summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dh
diff options
context:
space:
mode:
authortb <>2023-08-10 09:43:51 +0000
committertb <>2023-08-10 09:43:51 +0000
commit16cca863e0409e2a511a758a5cbf5d41b6a3a852 (patch)
treec6bcc699c6aecd20537e77897245dd9a46589ca8 /src/lib/libcrypto/dh
parent0c08015642e4fb2a5ce32565ab942ffc9579d487 (diff)
downloadopenbsd-16cca863e0409e2a511a758a5cbf5d41b6a3a852.tar.gz
openbsd-16cca863e0409e2a511a758a5cbf5d41b6a3a852.tar.bz2
openbsd-16cca863e0409e2a511a758a5cbf5d41b6a3a852.zip
Various fixes in {dh,dsa}_priv_encode()
Avoid creating an ASN1_STRING with negative length, set type, data and length via ASN1_STRING_type_new() and ASN1_STRING_set0() instead of doing this manually. Check return value for i2d_ASN1_INTEGER() and use an intermediate ASN1_OBJECT instead of nested function calls. Finally, clear sensitive data with freezero(). ok jsing
Diffstat (limited to 'src/lib/libcrypto/dh')
-rw-r--r--src/lib/libcrypto/dh/dh_ameth.c45
1 files changed, 24 insertions, 21 deletions
diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c
index cc594cfd38..12f2db7b8e 100644
--- a/src/lib/libcrypto/dh/dh_ameth.c
+++ b/src/lib/libcrypto/dh/dh_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_ameth.c,v 1.30 2023/07/08 15:29:03 beck Exp $ */ 1/* $OpenBSD: dh_ameth.c,v 1.31 2023/08/10 09:43:51 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -236,48 +236,51 @@ dherr:
236static int 236static int
237dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) 237dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
238{ 238{
239 const DH *dh = pkey->pkey.dh;
239 ASN1_STRING *params = NULL; 240 ASN1_STRING *params = NULL;
240 ASN1_INTEGER *prkey = NULL; 241 ASN1_INTEGER *prkey = NULL;
241 unsigned char *dp = NULL; 242 ASN1_OBJECT *aobj;
242 int dplen; 243 unsigned char *data = NULL, *dp = NULL;
244 int datalen = 0, dplen = 0;
243 245
244 params = ASN1_STRING_new(); 246 if ((datalen = i2d_DHparams(dh, &data)) <= 0) {
245
246 if (!params) {
247 DHerror(ERR_R_MALLOC_FAILURE); 247 DHerror(ERR_R_MALLOC_FAILURE);
248 datalen = 0;
248 goto err; 249 goto err;
249 } 250 }
250 251 if ((params = ASN1_STRING_type_new(V_ASN1_SEQUENCE)) == NULL) {
251 params->length = i2d_DHparams(pkey->pkey.dh, &params->data);
252 if (params->length <= 0) {
253 DHerror(ERR_R_MALLOC_FAILURE); 252 DHerror(ERR_R_MALLOC_FAILURE);
254 goto err; 253 goto err;
255 } 254 }
256 params->type = V_ASN1_SEQUENCE; 255 ASN1_STRING_set0(params, data, datalen);
257 256 data = NULL;
258 /* Get private key into integer */ 257 datalen = 0;
259 prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL);
260 258
261 if (!prkey) { 259 if ((prkey = BN_to_ASN1_INTEGER(dh->priv_key, NULL)) == NULL) {
262 DHerror(DH_R_BN_ERROR); 260 DHerror(DH_R_BN_ERROR);
263 goto err; 261 goto err;
264 } 262 }
265 263 if ((dplen = i2d_ASN1_INTEGER(prkey, &dp)) <= 0) {
266 dplen = i2d_ASN1_INTEGER(prkey, &dp); 264 DHerror(ERR_R_MALLOC_FAILURE);
267 265 dplen = 0;
266 goto err;
267 }
268 ASN1_INTEGER_free(prkey); 268 ASN1_INTEGER_free(prkey);
269 prkey = NULL; 269 prkey = NULL;
270 270
271 if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dhKeyAgreement), 0, 271 if ((aobj = OBJ_nid2obj(NID_dhKeyAgreement)) == NULL)
272 V_ASN1_SEQUENCE, params, dp, dplen)) 272 goto err;
273 if (!PKCS8_pkey_set0(p8, aobj, 0, V_ASN1_SEQUENCE, params, dp, dplen))
273 goto err; 274 goto err;
274 275
275 return 1; 276 return 1;
276 277
277err: 278 err:
278 free(dp);
279 ASN1_STRING_free(params); 279 ASN1_STRING_free(params);
280 ASN1_INTEGER_free(prkey); 280 ASN1_INTEGER_free(prkey);
281 freezero(data, datalen);
282 freezero(dp, dplen);
283
281 return 0; 284 return 0;
282} 285}
283 286
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-01-06 19:28:14 +0000