1 files changed, 16 insertions, 16 deletions
diff --git a/src/lib/libcrypto/ec/ec_asn1.c b/src/lib/libcrypto/ec/ec_asn1.c
index 634fb5254c..eddc3769e9 100644
--- a/src/lib/libcrypto/ec/ec_asn1.c
+++ b/src/lib/libcrypto/ec/ec_asn1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_asn1.c,v 1.55 2024/10/03 04:17:05 tb Exp $ */
+/* $OpenBSD: ec_asn1.c,v 1.56 2024/10/03 04:20:28 tb Exp $ */
 /*
 * Written by Nils Larsch for the OpenSSL project.
 */
@@ -841,7 +841,7 @@ ec_asn1_parameters2group(const ECPARAMETERS *params)
 {
        int ok = 0, tmp;
        EC_GROUP *ret = NULL;
-        BIGNUM *p = NULL, *a = NULL, *b = NULL;
+        BIGNUM *p = NULL, *a = NULL, *b = NULL, *order = NULL, *cofactor = NULL;
        EC_POINT *point = NULL;
        int field_bits;
@@ -932,29 +932,26 @@ ec_asn1_parameters2group(const ECPARAMETERS *params)
                ECerror(ERR_R_EC_LIB);
                goto err;
        }
-        /* extract the order */
+        if ((order = ASN1_INTEGER_to_BN(params->order, NULL)) == NULL) {
-        if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL) {
                ECerror(ERR_R_ASN1_LIB);
                goto err;
        }
-        if (BN_is_negative(a) || BN_is_zero(a)) {
+        if (BN_is_negative(order) || BN_is_zero(order)) {
                ECerror(EC_R_INVALID_GROUP_ORDER);
                goto err;
        }
-        if (BN_num_bits(a) > field_bits + 1) {          /* Hasse bound */
+        if (BN_num_bits(order) > field_bits + 1) {      /* Hasse bound */
                ECerror(EC_R_INVALID_GROUP_ORDER);
                goto err;
        }
-        /* extract the cofactor (optional) */
+        if (params->cofactor != NULL) {
-        if (params->cofactor == NULL) {
+                if ((cofactor = ASN1_INTEGER_to_BN(params->cofactor,
-                BN_free(b);
+                    NULL)) == NULL) {
-                b = NULL;
+                        ECerror(ERR_R_ASN1_LIB);
-        } else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) {
+                        goto err;
-                ECerror(ERR_R_ASN1_LIB);
+                }
-                goto err;
        }
-        /* set the generator, order and cofactor (if present) */
+        if (!EC_GROUP_set_generator(ret, point, order, cofactor)) {
-        if (!EC_GROUP_set_generator(ret, point, a, b)) {
                ECerror(ERR_R_EC_LIB);
                goto err;
        }
@@ -968,8 +965,11 @@ ec_asn1_parameters2group(const ECPARAMETERS *params)
        BN_free(p);
        BN_free(a);
        BN_free(b);
+        BN_free(order);
+        BN_free(cofactor);
        EC_POINT_free(point);
-        return (ret);
+        return ret;
 }
 EC_GROUP *

diff --git a/src/lib/libcrypto/ec/ec_asn1.c b/src/lib/libcrypto/ec/ec_asn1.c index 634fb5254c..eddc3769e9 100644 --- a/src/lib/libcrypto/ec/ec_asn1.c +++ b/src/lib/libcrypto/ec/ec_asn1.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ec_asn1.c,v 1.55 2024/10/03 04:17:05 tb Exp $ */	1	/* $OpenBSD: ec_asn1.c,v 1.56 2024/10/03 04:20:28 tb Exp $ */
2	/*	2	/*
3	* Written by Nils Larsch for the OpenSSL project.	3	* Written by Nils Larsch for the OpenSSL project.
4	*/	4	*/
@@ -841,7 +841,7 @@ ec_asn1_parameters2group(const ECPARAMETERS *params)
841	{	841	{
842	int ok = 0, tmp;	842	int ok = 0, tmp;
843	EC_GROUP *ret = NULL;	843	EC_GROUP *ret = NULL;
844	BIGNUM p = NULL, a = NULL, *b = NULL;	844	BIGNUM p = NULL, a = NULL, b = NULL, order = NULL, *cofactor = NULL;
845	EC_POINT *point = NULL;	845	EC_POINT *point = NULL;
846	int field_bits;	846	int field_bits;
847		847
@@ -932,29 +932,26 @@ ec_asn1_parameters2group(const ECPARAMETERS *params)
932	ECerror(ERR_R_EC_LIB);	932	ECerror(ERR_R_EC_LIB);
933	goto err;	933	goto err;
934	}	934	}
935	/* extract the order */	935	if ((order = ASN1_INTEGER_to_BN(params->order, NULL)) == NULL) {
936	if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL) {
937	ECerror(ERR_R_ASN1_LIB);	936	ECerror(ERR_R_ASN1_LIB);
938	goto err;	937	goto err;
939	}	938	}
940	if (BN_is_negative(a) \|\| BN_is_zero(a)) {	939	if (BN_is_negative(order) \|\| BN_is_zero(order)) {
941	ECerror(EC_R_INVALID_GROUP_ORDER);	940	ECerror(EC_R_INVALID_GROUP_ORDER);
942	goto err;	941	goto err;
943	}	942	}
944	if (BN_num_bits(a) > field_bits + 1) { /* Hasse bound */	943	if (BN_num_bits(order) > field_bits + 1) { /* Hasse bound */
945	ECerror(EC_R_INVALID_GROUP_ORDER);	944	ECerror(EC_R_INVALID_GROUP_ORDER);
946	goto err;	945	goto err;
947	}	946	}
948	/* extract the cofactor (optional) */	947	if (params->cofactor != NULL) {
949	if (params->cofactor == NULL) {	948	if ((cofactor = ASN1_INTEGER_to_BN(params->cofactor,
950	BN_free(b);	949	NULL)) == NULL) {
951	b = NULL;	950	ECerror(ERR_R_ASN1_LIB);
952	} else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) {	951	goto err;
953	ECerror(ERR_R_ASN1_LIB);	952	}
954	goto err;
955	}	953	}
956	/* set the generator, order and cofactor (if present) */	954	if (!EC_GROUP_set_generator(ret, point, order, cofactor)) {
957	if (!EC_GROUP_set_generator(ret, point, a, b)) {
958	ECerror(ERR_R_EC_LIB);	955	ECerror(ERR_R_EC_LIB);
959	goto err;	956	goto err;
960	}	957	}
@@ -968,8 +965,11 @@ ec_asn1_parameters2group(const ECPARAMETERS *params)
968	BN_free(p);	965	BN_free(p);
969	BN_free(a);	966	BN_free(a);
970	BN_free(b);	967	BN_free(b);
		968	BN_free(order);
		969	BN_free(cofactor);
971	EC_POINT_free(point);	970	EC_POINT_free(point);
972	return (ret);	971
		972	return ret;
973	}	973	}
974		974
975	EC_GROUP *	975	EC_GROUP *