crypto_verify_private_key_data() must try to decrypt the key only when a password is supplied.
Previously the decrypt test always passed because we detected an unsupported cipher and faked success. Now since version 3.5.4 gnutls supports PBES1-DES-CBC-MD5 and the key is actually decrypted when a password is supplied.
Also, don't assert that a wrong password works because we're now able to actually verify it (only with recent gnutls).
https://bugzilla.gnome.org/show_bug.cgi?id=771623
0e96d23 crypto: don't try to decrypt PKCS#8 key if no password is supplied
libnm-core/crypto.c | 2 +-
libnm-core/crypto_gnutls.c | 2 +-
libnm-core/tests/test-crypto.c | 9 ++++-----
libnm-util/crypto.c | 2 +-
libnm-util/tests/test-crypto.c | 5 -----
5 files changed, 7 insertions(+), 13 deletions(-)
Upstream: cgit.freedesktop.org