diff options
Diffstat (limited to 'src/lib/libcrypto')
| -rw-r--r-- | src/lib/libcrypto/ec/ec_ameth.c | 38 |
1 files changed, 23 insertions, 15 deletions
diff --git a/src/lib/libcrypto/ec/ec_ameth.c b/src/lib/libcrypto/ec/ec_ameth.c index e87cc1766c..3848c12147 100644 --- a/src/lib/libcrypto/ec/ec_ameth.c +++ b/src/lib/libcrypto/ec/ec_ameth.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ec_ameth.c,v 1.61 2024/04/17 13:58:55 tb Exp $ */ | 1 | /* $OpenBSD: ec_ameth.c,v 1.62 2024/04/17 14:00:17 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| @@ -917,7 +917,7 @@ ecdh_cms_encrypt(CMS_RecipientInfo *ri) | |||
| 917 | X509_ALGOR *talg, *wrap_alg = NULL; | 917 | X509_ALGOR *talg, *wrap_alg = NULL; |
| 918 | const ASN1_OBJECT *aoid; | 918 | const ASN1_OBJECT *aoid; |
| 919 | ASN1_BIT_STRING *pubkey; | 919 | ASN1_BIT_STRING *pubkey; |
| 920 | ASN1_STRING *wrap_str; | 920 | ASN1_STRING *wrap_str = NULL; |
| 921 | ASN1_OCTET_STRING *ukm; | 921 | ASN1_OCTET_STRING *ukm; |
| 922 | unsigned char *penc = NULL; | 922 | unsigned char *penc = NULL; |
| 923 | int penclen; | 923 | int penclen; |
| @@ -986,14 +986,18 @@ ecdh_cms_encrypt(CMS_RecipientInfo *ri) | |||
| 986 | wrap_nid = EVP_CIPHER_CTX_type(ctx); | 986 | wrap_nid = EVP_CIPHER_CTX_type(ctx); |
| 987 | keylen = EVP_CIPHER_CTX_key_length(ctx); | 987 | keylen = EVP_CIPHER_CTX_key_length(ctx); |
| 988 | 988 | ||
| 989 | /* Package wrap algorithm in an AlgorithmIdentifier */ | 989 | /* |
| 990 | * Package wrap algorithm in an AlgorithmIdentifier. | ||
| 991 | * | ||
| 992 | * Incompatibility of X509_ALGOR_set0() with EVP_CIPHER_param_to_asn1() | ||
| 993 | * makes this really gross. | ||
| 994 | */ | ||
| 990 | 995 | ||
| 991 | wrap_alg = X509_ALGOR_new(); | 996 | if ((wrap_alg = X509_ALGOR_new()) == NULL) |
| 992 | if (wrap_alg == NULL) | ||
| 993 | goto err; | 997 | goto err; |
| 994 | wrap_alg->algorithm = OBJ_nid2obj(wrap_nid); | 998 | if ((wrap_alg->algorithm = OBJ_nid2obj(wrap_nid)) == NULL) |
| 995 | wrap_alg->parameter = ASN1_TYPE_new(); | 999 | goto err; |
| 996 | if (wrap_alg->parameter == NULL) | 1000 | if ((wrap_alg->parameter = ASN1_TYPE_new()) == NULL) |
| 997 | goto err; | 1001 | goto err; |
| 998 | if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0) | 1002 | if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0) |
| 999 | goto err; | 1003 | goto err; |
| @@ -1014,23 +1018,27 @@ ecdh_cms_encrypt(CMS_RecipientInfo *ri) | |||
| 1014 | penc = NULL; | 1018 | penc = NULL; |
| 1015 | 1019 | ||
| 1016 | /* | 1020 | /* |
| 1017 | * Now need to wrap encoding of wrap AlgorithmIdentifier into parameter | 1021 | * Wrap encoded wrap AlgorithmIdentifier into parameter of another |
| 1018 | * of another AlgorithmIdentifier. | 1022 | * AlgorithmIdentifier. |
| 1019 | */ | 1023 | */ |
| 1020 | penclen = i2d_X509_ALGOR(wrap_alg, &penc); | 1024 | |
| 1021 | if (penclen <= 0) | 1025 | if ((penclen = i2d_X509_ALGOR(wrap_alg, &penc)) <= 0) |
| 1022 | goto err; | 1026 | goto err; |
| 1023 | wrap_str = ASN1_STRING_new(); | 1027 | |
| 1024 | if (wrap_str == NULL) | 1028 | if ((wrap_str = ASN1_STRING_new()) == NULL) |
| 1025 | goto err; | 1029 | goto err; |
| 1026 | ASN1_STRING_set0(wrap_str, penc, penclen); | 1030 | ASN1_STRING_set0(wrap_str, penc, penclen); |
| 1027 | penc = NULL; | 1031 | penc = NULL; |
| 1028 | X509_ALGOR_set0(talg, OBJ_nid2obj(kdf_nid), V_ASN1_SEQUENCE, wrap_str); | 1032 | |
| 1033 | if (!X509_ALGOR_set0_by_nid(talg, kdf_nid, V_ASN1_SEQUENCE, wrap_str)) | ||
| 1034 | goto err; | ||
| 1035 | wrap_str = NULL; | ||
| 1029 | 1036 | ||
| 1030 | ret = 1; | 1037 | ret = 1; |
| 1031 | 1038 | ||
| 1032 | err: | 1039 | err: |
| 1033 | free(penc); | 1040 | free(penc); |
| 1041 | ASN1_STRING_free(wrap_str); | ||
| 1034 | X509_ALGOR_free(wrap_alg); | 1042 | X509_ALGOR_free(wrap_alg); |
| 1035 | 1043 | ||
| 1036 | return ret; | 1044 | return ret; |