summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authortb <>2023-08-10 15:11:16 +0000
committertb <>2023-08-10 15:11:16 +0000
commitb112c0ec4697a4e29bb49c1f6bcec3123dae7873 (patch)
tree8b2adeb365ee4ac1a769735df0410ecf7de69dc7 /src
parent3c2cb2633347857266edec5c36b278a2eb7b13fd (diff)
downloadopenbsd-b112c0ec4697a4e29bb49c1f6bcec3123dae7873.tar.gz
openbsd-b112c0ec4697a4e29bb49c1f6bcec3123dae7873.tar.bz2
openbsd-b112c0ec4697a4e29bb49c1f6bcec3123dae7873.zip
Clean up {dh,dsa}_pub_encode()
This brings these two messy functions into more usual shape. There is a lot more that can be done in here. It is a step in the right direction. ok jsing
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/dh/dh_ameth.c55
-rw-r--r--src/lib/libcrypto/dsa/dsa_ameth.c45
2 files changed, 54 insertions, 46 deletions
diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c
index 12f2db7b8e..3898db89f0 100644
--- a/src/lib/libcrypto/dh/dh_ameth.c
+++ b/src/lib/libcrypto/dh/dh_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_ameth.c,v 1.31 2023/08/10 09:43:51 tb Exp $ */ 1/* $OpenBSD: dh_ameth.c,v 1.32 2023/08/10 15:11:16 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -130,48 +130,49 @@ err:
130static int 130static int
131dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) 131dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
132{ 132{
133 DH *dh; 133 const DH *dh = pkey->pkey.dh;
134 int ptype; 134 ASN1_STRING *str = NULL;
135 unsigned char *penc = NULL; 135 int ptype = V_ASN1_SEQUENCE;
136 int penclen;
137 ASN1_STRING *str;
138 ASN1_INTEGER *pub_key = NULL; 136 ASN1_INTEGER *pub_key = NULL;
137 ASN1_OBJECT *aobj;
138 unsigned char *data = NULL, *penc = NULL;
139 int datalen = 0, penclen = 0;
139 140
140 dh=pkey->pkey.dh; 141 if ((datalen = i2d_DHparams(dh, &data)) <= 0) {
141
142 str = ASN1_STRING_new();
143 if (str == NULL) {
144 DHerror(ERR_R_MALLOC_FAILURE); 142 DHerror(ERR_R_MALLOC_FAILURE);
143 datalen = 0;
145 goto err; 144 goto err;
146 } 145 }
147 146 if ((str = ASN1_STRING_new()) == NULL) {
148 str->length = i2d_DHparams(dh, &str->data);
149 if (str->length <= 0) {
150 DHerror(ERR_R_MALLOC_FAILURE); 147 DHerror(ERR_R_MALLOC_FAILURE);
151 goto err; 148 goto err;
152 } 149 }
153 ptype = V_ASN1_SEQUENCE; 150 ASN1_STRING_set0(str, data, datalen);
151 data = NULL;
152 datalen = 0;
154 153
155 pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL); 154 if ((pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL)) == NULL)
156 if (!pub_key)
157 goto err; 155 goto err;
158 156 if ((penclen = i2d_ASN1_INTEGER(pub_key, &penc)) <= 0) {
159 penclen = i2d_ASN1_INTEGER(pub_key, &penc); 157 DHerror(ERR_R_MALLOC_FAILURE);
160 158 penclen = 0;
159 goto err;
160 }
161 ASN1_INTEGER_free(pub_key); 161 ASN1_INTEGER_free(pub_key);
162 pub_key = NULL;
162 163
163 if (penclen <= 0) { 164 if ((aobj = OBJ_nid2obj(EVP_PKEY_DH)) == NULL)
164 DHerror(ERR_R_MALLOC_FAILURE); 165 goto err;
166 if (!X509_PUBKEY_set0_param(pk, aobj, ptype, str, penc, penclen))
165 goto err; 167 goto err;
166 }
167 168
168 if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH), ptype, 169 return 1;
169 (void *)str, penc, penclen))
170 return 1;
171 170
172err: 171 err:
173 free(penc);
174 ASN1_STRING_free(str); 172 ASN1_STRING_free(str);
173 ASN1_INTEGER_free(pub_key);
174 freezero(data, datalen);
175 freezero(penc, penclen);
175 176
176 return 0; 177 return 0;
177} 178}
diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c
index ad5aa09cd0..aab4588b5a 100644
--- a/src/lib/libcrypto/dsa/dsa_ameth.c
+++ b/src/lib/libcrypto/dsa/dsa_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_ameth.c,v 1.44 2023/08/10 09:43:51 tb Exp $ */ 1/* $OpenBSD: dsa_ameth.c,v 1.45 2023/08/10 15:11:16 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -138,47 +138,54 @@ err:
138static int 138static int
139dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) 139dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
140{ 140{
141 DSA *dsa; 141 const DSA *dsa = pkey->pkey.dsa;
142 ASN1_INTEGER *pubint = NULL;
143 ASN1_STRING *str = NULL; 142 ASN1_STRING *str = NULL;
144 int ptype = V_ASN1_UNDEF; 143 int ptype = V_ASN1_UNDEF;
145 unsigned char *penc = NULL; 144 ASN1_INTEGER *pub_key = NULL;
146 int penclen; 145 ASN1_OBJECT *aobj;
146 unsigned char *data = NULL, *penc = NULL;
147 int datalen = 0, penclen = 0;
147 148
148 dsa = pkey->pkey.dsa;
149 if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) { 149 if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
150 if ((str = ASN1_STRING_new()) == NULL) { 150 if ((datalen = i2d_DSAparams(dsa, &data)) <= 0) {
151 DSAerror(ERR_R_MALLOC_FAILURE); 151 DSAerror(ERR_R_MALLOC_FAILURE);
152 datalen = 0;
152 goto err; 153 goto err;
153 } 154 }
154 str->length = i2d_DSAparams(dsa, &str->data); 155 if ((str = ASN1_STRING_new()) == NULL) {
155 if (str->length <= 0) {
156 DSAerror(ERR_R_MALLOC_FAILURE); 156 DSAerror(ERR_R_MALLOC_FAILURE);
157 goto err; 157 goto err;
158 } 158 }
159 ASN1_STRING_set0(str, data, datalen);
160 data = NULL;
161 datalen = 0;
159 ptype = V_ASN1_SEQUENCE; 162 ptype = V_ASN1_SEQUENCE;
160 } 163 }
161 164
162 if ((pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL)) == NULL) { 165 if ((pub_key = BN_to_ASN1_INTEGER(dsa->pub_key, NULL)) == NULL) {
163 DSAerror(ERR_R_MALLOC_FAILURE); 166 DSAerror(ERR_R_MALLOC_FAILURE);
164 goto err; 167 goto err;
165 } 168 }
166 169 if ((penclen = i2d_ASN1_INTEGER(pub_key, &penc)) <= 0) {
167 penclen = i2d_ASN1_INTEGER(pubint, &penc);
168 ASN1_INTEGER_free(pubint);
169
170 if (penclen <= 0) {
171 DSAerror(ERR_R_MALLOC_FAILURE); 170 DSAerror(ERR_R_MALLOC_FAILURE);
171 penclen = 0;
172 goto err; 172 goto err;
173 } 173 }
174 ASN1_INTEGER_free(pub_key);
175 pub_key = NULL;
174 176
175 if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), ptype, str, 177 if ((aobj = OBJ_nid2obj(EVP_PKEY_DSA)) == NULL)
176 penc, penclen)) 178 goto err;
177 return 1; 179 if (!X509_PUBKEY_set0_param(pk, aobj, ptype, str, penc, penclen))
180 goto err;
181
182 return 1;
178 183
179 err: 184 err:
180 free(penc);
181 ASN1_STRING_free(str); 185 ASN1_STRING_free(str);
186 ASN1_INTEGER_free(pub_key);
187 freezero(data, datalen);
188 freezero(penc, penclen);
182 189
183 return 0; 190 return 0;
184} 191}