Mop up remaining uses of ASN1_bn_print()

This removes lots of silly buffers and will allow us to make this API go away. ok jsing
author: tb <> 2023-07-07 06:59:18 +0000
committer: tb <> 2023-07-07 06:59:18 +0000
commit: ded7e344eeedbff393fe259288df7a0f543c49ba (patch)
tree: a7603816da4ccfb40c5056865d5382fd66d77983 /src/lib
parent: 3e9606d3676b918eec4f58130ce87818363373b2 (diff)
download: openbsd-ded7e344eeedbff393fe259288df7a0f543c49ba.tar.gz
openbsd-ded7e344eeedbff393fe259288df7a0f543c49ba.tar.bz2
openbsd-ded7e344eeedbff393fe259288df7a0f543c49ba.zip
4 files changed, 38 insertions, 140 deletions
diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c
index 3de0bb9333..61d3d14397 100644
--- a/src/lib/libcrypto/dh/dh_ameth.c
+++ b/src/lib/libcrypto/dh/dh_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_ameth.c,v 1.28 2023/04/17 05:57:17 tb Exp $ */
+/* $OpenBSD: dh_ameth.c,v 1.29 2023/07/07 06:59:18 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -65,6 +65,7 @@
 #include <openssl/x509.h>
 #include "asn1_local.h"
+#include "bn_local.h"
 #include "dh_local.h"
 #include "evp_local.h"
@@ -280,17 +281,6 @@ err:
        return 0;
 }
-static void
-update_buflen(const BIGNUM *b, size_t *pbuflen)
-{
-        size_t i;
-        if (!b)
-                return;
-        if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
-                *pbuflen = i;
-}
 static int
 dh_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
 {
@@ -313,9 +303,7 @@ dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
 static int
 do_dh_print(BIO *bp, const DH *x, int indent, ASN1_PCTX *ctx, int ptype)
 {
-        unsigned char *m = NULL;
        int reason = ERR_R_BUF_LIB, ret = 0;
-        size_t buf_len = 0;
        const char *ktype = NULL;
        BIGNUM *priv_key, *pub_key;
@@ -329,17 +317,6 @@ do_dh_print(BIO *bp, const DH *x, int indent, ASN1_PCTX *ctx, int ptype)
        else
                pub_key = NULL;
-        update_buflen(x->p, &buf_len);
-        if (buf_len == 0) {
-                reason = ERR_R_PASSED_NULL_PARAMETER;
-                goto err;
-        }
-        update_buflen(x->g, &buf_len);
-        update_buflen(pub_key, &buf_len);
-        update_buflen(priv_key, &buf_len);
        if (ptype == 2)
                ktype = "PKCS#3 DH Private-Key";
        else if (ptype == 1)
@@ -347,9 +324,8 @@ do_dh_print(BIO *bp, const DH *x, int indent, ASN1_PCTX *ctx, int ptype)
        else
                ktype = "PKCS#3 DH Parameters";
-        m= malloc(buf_len + 10);
+        if (x->p == NULL) {
-        if (m == NULL) {
+                reason = ERR_R_PASSED_NULL_PARAMETER;
-                reason = ERR_R_MALLOC_FAILURE;
                goto err;
        }
@@ -359,14 +335,14 @@ do_dh_print(BIO *bp, const DH *x, int indent, ASN1_PCTX *ctx, int ptype)
                goto err;
        indent += 4;
-        if (!ASN1_bn_print(bp, "private-key:", priv_key, m, indent))
+        if (!bn_printf(bp, priv_key, indent, "private-key:"))
                goto err;
-        if (!ASN1_bn_print(bp, "public-key:", pub_key, m, indent))
+        if (!bn_printf(bp, pub_key, indent, "public-key:"))
                goto err;
-        if (!ASN1_bn_print(bp, "prime:", x->p, m, indent))
+        if (!bn_printf(bp, x->p, indent, "prime:"))
                goto err;
-        if (!ASN1_bn_print(bp, "generator:", x->g, m, indent))
+        if (!bn_printf(bp, x->g, indent, "generator:"))
                goto err;
        if (x->length != 0) {
                if (!BIO_indent(bp, indent, 128))
@@ -378,10 +354,9 @@ do_dh_print(BIO *bp, const DH *x, int indent, ASN1_PCTX *ctx, int ptype)
        ret = 1;
        if (0) {
-err:
+ err:
                DHerror(reason);
        }
-        free(m);
        return(ret);
 }
diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c
index f282caae06..5a0c3116aa 100644
--- a/src/lib/libcrypto/dsa/dsa_ameth.c
+++ b/src/lib/libcrypto/dsa/dsa_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_ameth.c,v 1.42 2023/03/04 21:42:49 tb Exp $ */
+/* $OpenBSD: dsa_ameth.c,v 1.43 2023/07/07 06:59:18 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -385,25 +385,12 @@ int_dsa_free(EVP_PKEY *pkey)
        DSA_free(pkey->pkey.dsa);
 }
-static void
-update_buflen(const BIGNUM *b, size_t *pbuflen)
-{
-        size_t i;
-        if (!b)
-                return;
-        if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
-                *pbuflen = i;
-}
 static int
 do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
 {
-        unsigned char *m = NULL;
-        int ret = 0;
-        size_t buf_len = 0;
        const char *ktype = NULL;
        const BIGNUM *priv_key, *pub_key;
+        int ret = 0;
        if (ptype == 2)
                priv_key = x->priv_key;
@@ -422,18 +409,6 @@ do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
        else
                ktype = "DSA-Parameters";
-        update_buflen(x->p, &buf_len);
-        update_buflen(x->q, &buf_len);
-        update_buflen(x->g, &buf_len);
-        update_buflen(priv_key, &buf_len);
-        update_buflen(pub_key, &buf_len);
-        m = malloc(buf_len + 10);
-        if (m == NULL) {
-                DSAerror(ERR_R_MALLOC_FAILURE);
-                goto err;
-        }
        if (priv_key) {
                if (!BIO_indent(bp, off, 128))
                        goto err;
@@ -442,19 +417,20 @@ do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
                        goto err;
        }
-        if (!ASN1_bn_print(bp, "priv:", priv_key, m, off))
+        if (!bn_printf(bp, priv_key, off, "priv:"))
                goto err;
-        if (!ASN1_bn_print(bp, "pub: ", pub_key, m, off))
+        if (!bn_printf(bp, pub_key, off, "pub: "))
                goto err;
-        if (!ASN1_bn_print(bp, "P:   ", x->p, m, off))
+        if (!bn_printf(bp, x->p, off, "P:   "))
                goto err;
-        if (!ASN1_bn_print(bp, "Q:   ", x->q, m, off))
+        if (!bn_printf(bp, x->q, off, "Q:   "))
                goto err;
-        if (!ASN1_bn_print(bp, "G:   ", x->g, m, off))
+        if (!bn_printf(bp, x->g, off, "G:   "))
                goto err;
        ret = 1;
-err:
-        free(m);
+ err:
        return ret;
 }
@@ -594,27 +570,16 @@ dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig,
        dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
        if (dsa_sig) {
                int rv = 0;
-                size_t buf_len = 0;
-                unsigned char *m = NULL;
-                update_buflen(dsa_sig->r, &buf_len);
-                update_buflen(dsa_sig->s, &buf_len);
-                m = malloc(buf_len + 10);
-                if (m == NULL) {
-                        DSAerror(ERR_R_MALLOC_FAILURE);
-                        goto err;
-                }
                if (BIO_write(bp, "\n", 1) != 1)
                        goto err;
-                if (!ASN1_bn_print(bp, "r:   ", dsa_sig->r, m, indent))
+                if (!bn_printf(bp, dsa_sig->r, indent, "r:   "))
                        goto err;
-                if (!ASN1_bn_print(bp, "s:   ", dsa_sig->s, m, indent))
+                if (!bn_printf(bp, dsa_sig->s, indent, "s:   "))
                        goto err;
                rv = 1;
-err:
+ err:
-                free(m);
                DSA_SIG_free(dsa_sig);
                return rv;
        }
diff --git a/src/lib/libcrypto/ec/ec_ameth.c b/src/lib/libcrypto/ec/ec_ameth.c
index 8676ace9d8..49ae80494d 100644
--- a/src/lib/libcrypto/ec/ec_ameth.c
+++ b/src/lib/libcrypto/ec/ec_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_ameth.c,v 1.40 2023/07/03 09:25:44 tb Exp $ */
+/* $OpenBSD: ec_ameth.c,v 1.41 2023/07/07 06:59:18 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -427,9 +427,7 @@ int_ec_free(EVP_PKEY *pkey)
 static int
 do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype)
 {
-        unsigned char *buffer = NULL;
        const char *ecstr;
-        size_t buf_len = 0, i;
        int ret = 0, reason = ERR_R_BIO_LIB;
        BIGNUM *pub_key = NULL;
        BN_CTX *ctx = NULL;
@@ -454,24 +452,13 @@ do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype)
                                reason = ERR_R_EC_LIB;
                                goto err;
                        }
-                        if (pub_key)
-                                buf_len = (size_t) BN_num_bytes(pub_key);
                }
        }
        if (ktype == 2) {
                priv_key = EC_KEY_get0_private_key(x);
-                if (priv_key && (i = (size_t) BN_num_bytes(priv_key)) > buf_len)
-                        buf_len = i;
        } else
                priv_key = NULL;
-        if (ktype > 0) {
-                buf_len += 10;
-                if ((buffer = malloc(buf_len)) == NULL) {
-                        reason = ERR_R_MALLOC_FAILURE;
-                        goto err;
-                }
-        }
        if (ktype == 2)
                ecstr = "Private-Key";
        else if (ktype == 1)
@@ -485,19 +472,21 @@ do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype)
            EC_GROUP_order_bits(group)) <= 0)
                goto err;
-        if (!ASN1_bn_print(bp, "priv:", priv_key, buffer, off))
+        if (!bn_printf(bp, priv_key, off, "priv:"))
                goto err;
-        if (!ASN1_bn_print(bp, "pub: ", pub_key, buffer, off))
+        if (!bn_printf(bp, pub_key, off, "pub: "))
                goto err;
        if (!ECPKParameters_print(bp, group, off))
                goto err;
        ret = 1;
 err:
        if (!ret)
                ECerror(reason);
        BN_free(pub_key);
        BN_CTX_free(ctx);
-        free(buffer);
        return (ret);
 }
diff --git a/src/lib/libcrypto/rsa/rsa_ameth.c b/src/lib/libcrypto/rsa/rsa_ameth.c
index 1cf2069a18..825a9f4447 100644
--- a/src/lib/libcrypto/rsa/rsa_ameth.c
+++ b/src/lib/libcrypto/rsa/rsa_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_ameth.c,v 1.29 2023/05/19 17:31:20 tb Exp $ */
+/* $OpenBSD: rsa_ameth.c,v 1.30 2023/07/07 06:59:18 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -68,6 +68,7 @@
 #include <openssl/x509.h>
 #include "asn1_local.h"
+#include "bn_local.h"
 #include "cryptlib.h"
 #include "evp_local.h"
 #include "rsa_local.h"
@@ -408,44 +409,13 @@ rsa_pss_param_print(BIO *bp, int pss_key, RSA_PSS_PARAMS *pss, int indent)
 }
-static void
-update_buflen(const BIGNUM *b, size_t *pbuflen)
-{
-        size_t i;
-        if (!b)
-                return;
-        if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
-                *pbuflen = i;
-}
 static int
 pkey_rsa_print(BIO *bp, const EVP_PKEY *pkey, int off, int priv)
 {
        const RSA *x = pkey->pkey.rsa;
-        unsigned char *m = NULL;
        char *str;
        const char *s;
        int ret = 0, mod_len = 0;
-        size_t buf_len = 0;
-        update_buflen(x->n, &buf_len);
-        update_buflen(x->e, &buf_len);
-        if (priv) {
-                update_buflen(x->d, &buf_len);
-                update_buflen(x->p, &buf_len);
-                update_buflen(x->q, &buf_len);
-                update_buflen(x->dmp1, &buf_len);
-                update_buflen(x->dmq1, &buf_len);
-                update_buflen(x->iqmp, &buf_len);
-        }
-        m = malloc(buf_len + 10);
-        if (m == NULL) {
-                RSAerror(ERR_R_MALLOC_FAILURE);
-                goto err;
-        }
        if (x->n != NULL)
                mod_len = BN_num_bits(x->n);
@@ -467,29 +437,28 @@ pkey_rsa_print(BIO *bp, const EVP_PKEY *pkey, int off, int priv)
                str = "Modulus:";
                s = "Exponent:";
        }
-        if (!ASN1_bn_print(bp, str, x->n, m, off))
+        if (!bn_printf(bp, x->n, off, "%s", str))
                goto err;
-        if (!ASN1_bn_print(bp, s, x->e, m, off))
+        if (!bn_printf(bp, x->e, off, "%s", s))
                goto err;
        if (priv) {
-                if (!ASN1_bn_print(bp, "privateExponent:", x->d, m, off))
+                if (!bn_printf(bp, x->d, off, "privateExponent:"))
                        goto err;
-                if (!ASN1_bn_print(bp, "prime1:", x->p, m, off))
+                if (!bn_printf(bp, x->p, off, "prime1:"))
                        goto err;
-                if (!ASN1_bn_print(bp, "prime2:", x->q, m, off))
+                if (!bn_printf(bp, x->q, off, "prime2:"))
                        goto err;
-                if (!ASN1_bn_print(bp, "exponent1:", x->dmp1, m, off))
+                if (!bn_printf(bp, x->dmp1, off, "exponent1:"))
                        goto err;
-                if (!ASN1_bn_print(bp, "exponent2:", x->dmq1, m, off))
+                if (!bn_printf(bp, x->dmq1, off, "exponent2:"))
                        goto err;
-                if (!ASN1_bn_print(bp, "coefficient:", x->iqmp, m, off))
+                if (!bn_printf(bp, x->iqmp, off, "coefficient:"))
                        goto err;
        }
        if (pkey_is_pss(pkey) && !rsa_pss_param_print(bp, 1, x->pss, off))
                goto err;
        ret = 1;
 err:
-        free(m);
        return ret;
 }
author	tb <>	2023-07-07 06:59:18 +0000
committer	tb <>	2023-07-07 06:59:18 +0000
commit	ded7e344eeedbff393fe259288df7a0f543c49ba (patch)
tree	a7603816da4ccfb40c5056865d5382fd66d77983 /src/lib
parent	3e9606d3676b918eec4f58130ce87818363373b2 (diff)
download	openbsd-ded7e344eeedbff393fe259288df7a0f543c49ba.tar.gz openbsd-ded7e344eeedbff393fe259288df7a0f543c49ba.tar.bz2 openbsd-ded7e344eeedbff393fe259288df7a0f543c49ba.zip

diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c index 3de0bb9333..61d3d14397 100644 --- a/src/lib/libcrypto/dh/dh_ameth.c +++ b/src/lib/libcrypto/dh/dh_ameth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dh_ameth.c,v 1.28 2023/04/17 05:57:17 tb Exp $ */	1	/* $OpenBSD: dh_ameth.c,v 1.29 2023/07/07 06:59:18 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.	3	* project 2006.
4	*/	4	*/
@@ -65,6 +65,7 @@
65	#include <openssl/x509.h>	65	#include <openssl/x509.h>
66		66
67	#include "asn1_local.h"	67	#include "asn1_local.h"
		68	#include "bn_local.h"
68	#include "dh_local.h"	69	#include "dh_local.h"
69	#include "evp_local.h"	70	#include "evp_local.h"
70		71
@@ -280,17 +281,6 @@ err:
280	return 0;	281	return 0;
281	}	282	}
282		283
283	static void
284	update_buflen(const BIGNUM b, size_t pbuflen)
285	{
286	size_t i;
287
288	if (!b)
289	return;
290	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
291	*pbuflen = i;
292	}
293
294	static int	284	static int
295	dh_param_decode(EVP_PKEY pkey, const unsigned char *pder, int derlen)	285	dh_param_decode(EVP_PKEY pkey, const unsigned char *pder, int derlen)
296	{	286	{
@@ -313,9 +303,7 @@ dh_param_encode(const EVP_PKEY pkey, unsigned char *pder)
313	static int	303	static int
314	do_dh_print(BIO bp, const DH x, int indent, ASN1_PCTX *ctx, int ptype)	304	do_dh_print(BIO bp, const DH x, int indent, ASN1_PCTX *ctx, int ptype)
315	{	305	{
316	unsigned char *m = NULL;
317	int reason = ERR_R_BUF_LIB, ret = 0;	306	int reason = ERR_R_BUF_LIB, ret = 0;
318	size_t buf_len = 0;
319	const char *ktype = NULL;	307	const char *ktype = NULL;
320	BIGNUM priv_key, pub_key;	308	BIGNUM priv_key, pub_key;
321		309
@@ -329,17 +317,6 @@ do_dh_print(BIO bp, const DH x, int indent, ASN1_PCTX *ctx, int ptype)
329	else	317	else
330	pub_key = NULL;	318	pub_key = NULL;
331		319
332	update_buflen(x->p, &buf_len);
333
334	if (buf_len == 0) {
335	reason = ERR_R_PASSED_NULL_PARAMETER;
336	goto err;
337	}
338
339	update_buflen(x->g, &buf_len);
340	update_buflen(pub_key, &buf_len);
341	update_buflen(priv_key, &buf_len);
342
343	if (ptype == 2)	320	if (ptype == 2)
344	ktype = "PKCS#3 DH Private-Key";	321	ktype = "PKCS#3 DH Private-Key";
345	else if (ptype == 1)	322	else if (ptype == 1)
@@ -347,9 +324,8 @@ do_dh_print(BIO bp, const DH x, int indent, ASN1_PCTX *ctx, int ptype)
347	else	324	else
348	ktype = "PKCS#3 DH Parameters";	325	ktype = "PKCS#3 DH Parameters";
349		326
350	m= malloc(buf_len + 10);	327	if (x->p == NULL) {
351	if (m == NULL) {	328	reason = ERR_R_PASSED_NULL_PARAMETER;
352	reason = ERR_R_MALLOC_FAILURE;
353	goto err;	329	goto err;
354	}	330	}
355		331
@@ -359,14 +335,14 @@ do_dh_print(BIO bp, const DH x, int indent, ASN1_PCTX *ctx, int ptype)
359	goto err;	335	goto err;
360	indent += 4;	336	indent += 4;
361		337
362	if (!ASN1_bn_print(bp, "private-key:", priv_key, m, indent))	338	if (!bn_printf(bp, priv_key, indent, "private-key:"))
363	goto err;	339	goto err;
364	if (!ASN1_bn_print(bp, "public-key:", pub_key, m, indent))	340	if (!bn_printf(bp, pub_key, indent, "public-key:"))
365	goto err;	341	goto err;
366		342
367	if (!ASN1_bn_print(bp, "prime:", x->p, m, indent))	343	if (!bn_printf(bp, x->p, indent, "prime:"))
368	goto err;	344	goto err;
369	if (!ASN1_bn_print(bp, "generator:", x->g, m, indent))	345	if (!bn_printf(bp, x->g, indent, "generator:"))
370	goto err;	346	goto err;
371	if (x->length != 0) {	347	if (x->length != 0) {
372	if (!BIO_indent(bp, indent, 128))	348	if (!BIO_indent(bp, indent, 128))
@@ -378,10 +354,9 @@ do_dh_print(BIO bp, const DH x, int indent, ASN1_PCTX *ctx, int ptype)
378		354
379	ret = 1;	355	ret = 1;
380	if (0) {	356	if (0) {
381	err:	357	err:
382	DHerror(reason);	358	DHerror(reason);
383	}	359	}
384	free(m);
385	return(ret);	360	return(ret);
386	}	361	}
387		362


diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c index f282caae06..5a0c3116aa 100644 --- a/src/lib/libcrypto/dsa/dsa_ameth.c +++ b/src/lib/libcrypto/dsa/dsa_ameth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dsa_ameth.c,v 1.42 2023/03/04 21:42:49 tb Exp $ */	1	/* $OpenBSD: dsa_ameth.c,v 1.43 2023/07/07 06:59:18 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.	3	* project 2006.
4	*/	4	*/
@@ -385,25 +385,12 @@ int_dsa_free(EVP_PKEY *pkey)
385	DSA_free(pkey->pkey.dsa);	385	DSA_free(pkey->pkey.dsa);
386	}	386	}
387		387
388	static void
389	update_buflen(const BIGNUM b, size_t pbuflen)
390	{
391	size_t i;
392
393	if (!b)
394	return;
395	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
396	*pbuflen = i;
397	}
398
399	static int	388	static int
400	do_dsa_print(BIO bp, const DSA x, int off, int ptype)	389	do_dsa_print(BIO bp, const DSA x, int off, int ptype)
401	{	390	{
402	unsigned char *m = NULL;
403	int ret = 0;
404	size_t buf_len = 0;
405	const char *ktype = NULL;	391	const char *ktype = NULL;
406	const BIGNUM priv_key, pub_key;	392	const BIGNUM priv_key, pub_key;
		393	int ret = 0;
407		394
408	if (ptype == 2)	395	if (ptype == 2)
409	priv_key = x->priv_key;	396	priv_key = x->priv_key;
@@ -422,18 +409,6 @@ do_dsa_print(BIO bp, const DSA x, int off, int ptype)
422	else	409	else
423	ktype = "DSA-Parameters";	410	ktype = "DSA-Parameters";
424		411
425	update_buflen(x->p, &buf_len);
426	update_buflen(x->q, &buf_len);
427	update_buflen(x->g, &buf_len);
428	update_buflen(priv_key, &buf_len);
429	update_buflen(pub_key, &buf_len);
430
431	m = malloc(buf_len + 10);
432	if (m == NULL) {
433	DSAerror(ERR_R_MALLOC_FAILURE);
434	goto err;
435	}
436
437	if (priv_key) {	412	if (priv_key) {
438	if (!BIO_indent(bp, off, 128))	413	if (!BIO_indent(bp, off, 128))
439	goto err;	414	goto err;
@@ -442,19 +417,20 @@ do_dsa_print(BIO bp, const DSA x, int off, int ptype)
442	goto err;	417	goto err;
443	}	418	}
444		419
445	if (!ASN1_bn_print(bp, "priv:", priv_key, m, off))	420	if (!bn_printf(bp, priv_key, off, "priv:"))
446	goto err;	421	goto err;
447	if (!ASN1_bn_print(bp, "pub: ", pub_key, m, off))	422	if (!bn_printf(bp, pub_key, off, "pub: "))
448	goto err;	423	goto err;
449	if (!ASN1_bn_print(bp, "P: ", x->p, m, off))	424	if (!bn_printf(bp, x->p, off, "P: "))
450	goto err;	425	goto err;
451	if (!ASN1_bn_print(bp, "Q: ", x->q, m, off))	426	if (!bn_printf(bp, x->q, off, "Q: "))
452	goto err;	427	goto err;
453	if (!ASN1_bn_print(bp, "G: ", x->g, m, off))	428	if (!bn_printf(bp, x->g, off, "G: "))
454	goto err;	429	goto err;
		430
455	ret = 1;	431	ret = 1;
456	err:	432
457	free(m);	433	err:
458	return ret;	434	return ret;
459	}	435	}
460		436
@@ -594,27 +570,16 @@ dsa_sig_print(BIO bp, const X509_ALGOR sigalg, const ASN1_STRING *sig,
594	dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);	570	dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
595	if (dsa_sig) {	571	if (dsa_sig) {
596	int rv = 0;	572	int rv = 0;
597	size_t buf_len = 0;
598	unsigned char *m = NULL;
599
600	update_buflen(dsa_sig->r, &buf_len);
601	update_buflen(dsa_sig->s, &buf_len);
602	m = malloc(buf_len + 10);
603	if (m == NULL) {
604	DSAerror(ERR_R_MALLOC_FAILURE);
605	goto err;
606	}
607		573
608	if (BIO_write(bp, "\n", 1) != 1)	574	if (BIO_write(bp, "\n", 1) != 1)
609	goto err;	575	goto err;
610		576
611	if (!ASN1_bn_print(bp, "r: ", dsa_sig->r, m, indent))	577	if (!bn_printf(bp, dsa_sig->r, indent, "r: "))
612	goto err;	578	goto err;
613	if (!ASN1_bn_print(bp, "s: ", dsa_sig->s, m, indent))	579	if (!bn_printf(bp, dsa_sig->s, indent, "s: "))
614	goto err;	580	goto err;
615	rv = 1;	581	rv = 1;
616	err:	582	err:
617	free(m);
618	DSA_SIG_free(dsa_sig);	583	DSA_SIG_free(dsa_sig);
619	return rv;	584	return rv;
620	}	585	}


diff --git a/src/lib/libcrypto/ec/ec_ameth.c b/src/lib/libcrypto/ec/ec_ameth.c index 8676ace9d8..49ae80494d 100644 --- a/src/lib/libcrypto/ec/ec_ameth.c +++ b/src/lib/libcrypto/ec/ec_ameth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ec_ameth.c,v 1.40 2023/07/03 09:25:44 tb Exp $ */	1	/* $OpenBSD: ec_ameth.c,v 1.41 2023/07/07 06:59:18 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.	3	* project 2006.
4	*/	4	*/
@@ -427,9 +427,7 @@ int_ec_free(EVP_PKEY *pkey)
427	static int	427	static int
428	do_EC_KEY_print(BIO bp, const EC_KEY x, int off, int ktype)	428	do_EC_KEY_print(BIO bp, const EC_KEY x, int off, int ktype)
429	{	429	{
430	unsigned char *buffer = NULL;
431	const char *ecstr;	430	const char *ecstr;
432	size_t buf_len = 0, i;
433	int ret = 0, reason = ERR_R_BIO_LIB;	431	int ret = 0, reason = ERR_R_BIO_LIB;
434	BIGNUM *pub_key = NULL;	432	BIGNUM *pub_key = NULL;
435	BN_CTX *ctx = NULL;	433	BN_CTX *ctx = NULL;
@@ -454,24 +452,13 @@ do_EC_KEY_print(BIO bp, const EC_KEY x, int off, int ktype)
454	reason = ERR_R_EC_LIB;	452	reason = ERR_R_EC_LIB;
455	goto err;	453	goto err;
456	}	454	}
457	if (pub_key)
458	buf_len = (size_t) BN_num_bytes(pub_key);
459	}	455	}
460	}	456	}
461	if (ktype == 2) {	457	if (ktype == 2) {
462	priv_key = EC_KEY_get0_private_key(x);	458	priv_key = EC_KEY_get0_private_key(x);
463	if (priv_key && (i = (size_t) BN_num_bytes(priv_key)) > buf_len)
464	buf_len = i;
465	} else	459	} else
466	priv_key = NULL;	460	priv_key = NULL;
467		461
468	if (ktype > 0) {
469	buf_len += 10;
470	if ((buffer = malloc(buf_len)) == NULL) {
471	reason = ERR_R_MALLOC_FAILURE;
472	goto err;
473	}
474	}
475	if (ktype == 2)	462	if (ktype == 2)
476	ecstr = "Private-Key";	463	ecstr = "Private-Key";
477	else if (ktype == 1)	464	else if (ktype == 1)
@@ -485,19 +472,21 @@ do_EC_KEY_print(BIO bp, const EC_KEY x, int off, int ktype)
485	EC_GROUP_order_bits(group)) <= 0)	472	EC_GROUP_order_bits(group)) <= 0)
486	goto err;	473	goto err;
487		474
488	if (!ASN1_bn_print(bp, "priv:", priv_key, buffer, off))	475	if (!bn_printf(bp, priv_key, off, "priv:"))
489	goto err;	476	goto err;
490	if (!ASN1_bn_print(bp, "pub: ", pub_key, buffer, off))	477	if (!bn_printf(bp, pub_key, off, "pub: "))
491	goto err;	478	goto err;
492	if (!ECPKParameters_print(bp, group, off))	479	if (!ECPKParameters_print(bp, group, off))
493	goto err;	480	goto err;
		481
494	ret = 1;	482	ret = 1;
		483
495	err:	484	err:
496	if (!ret)	485	if (!ret)
497	ECerror(reason);	486	ECerror(reason);
498	BN_free(pub_key);	487	BN_free(pub_key);
499	BN_CTX_free(ctx);	488	BN_CTX_free(ctx);
500	free(buffer);	489
501	return (ret);	490	return (ret);
502	}	491	}
503		492


diff --git a/src/lib/libcrypto/rsa/rsa_ameth.c b/src/lib/libcrypto/rsa/rsa_ameth.c index 1cf2069a18..825a9f4447 100644 --- a/src/lib/libcrypto/rsa/rsa_ameth.c +++ b/src/lib/libcrypto/rsa/rsa_ameth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_ameth.c,v 1.29 2023/05/19 17:31:20 tb Exp $ */	1	/* $OpenBSD: rsa_ameth.c,v 1.30 2023/07/07 06:59:18 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.	3	* project 2006.
4	*/	4	*/
@@ -68,6 +68,7 @@
68	#include <openssl/x509.h>	68	#include <openssl/x509.h>
69		69
70	#include "asn1_local.h"	70	#include "asn1_local.h"
		71	#include "bn_local.h"
71	#include "cryptlib.h"	72	#include "cryptlib.h"
72	#include "evp_local.h"	73	#include "evp_local.h"
73	#include "rsa_local.h"	74	#include "rsa_local.h"
@@ -408,44 +409,13 @@ rsa_pss_param_print(BIO bp, int pss_key, RSA_PSS_PARAMS pss, int indent)
408		409
409	}	410	}
410		411
411	static void
412	update_buflen(const BIGNUM b, size_t pbuflen)
413	{
414	size_t i;
415
416	if (!b)
417	return;
418	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
419	*pbuflen = i;
420	}
421
422	static int	412	static int
423	pkey_rsa_print(BIO bp, const EVP_PKEY pkey, int off, int priv)	413	pkey_rsa_print(BIO bp, const EVP_PKEY pkey, int off, int priv)
424	{	414	{
425	const RSA *x = pkey->pkey.rsa;	415	const RSA *x = pkey->pkey.rsa;
426	unsigned char *m = NULL;
427	char *str;	416	char *str;
428	const char *s;	417	const char *s;
429	int ret = 0, mod_len = 0;	418	int ret = 0, mod_len = 0;
430	size_t buf_len = 0;
431
432	update_buflen(x->n, &buf_len);
433	update_buflen(x->e, &buf_len);
434
435	if (priv) {
436	update_buflen(x->d, &buf_len);
437	update_buflen(x->p, &buf_len);
438	update_buflen(x->q, &buf_len);
439	update_buflen(x->dmp1, &buf_len);
440	update_buflen(x->dmq1, &buf_len);
441	update_buflen(x->iqmp, &buf_len);
442	}
443
444	m = malloc(buf_len + 10);
445	if (m == NULL) {
446	RSAerror(ERR_R_MALLOC_FAILURE);
447	goto err;
448	}
449		419
450	if (x->n != NULL)	420	if (x->n != NULL)
451	mod_len = BN_num_bits(x->n);	421	mod_len = BN_num_bits(x->n);
@@ -467,29 +437,28 @@ pkey_rsa_print(BIO bp, const EVP_PKEY pkey, int off, int priv)
467	str = "Modulus:";	437	str = "Modulus:";
468	s = "Exponent:";	438	s = "Exponent:";
469	}	439	}
470	if (!ASN1_bn_print(bp, str, x->n, m, off))	440	if (!bn_printf(bp, x->n, off, "%s", str))
471	goto err;	441	goto err;
472	if (!ASN1_bn_print(bp, s, x->e, m, off))	442	if (!bn_printf(bp, x->e, off, "%s", s))
473	goto err;	443	goto err;
474	if (priv) {	444	if (priv) {
475	if (!ASN1_bn_print(bp, "privateExponent:", x->d, m, off))	445	if (!bn_printf(bp, x->d, off, "privateExponent:"))
476	goto err;	446	goto err;
477	if (!ASN1_bn_print(bp, "prime1:", x->p, m, off))	447	if (!bn_printf(bp, x->p, off, "prime1:"))
478	goto err;	448	goto err;
479	if (!ASN1_bn_print(bp, "prime2:", x->q, m, off))	449	if (!bn_printf(bp, x->q, off, "prime2:"))
480	goto err;	450	goto err;
481	if (!ASN1_bn_print(bp, "exponent1:", x->dmp1, m, off))	451	if (!bn_printf(bp, x->dmp1, off, "exponent1:"))
482	goto err;	452	goto err;
483	if (!ASN1_bn_print(bp, "exponent2:", x->dmq1, m, off))	453	if (!bn_printf(bp, x->dmq1, off, "exponent2:"))
484	goto err;	454	goto err;
485	if (!ASN1_bn_print(bp, "coefficient:", x->iqmp, m, off))	455	if (!bn_printf(bp, x->iqmp, off, "coefficient:"))
486	goto err;	456	goto err;
487	}	457	}
488	if (pkey_is_pss(pkey) && !rsa_pss_param_print(bp, 1, x->pss, off))	458	if (pkey_is_pss(pkey) && !rsa_pss_param_print(bp, 1, x->pss, off))
489	goto err;	459	goto err;
490	ret = 1;	460	ret = 1;
491	err:	461	err:
492	free(m);
493	return ret;	462	return ret;
494	}	463	}
495		464