diff options
author | tb <> | 2023-08-10 15:11:16 +0000 |
---|---|---|
committer | tb <> | 2023-08-10 15:11:16 +0000 |
commit | b112c0ec4697a4e29bb49c1f6bcec3123dae7873 (patch) | |
tree | 8b2adeb365ee4ac1a769735df0410ecf7de69dc7 /src | |
parent | 3c2cb2633347857266edec5c36b278a2eb7b13fd (diff) | |
download | openbsd-b112c0ec4697a4e29bb49c1f6bcec3123dae7873.tar.gz openbsd-b112c0ec4697a4e29bb49c1f6bcec3123dae7873.tar.bz2 openbsd-b112c0ec4697a4e29bb49c1f6bcec3123dae7873.zip |
Clean up {dh,dsa}_pub_encode()
This brings these two messy functions into more usual shape. There is a
lot more that can be done in here. It is a step in the right direction.
ok jsing
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/libcrypto/dh/dh_ameth.c | 55 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa_ameth.c | 45 |
2 files changed, 54 insertions, 46 deletions
diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c index 12f2db7b8e..3898db89f0 100644 --- a/src/lib/libcrypto/dh/dh_ameth.c +++ b/src/lib/libcrypto/dh/dh_ameth.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dh_ameth.c,v 1.31 2023/08/10 09:43:51 tb Exp $ */ | 1 | /* $OpenBSD: dh_ameth.c,v 1.32 2023/08/10 15:11:16 tb Exp $ */ |
2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 | * project 2006. | 3 | * project 2006. |
4 | */ | 4 | */ |
@@ -130,48 +130,49 @@ err: | |||
130 | static int | 130 | static int |
131 | dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) | 131 | dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) |
132 | { | 132 | { |
133 | DH *dh; | 133 | const DH *dh = pkey->pkey.dh; |
134 | int ptype; | 134 | ASN1_STRING *str = NULL; |
135 | unsigned char *penc = NULL; | 135 | int ptype = V_ASN1_SEQUENCE; |
136 | int penclen; | ||
137 | ASN1_STRING *str; | ||
138 | ASN1_INTEGER *pub_key = NULL; | 136 | ASN1_INTEGER *pub_key = NULL; |
137 | ASN1_OBJECT *aobj; | ||
138 | unsigned char *data = NULL, *penc = NULL; | ||
139 | int datalen = 0, penclen = 0; | ||
139 | 140 | ||
140 | dh=pkey->pkey.dh; | 141 | if ((datalen = i2d_DHparams(dh, &data)) <= 0) { |
141 | |||
142 | str = ASN1_STRING_new(); | ||
143 | if (str == NULL) { | ||
144 | DHerror(ERR_R_MALLOC_FAILURE); | 142 | DHerror(ERR_R_MALLOC_FAILURE); |
143 | datalen = 0; | ||
145 | goto err; | 144 | goto err; |
146 | } | 145 | } |
147 | 146 | if ((str = ASN1_STRING_new()) == NULL) { | |
148 | str->length = i2d_DHparams(dh, &str->data); | ||
149 | if (str->length <= 0) { | ||
150 | DHerror(ERR_R_MALLOC_FAILURE); | 147 | DHerror(ERR_R_MALLOC_FAILURE); |
151 | goto err; | 148 | goto err; |
152 | } | 149 | } |
153 | ptype = V_ASN1_SEQUENCE; | 150 | ASN1_STRING_set0(str, data, datalen); |
151 | data = NULL; | ||
152 | datalen = 0; | ||
154 | 153 | ||
155 | pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL); | 154 | if ((pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL)) == NULL) |
156 | if (!pub_key) | ||
157 | goto err; | 155 | goto err; |
158 | 156 | if ((penclen = i2d_ASN1_INTEGER(pub_key, &penc)) <= 0) { | |
159 | penclen = i2d_ASN1_INTEGER(pub_key, &penc); | 157 | DHerror(ERR_R_MALLOC_FAILURE); |
160 | 158 | penclen = 0; | |
159 | goto err; | ||
160 | } | ||
161 | ASN1_INTEGER_free(pub_key); | 161 | ASN1_INTEGER_free(pub_key); |
162 | pub_key = NULL; | ||
162 | 163 | ||
163 | if (penclen <= 0) { | 164 | if ((aobj = OBJ_nid2obj(EVP_PKEY_DH)) == NULL) |
164 | DHerror(ERR_R_MALLOC_FAILURE); | 165 | goto err; |
166 | if (!X509_PUBKEY_set0_param(pk, aobj, ptype, str, penc, penclen)) | ||
165 | goto err; | 167 | goto err; |
166 | } | ||
167 | 168 | ||
168 | if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH), ptype, | 169 | return 1; |
169 | (void *)str, penc, penclen)) | ||
170 | return 1; | ||
171 | 170 | ||
172 | err: | 171 | err: |
173 | free(penc); | ||
174 | ASN1_STRING_free(str); | 172 | ASN1_STRING_free(str); |
173 | ASN1_INTEGER_free(pub_key); | ||
174 | freezero(data, datalen); | ||
175 | freezero(penc, penclen); | ||
175 | 176 | ||
176 | return 0; | 177 | return 0; |
177 | } | 178 | } |
diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c index ad5aa09cd0..aab4588b5a 100644 --- a/src/lib/libcrypto/dsa/dsa_ameth.c +++ b/src/lib/libcrypto/dsa/dsa_ameth.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dsa_ameth.c,v 1.44 2023/08/10 09:43:51 tb Exp $ */ | 1 | /* $OpenBSD: dsa_ameth.c,v 1.45 2023/08/10 15:11:16 tb Exp $ */ |
2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 | * project 2006. | 3 | * project 2006. |
4 | */ | 4 | */ |
@@ -138,47 +138,54 @@ err: | |||
138 | static int | 138 | static int |
139 | dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) | 139 | dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) |
140 | { | 140 | { |
141 | DSA *dsa; | 141 | const DSA *dsa = pkey->pkey.dsa; |
142 | ASN1_INTEGER *pubint = NULL; | ||
143 | ASN1_STRING *str = NULL; | 142 | ASN1_STRING *str = NULL; |
144 | int ptype = V_ASN1_UNDEF; | 143 | int ptype = V_ASN1_UNDEF; |
145 | unsigned char *penc = NULL; | 144 | ASN1_INTEGER *pub_key = NULL; |
146 | int penclen; | 145 | ASN1_OBJECT *aobj; |
146 | unsigned char *data = NULL, *penc = NULL; | ||
147 | int datalen = 0, penclen = 0; | ||
147 | 148 | ||
148 | dsa = pkey->pkey.dsa; | ||
149 | if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) { | 149 | if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) { |
150 | if ((str = ASN1_STRING_new()) == NULL) { | 150 | if ((datalen = i2d_DSAparams(dsa, &data)) <= 0) { |
151 | DSAerror(ERR_R_MALLOC_FAILURE); | 151 | DSAerror(ERR_R_MALLOC_FAILURE); |
152 | datalen = 0; | ||
152 | goto err; | 153 | goto err; |
153 | } | 154 | } |
154 | str->length = i2d_DSAparams(dsa, &str->data); | 155 | if ((str = ASN1_STRING_new()) == NULL) { |
155 | if (str->length <= 0) { | ||
156 | DSAerror(ERR_R_MALLOC_FAILURE); | 156 | DSAerror(ERR_R_MALLOC_FAILURE); |
157 | goto err; | 157 | goto err; |
158 | } | 158 | } |
159 | ASN1_STRING_set0(str, data, datalen); | ||
160 | data = NULL; | ||
161 | datalen = 0; | ||
159 | ptype = V_ASN1_SEQUENCE; | 162 | ptype = V_ASN1_SEQUENCE; |
160 | } | 163 | } |
161 | 164 | ||
162 | if ((pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL)) == NULL) { | 165 | if ((pub_key = BN_to_ASN1_INTEGER(dsa->pub_key, NULL)) == NULL) { |
163 | DSAerror(ERR_R_MALLOC_FAILURE); | 166 | DSAerror(ERR_R_MALLOC_FAILURE); |
164 | goto err; | 167 | goto err; |
165 | } | 168 | } |
166 | 169 | if ((penclen = i2d_ASN1_INTEGER(pub_key, &penc)) <= 0) { | |
167 | penclen = i2d_ASN1_INTEGER(pubint, &penc); | ||
168 | ASN1_INTEGER_free(pubint); | ||
169 | |||
170 | if (penclen <= 0) { | ||
171 | DSAerror(ERR_R_MALLOC_FAILURE); | 170 | DSAerror(ERR_R_MALLOC_FAILURE); |
171 | penclen = 0; | ||
172 | goto err; | 172 | goto err; |
173 | } | 173 | } |
174 | ASN1_INTEGER_free(pub_key); | ||
175 | pub_key = NULL; | ||
174 | 176 | ||
175 | if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), ptype, str, | 177 | if ((aobj = OBJ_nid2obj(EVP_PKEY_DSA)) == NULL) |
176 | penc, penclen)) | 178 | goto err; |
177 | return 1; | 179 | if (!X509_PUBKEY_set0_param(pk, aobj, ptype, str, penc, penclen)) |
180 | goto err; | ||
181 | |||
182 | return 1; | ||
178 | 183 | ||
179 | err: | 184 | err: |
180 | free(penc); | ||
181 | ASN1_STRING_free(str); | 185 | ASN1_STRING_free(str); |
186 | ASN1_INTEGER_free(pub_key); | ||
187 | freezero(data, datalen); | ||
188 | freezero(penc, penclen); | ||
182 | 189 | ||
183 | return 0; | 190 | return 0; |
184 | } | 191 | } |