Use X509_ALGOR_get0() in ecdh_cms_set_shared_info()

This makes things slightly less gross since it involves less reaching into nested ASN.1 structures. But don't get the idea that this means the code is now clean. ok jsing
author: tb <> 2024-04-18 11:53:40 +0000
committer: tb <> 2024-04-18 11:53:40 +0000
commit: c2689a3130614712fc04ce8148aaec04a3a51873 (patch)
tree: ce0036a984f22cd2bcf9aad022d73571f323127a /src
parent: 234c1d2673681d3e4a56440ba30ec613fe3dc127 (diff)
download: openbsd-c2689a3130614712fc04ce8148aaec04a3a51873.tar.gz
openbsd-c2689a3130614712fc04ce8148aaec04a3a51873.tar.bz2
openbsd-c2689a3130614712fc04ce8148aaec04a3a51873.zip
1 files changed, 14 insertions, 6 deletions
diff --git a/src/lib/libcrypto/ec/ec_ameth.c b/src/lib/libcrypto/ec/ec_ameth.c
index 883832ff7d..313d21823d 100644
--- a/src/lib/libcrypto/ec/ec_ameth.c
+++ b/src/lib/libcrypto/ec/ec_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_ameth.c,v 1.65 2024/04/18 11:51:53 tb Exp $ */
+/* $OpenBSD: ec_ameth.c,v 1.66 2024/04/18 11:53:40 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -820,6 +820,10 @@ static int
 ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
 {
        X509_ALGOR *alg, *kekalg = NULL;
+        const ASN1_OBJECT *obj;
+        int nid;
+        const void *parameter;
+        int parameter_type;
        ASN1_OCTET_STRING *ukm;
        const unsigned char *p;
        unsigned char *der = NULL;
@@ -831,16 +835,20 @@ ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
        if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
                goto err;
-        if (!ecdh_cms_set_kdf_param(pctx, OBJ_obj2nid(alg->algorithm))) {
+        X509_ALGOR_get0(&obj, &parameter_type, &parameter, alg);
+        if ((nid = OBJ_obj2nid(obj)) == NID_undef)
+                goto err;
+        if (!ecdh_cms_set_kdf_param(pctx, nid)) {
                ECerror(EC_R_KDF_PARAMETER_ERROR);
                goto err;
        }
-        if (alg->parameter->type != V_ASN1_SEQUENCE)
+        if (parameter_type != V_ASN1_SEQUENCE)
                goto err;
+        if ((p = ASN1_STRING_get0_data(parameter)) == NULL)
-        p = alg->parameter->value.sequence->data;
+                goto err;
-        plen = alg->parameter->value.sequence->length;
+        plen = ASN1_STRING_length(parameter);
        if ((kekalg = d2i_X509_ALGOR(NULL, &p, plen)) == NULL)
                goto err;
        if ((kekctx = CMS_RecipientInfo_kari_get0_ctx(ri)) == NULL)
author	tb <>	2024-04-18 11:53:40 +0000
committer	tb <>	2024-04-18 11:53:40 +0000
commit	c2689a3130614712fc04ce8148aaec04a3a51873 (patch)
tree	ce0036a984f22cd2bcf9aad022d73571f323127a /src
parent	234c1d2673681d3e4a56440ba30ec613fe3dc127 (diff)
download	openbsd-c2689a3130614712fc04ce8148aaec04a3a51873.tar.gz openbsd-c2689a3130614712fc04ce8148aaec04a3a51873.tar.bz2 openbsd-c2689a3130614712fc04ce8148aaec04a3a51873.zip

diff --git a/src/lib/libcrypto/ec/ec_ameth.c b/src/lib/libcrypto/ec/ec_ameth.c index 883832ff7d..313d21823d 100644 --- a/src/lib/libcrypto/ec/ec_ameth.c +++ b/src/lib/libcrypto/ec/ec_ameth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ec_ameth.c,v 1.65 2024/04/18 11:51:53 tb Exp $ */	1	/* $OpenBSD: ec_ameth.c,v 1.66 2024/04/18 11:53:40 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.	3	* project 2006.
4	*/	4	*/
@@ -820,6 +820,10 @@ static int
820	ecdh_cms_set_shared_info(EVP_PKEY_CTX pctx, CMS_RecipientInfo ri)	820	ecdh_cms_set_shared_info(EVP_PKEY_CTX pctx, CMS_RecipientInfo ri)
821	{	821	{
822	X509_ALGOR alg, kekalg = NULL;	822	X509_ALGOR alg, kekalg = NULL;
		823	const ASN1_OBJECT *obj;
		824	int nid;
		825	const void *parameter;
		826	int parameter_type;
823	ASN1_OCTET_STRING *ukm;	827	ASN1_OCTET_STRING *ukm;
824	const unsigned char *p;	828	const unsigned char *p;
825	unsigned char *der = NULL;	829	unsigned char *der = NULL;
@@ -831,16 +835,20 @@ ecdh_cms_set_shared_info(EVP_PKEY_CTX pctx, CMS_RecipientInfo ri)
831	if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))	835	if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
832	goto err;	836	goto err;
833		837
834	if (!ecdh_cms_set_kdf_param(pctx, OBJ_obj2nid(alg->algorithm))) {	838	X509_ALGOR_get0(&obj, &parameter_type, &parameter, alg);
		839
		840	if ((nid = OBJ_obj2nid(obj)) == NID_undef)
		841	goto err;
		842	if (!ecdh_cms_set_kdf_param(pctx, nid)) {
835	ECerror(EC_R_KDF_PARAMETER_ERROR);	843	ECerror(EC_R_KDF_PARAMETER_ERROR);
836	goto err;	844	goto err;
837	}	845	}
838		846
839	if (alg->parameter->type != V_ASN1_SEQUENCE)	847	if (parameter_type != V_ASN1_SEQUENCE)
840	goto err;	848	goto err;
841		849	if ((p = ASN1_STRING_get0_data(parameter)) == NULL)
842	p = alg->parameter->value.sequence->data;	850	goto err;
843	plen = alg->parameter->value.sequence->length;	851	plen = ASN1_STRING_length(parameter);
844	if ((kekalg = d2i_X509_ALGOR(NULL, &p, plen)) == NULL)	852	if ((kekalg = d2i_X509_ALGOR(NULL, &p, plen)) == NULL)
845	goto err;	853	goto err;
846	if ((kekctx = CMS_RecipientInfo_kari_get0_ctx(ri)) == NULL)	854	if ((kekctx = CMS_RecipientInfo_kari_get0_ctx(ri)) == NULL)