Related bug: https://bugs.kde.org/show_bug.cgi?id=423349. When loading PKCS12 key bundle, during conveting pkey to QCA::PKeyBase*: #0 opensslQCAPlugin::MyPKeyContext::pkeyToBase #1 opensslQCAPlugin::MyPKCS12Context::fromPKCS12 #2 QCA::get_pkcs12_der #3 QCA::KeyBundle::fromFile In opensslQCAPlugin::MyPKeyContext::pkeyToBase, if pkey_type it got is unexpected (i.e. not EVP_PKEY_{RSA,DSA,DH}; e.g. EVP_PKEY_EC), it will return nullptr, and opensslQCAPlugin::MyPKCS12Context::fromPKCS12 doesn't check the return value. When calling pkey related methods (like QCA::PrivateKey::canDecrypt(), which eventually calls QCA::PKeyBase::type()), it will cause segmentation fault due to nullptr. OBSERVED RESULT Segmentation fault due to PKeyBase* being nullptr. EXPECTED RESULT - Either make QCA::KeyBundle::fromFile fail due to unknown pkey type, or check if QCA::PKeyBase* is nullptr every time when use it (not just QCA::Provider::Context*). - Support more pkey types if possible. SOFTWARE/OS VERSIONS Qt Version: 5.15.0 Frameworks Version: 5.71.0 Operating System: Linux 5.7.4-arch1-1 x86_64 Windowing system: X11 Distribution: "Arch Linux"
A possibly relevant merge request was started @ https://invent.kde.org/libraries/qca/-/merge_requests/30
The crash will be fixed shortly, but that's just the crash, we need to add ecdsa support to QCA for that to actually work in plasma-nm i guess
Git commit 3242caee6aa7bb07d2f0e3d9ed23e4fcacc82140 by Albert Astals Cid. Committed on 22/06/2020 at 20:03. Pushed by aacid into branch 'master'. ossl: pkcs12: Don't crash on unknown private key type M +8 -0 plugins/qca-ossl/qca-ossl.cpp https://invent.kde.org/libraries/qca/commit/3242caee6aa7bb07d2f0e3d9ed23e4fcacc82140