[email protected] reported on the mailing list that ECC keys created by OpenSSL

could not be loaded. Investigation found this is because OpenSSL is now including optional extra fields after the private key. One, the curve paramters, is already known to us by other means. The public key being available is useful as it lets us avoid a point multiplication, but decoding it requires substantial changes to the BER decoder which I don't want to make on the stable tree.
author: lloyd <[email protected]> 2012-07-10 13:34:37 +0000
committer: lloyd <[email protected]> 2012-07-10 13:34:37 +0000
commit: 659e78529f8f82b0e8cbace8c1f624b087c27c32 (patch)
tree: 32de214bbb2a04d6d45252109685dc0627261b8b
parent: f5b459bac5bcbdd806ba3ca9a691dc6865e210a1 (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/src/pubkey/ecc_key/ecc_key.cpp b/src/pubkey/ecc_key/ecc_key.cpp
index 991446f07..5f537e0c1 100644
--- a/src/pubkey/ecc_key/ecc_key.cpp
+++ b/src/pubkey/ecc_key/ecc_key.cpp
@@ -116,9 +116,8 @@ EC_PrivateKey::EC_PrivateKey(const AlgorithmIdentifier& alg_id,
    BER_Decoder(key_bits)
       .start_cons(SEQUENCE)
          .decode_and_check<size_t>(1, "Unknown version code for ECC key")
-         .decode_octet_string_bigint(private_key)
-      .verify_end()
-      .end_cons();
+         .decode_octet_string_bigint(private_key);
+         // possibly group params and public key follow
 
    public_key = domain().get_base_point() * private_key;
author	lloyd <[email protected]>	2012-07-10 13:34:37 +0000
committer	lloyd <[email protected]>	2012-07-10 13:34:37 +0000
commit	659e78529f8f82b0e8cbace8c1f624b087c27c32 (patch)
tree	32de214bbb2a04d6d45252109685dc0627261b8b
parent	f5b459bac5bcbdd806ba3ca9a691dc6865e210a1 (diff)