TLS: Add a debug information on unsupported private key format

Provide easier to understand reason for failure to use the old OpenSSL encrypted private key format. Signed-hostap: Jouni Malinen <j@w1.fi>
author: Jouni Malinen <j@w1.fi> 2011-11-27 13:21:36 +0200
committer: Jouni Malinen <j@w1.fi> 2011-11-27 13:21:36 +0200
commit: e770c497eb7dbbc24533f116707e483866429ebd (patch)
tree: ccf51d7fe198745d1e0a8a8b7ad8e9e559b19739 /src/tls
parent: e670738ae07c8606650e50052b900933ea9dee67 (diff)
download: external_wpa_supplicant_8_ti-e770c497eb7dbbc24533f116707e483866429ebd.zip
external_wpa_supplicant_8_ti-e770c497eb7dbbc24533f116707e483866429ebd.tar.gz
external_wpa_supplicant_8_ti-e770c497eb7dbbc24533f116707e483866429ebd.tar.bz2
1 files changed, 7 insertions, 0 deletions
diff --git a/src/tls/tlsv1_cred.c b/src/tls/tlsv1_cred.c
index 3e07245..d846480 100644
--- a/src/tls/tlsv1_cred.c
+++ b/src/tls/tlsv1_cred.c
@@ -244,10 +244,17 @@ static struct crypto_private_key * tlsv1_set_key_pem(const u8 *key, size_t len)
 		if (!end)
 			return NULL;
 	} else {
+		const u8 *pos2;
 		pos += os_strlen(pem_key_begin);
 		end = search_tag(pem_key_end, pos, key + len - pos);
 		if (!end)
 			return NULL;
+		pos2 = search_tag("Proc-Type: 4,ENCRYPTED", pos, end - pos);
+		if (pos2) {
+			wpa_printf(MSG_DEBUG, "TLSv1: Unsupported private key "
+				   "format (Proc-Type/DEK-Info)");
+			return NULL;
+		}
 	}
 
 	der = base64_decode(pos, end - pos, &der_len);
author	Jouni Malinen <j@w1.fi>	2011-11-27 13:21:36 +0200
committer	Jouni Malinen <j@w1.fi>	2011-11-27 13:21:36 +0200
commit	e770c497eb7dbbc24533f116707e483866429ebd (patch)
tree	ccf51d7fe198745d1e0a8a8b7ad8e9e559b19739 /src/tls
parent	e670738ae07c8606650e50052b900933ea9dee67 (diff)
download	external_wpa_supplicant_8_ti-e770c497eb7dbbc24533f116707e483866429ebd.zip external_wpa_supplicant_8_ti-e770c497eb7dbbc24533f116707e483866429ebd.tar.gz external_wpa_supplicant_8_ti-e770c497eb7dbbc24533f116707e483866429ebd.tar.bz2