; /* continue trying other algorithms */
         }
 
@@ -6887,6 +6893,9 @@ static int ProcessBufferTryDecodeEd448(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
                 }
             }
         }
+        else if (*keyFormat == 0) {
+            ret = 0; /* continue trying other algorithms */
+        }
 
         wc_ed448_free(key);
     }
@@ -6991,6 +7000,10 @@ static int ProcessBufferTryDecodeFalcon(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
                 *resetSuites = 1;
             }
         }
+        else if (*keyFormat == 0) {
+            ret = 0; /* continue trying other algorithms */
+        }
+
         wc_falcon_free(key);
     }
     XFREE(key, heap, DYNAMIC_TYPE_FALCON);
@@ -7105,6 +7118,10 @@ static int ProcessBufferTryDecodeDilithium(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
                 *resetSuites = 1;
             }
         }
+        else if (*keyFormat == 0) {
+            ret = 0; /* continue trying other algorithms */
+        }
+
         wc_dilithium_free(key);
     }
     XFREE(key, heap, DYNAMIC_TYPE_DILITHIUM);

Original file line number	Diff line number	Diff line change
`@@ -6543,7 +6543,10 @@ static int ProcessBufferTryDecodeRsa(WOLFSSL_CTX* ctx, WOLFSSL* ssl,`
`6543`	`6543`	`"not enabled to try");`
`6544`	`6544`	`ret = WOLFSSL_BAD_FILE;`
`6545`	`6545`	`#else`
`6546`		`- ret = 0; /* continue trying other algorithms */`
	`6546`	`+ if (*keyFormat == 0) {`
	`6547`	`+ /* Format unknown so keep trying. */`
	`6548`	`+ ret = 0; /* continue trying other algorithms */`
	`6549`	`+ }`
`6547`	`6550`	`#endif`
`6548`	`6551`	`}`
`6549`	`6552`	`else {`
`@@ -6616,7 +6619,10 @@ static int ProcessBufferTryDecodeRsa(WOLFSSL_CTX* ctx, WOLFSSL* ssl,`
`6616`	`6619`	`"not enabled to try");`
`6617`	`6620`	`ret = WOLFSSL_BAD_FILE;`
`6618`	`6621`	`#else`
`6619`		`- ret = 0; /* continue trying other algorithms */`
	`6622`	`+ if (*keyFormat == 0) {`
	`6623`	`+ /* Format unknown so keep trying. */`
	`6624`	`+ ret = 0; /* continue trying other algorithms */`
	`6625`	`+ }`
`6620`	`6626`	`#endif`
`6621`	`6627`	`}`
`6622`	`6628`	`else {`
`@@ -6728,7 +6734,7 @@ static int ProcessBufferTryDecodeEcc(WOLFSSL_CTX* ctx, WOLFSSL* ssl,`
`6728`	`6734`	`*resetSuites = 1;`
`6729`	`6735`	`}`
`6730`	`6736`	`}`
`6731`		`- else {`
	`6737`	`+ else if (*keyFormat == 0) {`
`6732`	`6738`	`ret = 0; /* continue trying other algorithms */`
`6733`	`6739`	`}`
`6734`	`6740`
`@@ -6809,7 +6815,7 @@ static int ProcessBufferTryDecodeEd25519(WOLFSSL_CTX* ctx, WOLFSSL* ssl,`
`6809`	`6815`	`}`
`6810`	`6816`	`}`
`6811`	`6817`	`}`
`6812`		`- else {`
	`6818`	`+ else if (*keyFormat == 0) {`
`6813`	`6819`	`ret = 0; /* continue trying other algorithms */`
`6814`	`6820`	`}`
`6815`	`6821`
`@@ -6887,6 +6893,9 @@ static int ProcessBufferTryDecodeEd448(WOLFSSL_CTX* ctx, WOLFSSL* ssl,`
`6887`	`6893`	`}`
`6888`	`6894`	`}`
`6889`	`6895`	`}`
	`6896`	`+ else if (*keyFormat == 0) {`
	`6897`	`+ ret = 0; /* continue trying other algorithms */`
	`6898`	`+ }`
`6890`	`6899`
`6891`	`6900`	`wc_ed448_free(key);`
`6892`	`6901`	`}`
`@@ -6991,6 +7000,10 @@ static int ProcessBufferTryDecodeFalcon(WOLFSSL_CTX* ctx, WOLFSSL* ssl,`
`6991`	`7000`	`*resetSuites = 1;`
`6992`	`7001`	`}`
`6993`	`7002`	`}`
	`7003`	`+ else if (*keyFormat == 0) {`
	`7004`	`+ ret = 0; /* continue trying other algorithms */`
	`7005`	`+ }`
	`7006`	`+`
`6994`	`7007`	`wc_falcon_free(key);`
`6995`	`7008`	`}`
`6996`	`7009`	`XFREE(key, heap, DYNAMIC_TYPE_FALCON);`
`@@ -7105,6 +7118,10 @@ static int ProcessBufferTryDecodeDilithium(WOLFSSL_CTX* ctx, WOLFSSL* ssl,`
`7105`	`7118`	`*resetSuites = 1;`
`7106`	`7119`	`}`
`7107`	`7120`	`}`
	`7121`	`+ else if (*keyFormat == 0) {`
	`7122`	`+ ret = 0; /* continue trying other algorithms */`
	`7123`	`+ }`
	`7124`	`+`
`7108`	`7125`	`wc_dilithium_free(key);`
`7109`	`7126`	`}`
`7110`	`7127`	`XFREE(key, heap, DYNAMIC_TYPE_DILITHIUM);`