diff options
author | tb <> | 2023-12-28 22:09:10 +0000 |
---|---|---|
committer | tb <> | 2023-12-28 22:09:10 +0000 |
commit | d02de88bb0448555210074070ff438d090c4c115 (patch) | |
tree | 05a1fa3694f9df3063acf66f388ad0beb93e9aab /src/lib | |
parent | 0b06568a2c7355ecc0abce9fca872205782936af (diff) | |
download | openbsd-d02de88bb0448555210074070ff438d090c4c115.tar.gz openbsd-d02de88bb0448555210074070ff438d090c4c115.tar.bz2 openbsd-d02de88bb0448555210074070ff438d090c4c115.zip |
Fix pkey_ec_keygen()
The EC code came later, and people got better at writing terrible code.
In this case, they could remain quite close to what they copy-pasted
from DH, so it was relatively straightforward (for once). There's only
one slight extra twist and that's easily dealt with.
ok jsing
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/libcrypto/ec/ec_pmeth.c | 33 |
1 files changed, 20 insertions, 13 deletions
diff --git a/src/lib/libcrypto/ec/ec_pmeth.c b/src/lib/libcrypto/ec/ec_pmeth.c index d3bf7e8cdc..0f4f00bc44 100644 --- a/src/lib/libcrypto/ec/ec_pmeth.c +++ b/src/lib/libcrypto/ec/ec_pmeth.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ec_pmeth.c,v 1.19 2023/07/28 15:50:33 tb Exp $ */ | 1 | /* $OpenBSD: ec_pmeth.c,v 1.20 2023/12/28 22:09:10 tb Exp $ */ |
2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 | * project 2006. | 3 | * project 2006. |
4 | */ | 4 | */ |
@@ -478,28 +478,35 @@ pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) | |||
478 | { | 478 | { |
479 | EC_KEY *ec = NULL; | 479 | EC_KEY *ec = NULL; |
480 | EC_PKEY_CTX *dctx = ctx->data; | 480 | EC_PKEY_CTX *dctx = ctx->data; |
481 | int ret = 0; | ||
481 | 482 | ||
482 | if (ctx->pkey == NULL && dctx->gen_group == NULL) { | 483 | if (ctx->pkey == NULL && dctx->gen_group == NULL) { |
483 | ECerror(EC_R_NO_PARAMETERS_SET); | 484 | ECerror(EC_R_NO_PARAMETERS_SET); |
484 | return 0; | 485 | goto err; |
485 | } | ||
486 | ec = EC_KEY_new(); | ||
487 | if (ec == NULL) | ||
488 | return 0; | ||
489 | if (!EVP_PKEY_assign_EC_KEY(pkey, ec)) { | ||
490 | EC_KEY_free(ec); | ||
491 | return 0; | ||
492 | } | 486 | } |
493 | /* Note: if error is returned, we count on caller to free pkey->pkey.ec */ | 487 | |
488 | if ((ec = EC_KEY_new()) == NULL) | ||
489 | goto err; | ||
490 | if (!EVP_PKEY_set1_EC_KEY(pkey, ec)) | ||
491 | goto err; | ||
492 | |||
494 | if (ctx->pkey != NULL) { | 493 | if (ctx->pkey != NULL) { |
495 | if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey)) | 494 | if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey)) |
496 | return 0; | 495 | goto err; |
497 | } else { | 496 | } else { |
498 | if (!EC_KEY_set_group(ec, dctx->gen_group)) | 497 | if (!EC_KEY_set_group(ec, dctx->gen_group)) |
499 | return 0; | 498 | goto err; |
500 | } | 499 | } |
501 | 500 | ||
502 | return EC_KEY_generate_key(ec); | 501 | if (!EC_KEY_generate_key(ec)) |
502 | goto err; | ||
503 | |||
504 | ret = 1; | ||
505 | |||
506 | err: | ||
507 | EC_KEY_free(ec); | ||
508 | |||
509 | return ret; | ||
503 | } | 510 | } |
504 | 511 | ||
505 | const EVP_PKEY_METHOD ec_pkey_meth = { | 512 | const EVP_PKEY_METHOD ec_pkey_meth = { |