diff options
| author | tb <> | 2022-05-24 20:20:19 +0000 |
|---|---|---|
| committer | tb <> | 2022-05-24 20:20:19 +0000 |
| commit | ff91cf8b698d5ab331f8b7447009f7b254aac779 (patch) | |
| tree | 8d30b5a757803dd178a7aa8b7aa3de069840c50a /src | |
| parent | e10e3f1508de3bcfc278adc5e63ee08c206e14e4 (diff) | |
| download | openbsd-ff91cf8b698d5ab331f8b7447009f7b254aac779.tar.gz openbsd-ff91cf8b698d5ab331f8b7447009f7b254aac779.tar.bz2 openbsd-ff91cf8b698d5ab331f8b7447009f7b254aac779.zip | |
Clean up ASN1_item_sign_ctx() a little
Instead of inl, outl, and outll, use in_len, out_len, and buf_out_len.
Use the appropriate types for them. Check return values properly, check
for overflow. Remove some unnecessary casts and add some for readability.
Use asn1_abs_set_unused_bits() instead of inlining it.
This removes the last direct consumer of ASN1_STRING_FLAG_BITS_LEFT
outside of asn1/a_bitstr.c. The flag is still mentioned in x509/x509_addr.c
but that will hopefully go away soon.
tweaks/ok jsing
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/asn1/asn1_item.c | 63 |
1 files changed, 38 insertions, 25 deletions
diff --git a/src/lib/libcrypto/asn1/asn1_item.c b/src/lib/libcrypto/asn1/asn1_item.c index 108f272b8c..f133f9b46c 100644 --- a/src/lib/libcrypto/asn1/asn1_item.c +++ b/src/lib/libcrypto/asn1/asn1_item.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: asn1_item.c,v 1.4 2022/01/14 08:38:05 tb Exp $ */ | 1 | /* $OpenBSD: asn1_item.c,v 1.5 2022/05/24 20:20:19 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -234,9 +234,11 @@ ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 234 | const EVP_MD *type; | 234 | const EVP_MD *type; |
| 235 | EVP_PKEY *pkey; | 235 | EVP_PKEY *pkey; |
| 236 | unsigned char *buf_in = NULL, *buf_out = NULL; | 236 | unsigned char *buf_in = NULL, *buf_out = NULL; |
| 237 | size_t inl = 0, outl = 0, outll = 0; | 237 | size_t buf_out_len = 0; |
| 238 | int in_len = 0, out_len = 0; | ||
| 238 | int signid, paramtype; | 239 | int signid, paramtype; |
| 239 | int rv; | 240 | int rv = 2; |
| 241 | int ret = 0; | ||
| 240 | 242 | ||
| 241 | type = EVP_MD_CTX_md(ctx); | 243 | type = EVP_MD_CTX_md(ctx); |
| 242 | pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); | 244 | pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); |
| @@ -250,7 +252,7 @@ ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 250 | rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, | 252 | rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, |
| 251 | signature); | 253 | signature); |
| 252 | if (rv == 1) | 254 | if (rv == 1) |
| 253 | outl = signature->length; | 255 | out_len = signature->length; |
| 254 | /* Return value meanings: | 256 | /* Return value meanings: |
| 255 | * <=0: error. | 257 | * <=0: error. |
| 256 | * 1: method does everything. | 258 | * 1: method does everything. |
| @@ -261,8 +263,7 @@ ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 261 | ASN1error(ERR_R_EVP_LIB); | 263 | ASN1error(ERR_R_EVP_LIB); |
| 262 | if (rv <= 1) | 264 | if (rv <= 1) |
| 263 | goto err; | 265 | goto err; |
| 264 | } else | 266 | } |
| 265 | rv = 2; | ||
| 266 | 267 | ||
| 267 | if (rv == 2) { | 268 | if (rv == 2) { |
| 268 | if (!pkey->ameth || | 269 | if (!pkey->ameth || |
| @@ -286,36 +287,48 @@ ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 286 | 287 | ||
| 287 | } | 288 | } |
| 288 | 289 | ||
| 289 | inl = ASN1_item_i2d(asn, &buf_in, it); | 290 | if ((in_len = ASN1_item_i2d(asn, &buf_in, it)) <= 0) { |
| 290 | outll = outl = EVP_PKEY_size(pkey); | 291 | in_len = 0; |
| 291 | buf_out = malloc(outl); | 292 | goto err; |
| 292 | if ((buf_in == NULL) || (buf_out == NULL)) { | 293 | } |
| 293 | outl = 0; | 294 | |
| 295 | if ((out_len = EVP_PKEY_size(pkey)) <= 0) { | ||
| 296 | out_len = 0; | ||
| 297 | goto err; | ||
| 298 | } | ||
| 299 | |||
| 300 | if ((buf_out = malloc(out_len)) == NULL) { | ||
| 294 | ASN1error(ERR_R_MALLOC_FAILURE); | 301 | ASN1error(ERR_R_MALLOC_FAILURE); |
| 295 | goto err; | 302 | goto err; |
| 296 | } | 303 | } |
| 297 | 304 | ||
| 298 | if (!EVP_DigestSignUpdate(ctx, buf_in, inl) || | 305 | buf_out_len = out_len; |
| 299 | !EVP_DigestSignFinal(ctx, buf_out, &outl)) { | 306 | if (!EVP_DigestSignUpdate(ctx, buf_in, in_len) || |
| 300 | outl = 0; | 307 | !EVP_DigestSignFinal(ctx, buf_out, &buf_out_len)) { |
| 301 | ASN1error(ERR_R_EVP_LIB); | 308 | ASN1error(ERR_R_EVP_LIB); |
| 302 | goto err; | 309 | goto err; |
| 303 | } | 310 | } |
| 304 | free(signature->data); | 311 | |
| 305 | signature->data = buf_out; | 312 | if (buf_out_len > INT_MAX) { |
| 313 | ASN1error(ASN1_R_TOO_LONG); | ||
| 314 | goto err; | ||
| 315 | } | ||
| 316 | |||
| 317 | ASN1_STRING_set0(signature, buf_out, (int)buf_out_len); | ||
| 306 | buf_out = NULL; | 318 | buf_out = NULL; |
| 307 | signature->length = outl; | ||
| 308 | /* In the interests of compatibility, I'll make sure that | ||
| 309 | * the bit string has a 'not-used bits' value of 0 | ||
| 310 | */ | ||
| 311 | signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); | ||
| 312 | signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; | ||
| 313 | 319 | ||
| 320 | if (!asn1_abs_set_unused_bits(signature, 0)) { | ||
| 321 | ASN1error(ERR_R_ASN1_LIB); | ||
| 322 | goto err; | ||
| 323 | } | ||
| 324 | |||
| 325 | ret = (int)buf_out_len; | ||
| 314 | err: | 326 | err: |
| 315 | EVP_MD_CTX_cleanup(ctx); | 327 | EVP_MD_CTX_cleanup(ctx); |
| 316 | freezero((char *)buf_in, inl); | 328 | freezero(buf_in, in_len); |
| 317 | freezero((char *)buf_out, outll); | 329 | freezero(buf_out, out_len); |
| 318 | return (outl); | 330 | |
| 331 | return ret; | ||
| 319 | } | 332 | } |
| 320 | 333 | ||
| 321 | int | 334 | int |