diff options
| author | tb <> | 2023-12-28 22:09:10 +0000 |
|---|---|---|
| committer | tb <> | 2023-12-28 22:09:10 +0000 |
| commit | d02de88bb0448555210074070ff438d090c4c115 (patch) | |
| tree | 05a1fa3694f9df3063acf66f388ad0beb93e9aab /src/lib | |
| parent | 0b06568a2c7355ecc0abce9fca872205782936af (diff) | |
| download | openbsd-d02de88bb0448555210074070ff438d090c4c115.tar.gz openbsd-d02de88bb0448555210074070ff438d090c4c115.tar.bz2 openbsd-d02de88bb0448555210074070ff438d090c4c115.zip | |
Fix pkey_ec_keygen()
The EC code came later, and people got better at writing terrible code.
In this case, they could remain quite close to what they copy-pasted
from DH, so it was relatively straightforward (for once). There's only
one slight extra twist and that's easily dealt with.
ok jsing
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/ec/ec_pmeth.c | 33 |
1 files changed, 20 insertions, 13 deletions
diff --git a/src/lib/libcrypto/ec/ec_pmeth.c b/src/lib/libcrypto/ec/ec_pmeth.c index d3bf7e8cdc..0f4f00bc44 100644 --- a/src/lib/libcrypto/ec/ec_pmeth.c +++ b/src/lib/libcrypto/ec/ec_pmeth.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ec_pmeth.c,v 1.19 2023/07/28 15:50:33 tb Exp $ */ | 1 | /* $OpenBSD: ec_pmeth.c,v 1.20 2023/12/28 22:09:10 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| @@ -478,28 +478,35 @@ pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) | |||
| 478 | { | 478 | { |
| 479 | EC_KEY *ec = NULL; | 479 | EC_KEY *ec = NULL; |
| 480 | EC_PKEY_CTX *dctx = ctx->data; | 480 | EC_PKEY_CTX *dctx = ctx->data; |
| 481 | int ret = 0; | ||
| 481 | 482 | ||
| 482 | if (ctx->pkey == NULL && dctx->gen_group == NULL) { | 483 | if (ctx->pkey == NULL && dctx->gen_group == NULL) { |
| 483 | ECerror(EC_R_NO_PARAMETERS_SET); | 484 | ECerror(EC_R_NO_PARAMETERS_SET); |
| 484 | return 0; | 485 | goto err; |
| 485 | } | ||
| 486 | ec = EC_KEY_new(); | ||
| 487 | if (ec == NULL) | ||
| 488 | return 0; | ||
| 489 | if (!EVP_PKEY_assign_EC_KEY(pkey, ec)) { | ||
| 490 | EC_KEY_free(ec); | ||
| 491 | return 0; | ||
| 492 | } | 486 | } |
| 493 | /* Note: if error is returned, we count on caller to free pkey->pkey.ec */ | 487 | |
| 488 | if ((ec = EC_KEY_new()) == NULL) | ||
| 489 | goto err; | ||
| 490 | if (!EVP_PKEY_set1_EC_KEY(pkey, ec)) | ||
| 491 | goto err; | ||
| 492 | |||
| 494 | if (ctx->pkey != NULL) { | 493 | if (ctx->pkey != NULL) { |
| 495 | if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey)) | 494 | if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey)) |
| 496 | return 0; | 495 | goto err; |
| 497 | } else { | 496 | } else { |
| 498 | if (!EC_KEY_set_group(ec, dctx->gen_group)) | 497 | if (!EC_KEY_set_group(ec, dctx->gen_group)) |
| 499 | return 0; | 498 | goto err; |
| 500 | } | 499 | } |
| 501 | 500 | ||
| 502 | return EC_KEY_generate_key(ec); | 501 | if (!EC_KEY_generate_key(ec)) |
| 502 | goto err; | ||
| 503 | |||
| 504 | ret = 1; | ||
| 505 | |||
| 506 | err: | ||
| 507 | EC_KEY_free(ec); | ||
| 508 | |||
| 509 | return ret; | ||
| 503 | } | 510 | } |
| 504 | 511 | ||
| 505 | const EVP_PKEY_METHOD ec_pkey_meth = { | 512 | const EVP_PKEY_METHOD ec_pkey_meth = { |