From 38c919bc9555bc69d67f855fae205a7aac20fd4c Mon Sep 17 00:00:00 2001 From: Christian Walther Date: Wed, 28 Nov 2018 13:32:27 +0100 Subject: [PATCH 1/2] Fix private DER output shifted by one byte. --- programs/pkey/key_app_writer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 500e258a3..b81530ceb 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -189,7 +189,7 @@ static int write_private_key( mbedtls_pk_context *key, const char *output_file ) return( ret ); len = ret; - c = output_buf + sizeof(output_buf) - len - 1; + c = output_buf + sizeof(output_buf) - len; } if( ( f = fopen( output_file, "w" ) ) == NULL ) From 59931badc428e65b95fedc1006aaf57266fd5b9c Mon Sep 17 00:00:00 2001 From: Christian Walther Date: Wed, 28 Nov 2018 15:12:26 +0100 Subject: [PATCH 2/2] Add ChangeLog entry --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ChangeLog b/ChangeLog index b39b95391..924471a9a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,9 @@ Bugfix previously lead to a stack overflow on constrained targets. * Add `MBEDTLS_SELF_TEST` for the mbedtls_self_test functions in the header files, which missed the precompilation check. #971 + * Fix private key DER output in the key_app_writer example. File contents + were shifted by one byte, creating an invalid ASN.1 tag. Fixed by + Christian Walther in #2239. = mbed TLS 2.16.0 branch released 2018-12-21