summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp/evp_pkey.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/evp/evp_pkey.c')
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c124
1 files changed, 90 insertions, 34 deletions
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
index eb481ec661..47a69932a5 100644
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -235,7 +235,11 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
235 return NULL; 235 return NULL;
236 } 236 }
237 p8->broken = broken; 237 p8->broken = broken;
238 ASN1_INTEGER_set (p8->version, 0); 238 if (!ASN1_INTEGER_set(p8->version, 0)) {
239 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
240 PKCS8_PRIV_KEY_INFO_free (p8);
241 return NULL;
242 }
239 if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { 243 if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
240 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 244 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
241 PKCS8_PRIV_KEY_INFO_free (p8); 245 PKCS8_PRIV_KEY_INFO_free (p8);
@@ -303,29 +307,35 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
303#ifndef OPENSSL_NO_DSA 307#ifndef OPENSSL_NO_DSA
304static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) 308static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
305{ 309{
306 ASN1_STRING *params; 310 ASN1_STRING *params = NULL;
307 ASN1_INTEGER *prkey; 311 ASN1_INTEGER *prkey = NULL;
308 ASN1_TYPE *ttmp; 312 ASN1_TYPE *ttmp = NULL;
309 STACK_OF(ASN1_TYPE) *ndsa; 313 STACK_OF(ASN1_TYPE) *ndsa = NULL;
310 unsigned char *p, *q; 314 unsigned char *p = NULL, *q;
311 int len; 315 int len;
312 316
313 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); 317 p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
314 len = i2d_DSAparams (pkey->pkey.dsa, NULL); 318 len = i2d_DSAparams (pkey->pkey.dsa, NULL);
315 if (!(p = OPENSSL_malloc(len))) { 319 if (!(p = OPENSSL_malloc(len))) {
316 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 320 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
317 PKCS8_PRIV_KEY_INFO_free (p8); 321 goto err;
318 return 0;
319 } 322 }
320 q = p; 323 q = p;
321 i2d_DSAparams (pkey->pkey.dsa, &q); 324 i2d_DSAparams (pkey->pkey.dsa, &q);
322 params = ASN1_STRING_new(); 325 if (!(params = ASN1_STRING_new())) {
323 ASN1_STRING_set(params, p, len); 326 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
327 goto err;
328 }
329 if (!ASN1_STRING_set(params, p, len)) {
330 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
331 goto err;
332 }
324 OPENSSL_free(p); 333 OPENSSL_free(p);
334 p = NULL;
325 /* Get private key into integer */ 335 /* Get private key into integer */
326 if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { 336 if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
327 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); 337 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
328 return 0; 338 goto err;
329 } 339 }
330 340
331 switch(p8->broken) { 341 switch(p8->broken) {
@@ -336,12 +346,13 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
336 if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER, 346 if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
337 &p8->pkey->value.octet_string)) { 347 &p8->pkey->value.octet_string)) {
338 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 348 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
339 M_ASN1_INTEGER_free (prkey); 349 goto err;
340 return 0;
341 } 350 }
342 351
343 M_ASN1_INTEGER_free (prkey); 352 M_ASN1_INTEGER_free (prkey);
353 prkey = NULL;
344 p8->pkeyalg->parameter->value.sequence = params; 354 p8->pkeyalg->parameter->value.sequence = params;
355 params = NULL;
345 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; 356 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
346 357
347 break; 358 break;
@@ -349,32 +360,51 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
349 case PKCS8_NS_DB: 360 case PKCS8_NS_DB:
350 361
351 p8->pkeyalg->parameter->value.sequence = params; 362 p8->pkeyalg->parameter->value.sequence = params;
363 params = NULL;
352 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; 364 p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
353 ndsa = sk_ASN1_TYPE_new_null(); 365 if (!(ndsa = sk_ASN1_TYPE_new_null())) {
354 ttmp = ASN1_TYPE_new(); 366 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
355 if (!(ttmp->value.integer = BN_to_ASN1_INTEGER (pkey->pkey.dsa->pub_key, NULL))) { 367 goto err;
368 }
369 if (!(ttmp = ASN1_TYPE_new())) {
370 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
371 goto err;
372 }
373 if (!(ttmp->value.integer =
374 BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) {
356 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); 375 EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
357 PKCS8_PRIV_KEY_INFO_free(p8); 376 goto err;
358 return 0;
359 } 377 }
360 ttmp->type = V_ASN1_INTEGER; 378 ttmp->type = V_ASN1_INTEGER;
361 sk_ASN1_TYPE_push(ndsa, ttmp); 379 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
380 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
381 goto err;
382 }
362 383
363 ttmp = ASN1_TYPE_new(); 384 if (!(ttmp = ASN1_TYPE_new())) {
385 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
386 goto err;
387 }
364 ttmp->value.integer = prkey; 388 ttmp->value.integer = prkey;
389 prkey = NULL;
365 ttmp->type = V_ASN1_INTEGER; 390 ttmp->type = V_ASN1_INTEGER;
366 sk_ASN1_TYPE_push(ndsa, ttmp); 391 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
392 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
393 goto err;
394 }
395 ttmp = NULL;
367 396
368 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); 397 if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) {
398 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
399 goto err;
400 }
369 401
370 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, 402 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
371 &p8->pkey->value.octet_string->data, 403 &p8->pkey->value.octet_string->data,
372 &p8->pkey->value.octet_string->length)) { 404 &p8->pkey->value.octet_string->length)) {
373 405
374 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 406 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
375 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 407 goto err;
376 M_ASN1_INTEGER_free(prkey);
377 return 0;
378 } 408 }
379 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 409 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
380 break; 410 break;
@@ -382,31 +412,57 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
382 case PKCS8_EMBEDDED_PARAM: 412 case PKCS8_EMBEDDED_PARAM:
383 413
384 p8->pkeyalg->parameter->type = V_ASN1_NULL; 414 p8->pkeyalg->parameter->type = V_ASN1_NULL;
385 ndsa = sk_ASN1_TYPE_new_null(); 415 if (!(ndsa = sk_ASN1_TYPE_new_null())) {
386 ttmp = ASN1_TYPE_new(); 416 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
417 goto err;
418 }
419 if (!(ttmp = ASN1_TYPE_new())) {
420 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
421 goto err;
422 }
387 ttmp->value.sequence = params; 423 ttmp->value.sequence = params;
424 params = NULL;
388 ttmp->type = V_ASN1_SEQUENCE; 425 ttmp->type = V_ASN1_SEQUENCE;
389 sk_ASN1_TYPE_push(ndsa, ttmp); 426 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
427 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
428 goto err;
429 }
390 430
391 ttmp = ASN1_TYPE_new(); 431 if (!(ttmp = ASN1_TYPE_new())) {
432 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
433 goto err;
434 }
392 ttmp->value.integer = prkey; 435 ttmp->value.integer = prkey;
436 prkey = NULL;
393 ttmp->type = V_ASN1_INTEGER; 437 ttmp->type = V_ASN1_INTEGER;
394 sk_ASN1_TYPE_push(ndsa, ttmp); 438 if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
439 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
440 goto err;
441 }
442 ttmp = NULL;
395 443
396 p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); 444 if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) {
445 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
446 goto err;
447 }
397 448
398 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, 449 if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
399 &p8->pkey->value.octet_string->data, 450 &p8->pkey->value.octet_string->data,
400 &p8->pkey->value.octet_string->length)) { 451 &p8->pkey->value.octet_string->length)) {
401 452
402 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); 453 EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
403 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 454 goto err;
404 M_ASN1_INTEGER_free (prkey);
405 return 0;
406 } 455 }
407 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 456 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
408 break; 457 break;
409 } 458 }
410 return 1; 459 return 1;
460err:
461 if (p != NULL) OPENSSL_free(p);
462 if (params != NULL) ASN1_STRING_free(params);
463 if (prkey != NULL) M_ASN1_INTEGER_free(prkey);
464 if (ttmp != NULL) ASN1_TYPE_free(ttmp);
465 if (ndsa != NULL) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
466 return 0;
411} 467}
412#endif 468#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 14:44:04 +0000