Fix bug in pk_parse_key()

ChangeLog

@@ -25,6 +25,8 @@ Features
      errors on use of deprecated functions.
 
 Bugfix
+   * Fix bug in pk_parse_key() that caused some valid private EC keys to be
+     rejected.
    * Fix bug in Via Padlock support (found by Nikos Mavrogiannopoulos).
    * Fix thread safety bug in RSA operations (found by Fredrik Axelsson).
    * Fix hardclock() (only used in the benchmarking program) with some

library/pkparse.c

@@ -761,6 +761,9 @@ static int pk_parse_key_sec1_der( ecp_keypair *eck,
 
     p += len;
 
+    pubkey_done = 0;
+    if( p != end )
+    {
         /*
          * Is 'parameters' present?
          */
@@ -784,7 +787,6 @@ static int pk_parse_key_sec1_der( ecp_keypair *eck,
          * Is 'publickey' present? If not, or if we can't read it (eg because it
          * is compressed), create it from the private key.
          */
-    pubkey_done = 0;
         if( ( ret = asn1_get_tag( &p, end, &len,
                         ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 )
         {
@@ -814,6 +816,7 @@ static int pk_parse_key_sec1_der( ecp_keypair *eck,
             ecp_keypair_free( eck );
             return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret );
         }
+    }
 
     if( ! pubkey_done &&
         ( ret = ecp_mul( &eck->grp, &eck->Q, &eck->d, &eck->grp.G,

tests/suites/test_suite_pkparse.data

@@ -146,6 +146,10 @@ Parse EC Key #1 (SEC1 DER)
 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
 pk_parse_keyfile_ec:"data_files/ec_prv.sec1.der":"NULL":0
 
+Parse EC Key #1a (SEC1 DER, no optional part)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED
+pk_parse_keyfile_ec:"data_files/ec_prv.noopt.der":"NULL":0
+
 Parse EC Key #2 (SEC1 PEM)
 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
 pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pem":"NULL":0