diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/libcrypto/dh/dh_ameth.c | 142 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa_ameth.c | 173 |
2 files changed, 173 insertions, 142 deletions
diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c index 4a600b3bbd..cd4c130f10 100644 --- a/src/lib/libcrypto/dh/dh_ameth.c +++ b/src/lib/libcrypto/dh/dh_ameth.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dh_ameth.c,v 1.33 2023/08/10 16:57:15 tb Exp $ */ | 1 | /* $OpenBSD: dh_ameth.c,v 1.34 2023/08/11 11:32:19 tb Exp $ */ |
2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 | * project 2006. | 3 | * project 2006. |
4 | */ | 4 | */ |
@@ -78,53 +78,55 @@ int_dh_free(EVP_PKEY *pkey) | |||
78 | static int | 78 | static int |
79 | dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) | 79 | dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) |
80 | { | 80 | { |
81 | const unsigned char *p, *pm; | 81 | X509_ALGOR *algor; |
82 | int pklen, pmlen; | ||
83 | int ptype; | 82 | int ptype; |
84 | const void *pval; | 83 | const void *pval; |
85 | const ASN1_STRING *pstr; | 84 | const ASN1_STRING *params; |
86 | X509_ALGOR *palg; | 85 | const unsigned char *key_der, *params_der, *p; |
87 | ASN1_INTEGER *public_key = NULL; | 86 | int key_len, params_len; |
87 | ASN1_INTEGER *key = NULL; | ||
88 | DH *dh = NULL; | 88 | DH *dh = NULL; |
89 | int ret = 0; | ||
89 | 90 | ||
90 | if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey)) | 91 | if (!X509_PUBKEY_get0_param(NULL, &key_der, &key_len, &algor, pubkey)) |
91 | return 0; | 92 | goto err; |
92 | X509_ALGOR_get0(NULL, &ptype, &pval, palg); | 93 | X509_ALGOR_get0(NULL, &ptype, &pval, algor); |
93 | 94 | ||
94 | if (ptype != V_ASN1_SEQUENCE) { | 95 | if (ptype != V_ASN1_SEQUENCE) { |
95 | DHerror(DH_R_PARAMETER_ENCODING_ERROR); | 96 | DHerror(DH_R_PARAMETER_ENCODING_ERROR); |
96 | goto err; | 97 | goto err; |
97 | } | 98 | } |
98 | 99 | ||
99 | pstr = pval; | 100 | params = pval; |
100 | pm = pstr->data; | 101 | params_der = params->data; |
101 | pmlen = pstr->length; | 102 | params_len = params->length; |
102 | 103 | ||
103 | if (!(dh = d2i_DHparams(NULL, &pm, pmlen))) { | 104 | p = params_der; |
105 | if ((dh = d2i_DHparams(NULL, &p, params_len)) == NULL) { | ||
104 | DHerror(DH_R_DECODE_ERROR); | 106 | DHerror(DH_R_DECODE_ERROR); |
105 | goto err; | 107 | goto err; |
106 | } | 108 | } |
107 | 109 | p = key_der; | |
108 | if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen))) { | 110 | if ((key = d2i_ASN1_INTEGER(NULL, &p, key_len)) == NULL) { |
109 | DHerror(DH_R_DECODE_ERROR); | 111 | DHerror(DH_R_DECODE_ERROR); |
110 | goto err; | 112 | goto err; |
111 | } | 113 | } |
112 | 114 | if ((dh->pub_key = ASN1_INTEGER_to_BN(key, NULL)) == NULL) { | |
113 | /* We have parameters now set public key */ | ||
114 | if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) { | ||
115 | DHerror(DH_R_BN_DECODE_ERROR); | 115 | DHerror(DH_R_BN_DECODE_ERROR); |
116 | goto err; | 116 | goto err; |
117 | } | 117 | } |
118 | 118 | ||
119 | ASN1_INTEGER_free(public_key); | 119 | if (!EVP_PKEY_assign_DH(pkey, dh)) |
120 | EVP_PKEY_assign_DH(pkey, dh); | 120 | goto err; |
121 | return 1; | 121 | dh = NULL; |
122 | |||
123 | ret = 1; | ||
122 | 124 | ||
123 | err: | 125 | err: |
124 | if (public_key) | 126 | ASN1_INTEGER_free(key); |
125 | ASN1_INTEGER_free(public_key); | ||
126 | DH_free(dh); | 127 | DH_free(dh); |
127 | return 0; | 128 | |
129 | return ret; | ||
128 | } | 130 | } |
129 | 131 | ||
130 | static int | 132 | static int |
@@ -188,52 +190,57 @@ dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) | |||
188 | static int | 190 | static int |
189 | dh_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) | 191 | dh_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) |
190 | { | 192 | { |
191 | const unsigned char *p, *pm; | 193 | const X509_ALGOR *algor; |
192 | int pklen, pmlen; | ||
193 | int ptype; | 194 | int ptype; |
194 | const void *pval; | 195 | const void *pval; |
195 | const ASN1_STRING *pstr; | 196 | const ASN1_STRING *params; |
196 | const X509_ALGOR *palg; | 197 | const unsigned char *key_der, *params_der, *p; |
197 | ASN1_INTEGER *privkey = NULL; | 198 | int key_len, params_len; |
199 | ASN1_INTEGER *key = NULL; | ||
198 | DH *dh = NULL; | 200 | DH *dh = NULL; |
201 | int ret = 0; | ||
199 | 202 | ||
200 | if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) | 203 | if (!PKCS8_pkey_get0(NULL, &key_der, &key_len, &algor, p8)) |
201 | return 0; | 204 | goto err; |
202 | 205 | X509_ALGOR_get0(NULL, &ptype, &pval, algor); | |
203 | X509_ALGOR_get0(NULL, &ptype, &pval, palg); | ||
204 | 206 | ||
205 | if (ptype != V_ASN1_SEQUENCE) | 207 | if (ptype != V_ASN1_SEQUENCE) { |
206 | goto decerr; | 208 | DHerror(DH_R_PARAMETER_ENCODING_ERROR); |
209 | goto err; | ||
210 | } | ||
207 | 211 | ||
208 | if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen))) | 212 | params = pval; |
209 | goto decerr; | 213 | params_der = params->data; |
214 | params_len = params->length; | ||
210 | 215 | ||
211 | pstr = pval; | 216 | p = params_der; |
212 | pm = pstr->data; | 217 | if ((dh = d2i_DHparams(NULL, &p, params_len)) == NULL) { |
213 | pmlen = pstr->length; | 218 | DHerror(DH_R_DECODE_ERROR); |
214 | if (!(dh = d2i_DHparams(NULL, &pm, pmlen))) | 219 | goto err; |
215 | goto decerr; | 220 | } |
216 | /* We have parameters now set private key */ | 221 | p = key_der; |
217 | if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) { | 222 | if ((key = d2i_ASN1_INTEGER(NULL, &p, key_len)) == NULL) { |
218 | DHerror(DH_R_BN_ERROR); | 223 | DHerror(DH_R_DECODE_ERROR); |
219 | goto dherr; | 224 | goto err; |
225 | } | ||
226 | if ((dh->priv_key = ASN1_INTEGER_to_BN(key, NULL)) == NULL) { | ||
227 | DHerror(DH_R_BN_DECODE_ERROR); | ||
228 | goto err; | ||
220 | } | 229 | } |
221 | /* Calculate public key */ | ||
222 | if (!DH_generate_key(dh)) | 230 | if (!DH_generate_key(dh)) |
223 | goto dherr; | 231 | goto err; |
224 | |||
225 | EVP_PKEY_assign_DH(pkey, dh); | ||
226 | 232 | ||
227 | ASN1_INTEGER_free(privkey); | 233 | if (!EVP_PKEY_assign_DH(pkey, dh)) |
234 | goto err; | ||
235 | dh = NULL; | ||
228 | 236 | ||
229 | return 1; | 237 | ret = 1; |
230 | 238 | ||
231 | decerr: | 239 | err: |
232 | DHerror(EVP_R_DECODE_ERROR); | 240 | ASN1_INTEGER_free(key); |
233 | dherr: | ||
234 | ASN1_INTEGER_free(privkey); | ||
235 | DH_free(dh); | 241 | DH_free(dh); |
236 | return 0; | 242 | |
243 | return ret; | ||
237 | } | 244 | } |
238 | 245 | ||
239 | static int | 246 | static int |
@@ -293,14 +300,23 @@ dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) | |||
293 | static int | 300 | static int |
294 | dh_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) | 301 | dh_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) |
295 | { | 302 | { |
296 | DH *dh; | 303 | DH *dh = NULL; |
304 | int ret = 0; | ||
297 | 305 | ||
298 | if (!(dh = d2i_DHparams(NULL, pder, derlen))) { | 306 | if ((dh = d2i_DHparams(NULL, pder, derlen)) == NULL) { |
299 | DHerror(ERR_R_DH_LIB); | 307 | DHerror(ERR_R_DH_LIB); |
300 | return 0; | 308 | goto err; |
301 | } | 309 | } |
302 | EVP_PKEY_assign_DH(pkey, dh); | 310 | if (!EVP_PKEY_assign_DH(pkey, dh)) |
303 | return 1; | 311 | goto err; |
312 | dh = NULL; | ||
313 | |||
314 | ret = 1; | ||
315 | |||
316 | err: | ||
317 | DH_free(dh); | ||
318 | |||
319 | return ret; | ||
304 | } | 320 | } |
305 | 321 | ||
306 | static int | 322 | static int |
diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c index 28aafebc04..badd2d25b5 100644 --- a/src/lib/libcrypto/dsa/dsa_ameth.c +++ b/src/lib/libcrypto/dsa/dsa_ameth.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dsa_ameth.c,v 1.46 2023/08/10 16:57:15 tb Exp $ */ | 1 | /* $OpenBSD: dsa_ameth.c,v 1.47 2023/08/11 11:32:19 tb Exp $ */ |
2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 | * project 2006. | 3 | * project 2006. |
4 | */ | 4 | */ |
@@ -75,31 +75,32 @@ | |||
75 | static int | 75 | static int |
76 | dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) | 76 | dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) |
77 | { | 77 | { |
78 | const unsigned char *p, *pm; | 78 | X509_ALGOR *algor; |
79 | int pklen, pmlen; | ||
80 | int ptype; | 79 | int ptype; |
81 | const void *pval; | 80 | const void *pval; |
82 | const ASN1_STRING *pstr; | 81 | const ASN1_STRING *params; |
83 | X509_ALGOR *palg; | 82 | const unsigned char *key_der, *params_der, *p; |
84 | ASN1_INTEGER *public_key = NULL; | 83 | int key_len, params_len; |
85 | 84 | ASN1_INTEGER *key = NULL; | |
86 | DSA *dsa = NULL; | 85 | DSA *dsa = NULL; |
86 | int ret = 0; | ||
87 | 87 | ||
88 | if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey)) | 88 | if (!X509_PUBKEY_get0_param(NULL, &key_der, &key_len, &algor, pubkey)) |
89 | return 0; | 89 | goto err; |
90 | X509_ALGOR_get0(NULL, &ptype, &pval, palg); | 90 | X509_ALGOR_get0(NULL, &ptype, &pval, algor); |
91 | 91 | ||
92 | if (ptype == V_ASN1_SEQUENCE) { | 92 | if (ptype == V_ASN1_SEQUENCE) { |
93 | pstr = pval; | 93 | params = pval; |
94 | pm = pstr->data; | 94 | params_der = params->data; |
95 | pmlen = pstr->length; | 95 | params_len = params->length; |
96 | 96 | ||
97 | if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) { | 97 | p = params_der; |
98 | if ((dsa = d2i_DSAparams(NULL, &p, params_len)) == NULL) { | ||
98 | DSAerror(DSA_R_DECODE_ERROR); | 99 | DSAerror(DSA_R_DECODE_ERROR); |
99 | goto err; | 100 | goto err; |
100 | } | 101 | } |
101 | } else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) { | 102 | } else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) { |
102 | if (!(dsa = DSA_new())) { | 103 | if ((dsa = DSA_new()) == NULL) { |
103 | DSAerror(ERR_R_MALLOC_FAILURE); | 104 | DSAerror(ERR_R_MALLOC_FAILURE); |
104 | goto err; | 105 | goto err; |
105 | } | 106 | } |
@@ -108,31 +109,32 @@ dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) | |||
108 | goto err; | 109 | goto err; |
109 | } | 110 | } |
110 | 111 | ||
111 | if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) { | 112 | p = key_der; |
113 | if ((key = d2i_ASN1_INTEGER(NULL, &p, key_len)) == NULL) { | ||
112 | DSAerror(DSA_R_DECODE_ERROR); | 114 | DSAerror(DSA_R_DECODE_ERROR); |
113 | goto err; | 115 | goto err; |
114 | } | 116 | } |
115 | 117 | if ((dsa->pub_key = ASN1_INTEGER_to_BN(key, NULL)) == NULL) { | |
116 | if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) { | ||
117 | DSAerror(DSA_R_BN_DECODE_ERROR); | 118 | DSAerror(DSA_R_BN_DECODE_ERROR); |
118 | goto err; | 119 | goto err; |
119 | } | 120 | } |
120 | |||
121 | /* We can only check for key consistency if we have parameters. */ | 121 | /* We can only check for key consistency if we have parameters. */ |
122 | if (ptype == V_ASN1_SEQUENCE) { | 122 | if (ptype == V_ASN1_SEQUENCE) { |
123 | if (!dsa_check_key(dsa)) | 123 | if (!dsa_check_key(dsa)) |
124 | goto err; | 124 | goto err; |
125 | } | 125 | } |
126 | 126 | ||
127 | ASN1_INTEGER_free(public_key); | 127 | if (!EVP_PKEY_assign_DSA(pkey, dsa)) |
128 | EVP_PKEY_assign_DSA(pkey, dsa); | 128 | goto err; |
129 | return 1; | 129 | dsa = NULL; |
130 | 130 | ||
131 | err: | 131 | ret = 1; |
132 | if (public_key) | 132 | |
133 | ASN1_INTEGER_free(public_key); | 133 | err: |
134 | ASN1_INTEGER_free(key); | ||
134 | DSA_free(dsa); | 135 | DSA_free(dsa); |
135 | return 0; | 136 | |
137 | return ret; | ||
136 | } | 138 | } |
137 | 139 | ||
138 | static int | 140 | static int |
@@ -192,81 +194,85 @@ dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) | |||
192 | return ret; | 194 | return ret; |
193 | } | 195 | } |
194 | 196 | ||
195 | /* In PKCS#8 DSA: you just get a private key integer and parameters in the | 197 | /* |
198 | * In PKCS#8 DSA: you just get a private key integer and parameters in the | ||
196 | * AlgorithmIdentifier the pubkey must be recalculated. | 199 | * AlgorithmIdentifier the pubkey must be recalculated. |
197 | */ | 200 | */ |
198 | static int | 201 | static int |
199 | dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) | 202 | dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) |
200 | { | 203 | { |
201 | const unsigned char *p, *pm; | 204 | const X509_ALGOR *algor; |
202 | int pklen, pmlen; | ||
203 | int ptype; | 205 | int ptype; |
204 | const void *pval; | 206 | const void *pval; |
205 | const ASN1_STRING *pstr; | 207 | const ASN1_STRING *params; |
206 | const X509_ALGOR *palg; | 208 | const unsigned char *key_der, *params_der, *p; |
207 | ASN1_INTEGER *privkey = NULL; | 209 | int key_len, params_len; |
210 | ASN1_INTEGER *key = NULL; | ||
208 | BN_CTX *ctx = NULL; | 211 | BN_CTX *ctx = NULL; |
209 | DSA *dsa = NULL; | 212 | DSA *dsa = NULL; |
210 | int ret = 0; | 213 | int ret = 0; |
211 | 214 | ||
212 | if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) | 215 | if (!PKCS8_pkey_get0(NULL, &key_der, &key_len, &algor, p8)) |
213 | return 0; | 216 | goto err; |
214 | X509_ALGOR_get0(NULL, &ptype, &pval, palg); | 217 | X509_ALGOR_get0(NULL, &ptype, &pval, algor); |
215 | if (ptype != V_ASN1_SEQUENCE) | 218 | |
216 | goto decerr; | 219 | if (ptype != V_ASN1_SEQUENCE) { |
217 | 220 | DSAerror(DSA_R_PARAMETER_ENCODING_ERROR); | |
218 | if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) | 221 | goto err; |
219 | goto decerr; | 222 | } |
220 | if (privkey->type == V_ASN1_NEG_INTEGER) | 223 | |
221 | goto decerr; | 224 | params = pval; |
222 | 225 | params_der = params->data; | |
223 | pstr = pval; | 226 | params_len = params->length; |
224 | pm = pstr->data; | 227 | |
225 | pmlen = pstr->length; | 228 | p = params_der; |
226 | if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) | 229 | if ((dsa = d2i_DSAparams(NULL, &p, params_len)) == NULL) { |
227 | goto decerr; | 230 | DSAerror(DSA_R_DECODE_ERROR); |
228 | /* We have parameters now set private key */ | 231 | goto err; |
229 | if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) { | 232 | } |
230 | DSAerror(DSA_R_BN_ERROR); | 233 | p = key_der; |
231 | goto dsaerr; | 234 | if ((key = d2i_ASN1_INTEGER(NULL, &p, key_len)) == NULL) { |
235 | DSAerror(DSA_R_DECODE_ERROR); | ||
236 | goto err; | ||
237 | } | ||
238 | if ((dsa->priv_key = ASN1_INTEGER_to_BN(key, NULL)) == NULL) { | ||
239 | DSAerror(DSA_R_BN_DECODE_ERROR); | ||
240 | goto err; | ||
232 | } | 241 | } |
233 | 242 | ||
234 | /* Check the key for basic consistency before doing expensive things. */ | 243 | /* Check the key for basic consistency before doing expensive things. */ |
235 | if (!dsa_check_key(dsa)) | 244 | if (!dsa_check_key(dsa)) |
236 | goto dsaerr; | 245 | goto err; |
237 | 246 | ||
238 | /* Calculate public key */ | 247 | /* Calculate public key */ |
239 | if (!(dsa->pub_key = BN_new())) { | 248 | if ((dsa->pub_key = BN_new()) == NULL) { |
240 | DSAerror(ERR_R_MALLOC_FAILURE); | 249 | DSAerror(ERR_R_MALLOC_FAILURE); |
241 | goto dsaerr; | 250 | goto err; |
242 | } | 251 | } |
243 | 252 | ||
244 | if ((ctx = BN_CTX_new()) == NULL) { | 253 | if ((ctx = BN_CTX_new()) == NULL) { |
245 | DSAerror(ERR_R_MALLOC_FAILURE); | 254 | DSAerror(ERR_R_MALLOC_FAILURE); |
246 | goto dsaerr; | 255 | goto err; |
247 | } | 256 | } |
248 | 257 | ||
249 | BN_CTX_start(ctx); | 258 | BN_CTX_start(ctx); |
250 | 259 | ||
251 | if (!BN_mod_exp_ct(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { | 260 | if (!BN_mod_exp_ct(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { |
252 | DSAerror(DSA_R_BN_ERROR); | 261 | DSAerror(DSA_R_BN_ERROR); |
253 | goto dsaerr; | 262 | goto err; |
254 | } | 263 | } |
255 | 264 | ||
256 | if (!EVP_PKEY_assign_DSA(pkey, dsa)) | 265 | if (!EVP_PKEY_assign_DSA(pkey, dsa)) |
257 | goto decerr; | 266 | goto err; |
267 | dsa = NULL; | ||
258 | 268 | ||
259 | ret = 1; | 269 | ret = 1; |
260 | goto done; | ||
261 | 270 | ||
262 | decerr: | 271 | err: |
263 | DSAerror(DSA_R_DECODE_ERROR); | ||
264 | dsaerr: | ||
265 | DSA_free(dsa); | 272 | DSA_free(dsa); |
266 | done: | ||
267 | BN_CTX_end(ctx); | 273 | BN_CTX_end(ctx); |
268 | BN_CTX_free(ctx); | 274 | BN_CTX_free(ctx); |
269 | ASN1_INTEGER_free(privkey); | 275 | ASN1_INTEGER_free(key); |
270 | 276 | ||
271 | return ret; | 277 | return ret; |
272 | } | 278 | } |
@@ -454,18 +460,25 @@ do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) | |||
454 | static int | 460 | static int |
455 | dsa_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) | 461 | dsa_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) |
456 | { | 462 | { |
457 | DSA *dsa; | 463 | DSA *dsa = NULL; |
464 | int ret = 0; | ||
458 | 465 | ||
459 | if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) { | 466 | if ((dsa = d2i_DSAparams(NULL, pder, derlen)) == NULL) { |
460 | DSAerror(ERR_R_DSA_LIB); | 467 | DSAerror(ERR_R_DSA_LIB); |
461 | return 0; | 468 | goto err; |
462 | } | ||
463 | if (!dsa_check_key(dsa)) { | ||
464 | DSA_free(dsa); | ||
465 | return 0; | ||
466 | } | 469 | } |
467 | EVP_PKEY_assign_DSA(pkey, dsa); | 470 | if (!dsa_check_key(dsa)) |
468 | return 1; | 471 | goto err; |
472 | if (!EVP_PKEY_assign_DSA(pkey, dsa)) | ||
473 | goto err; | ||
474 | dsa = NULL; | ||
475 | |||
476 | ret = 1; | ||
477 | |||
478 | err: | ||
479 | DSA_free(dsa); | ||
480 | |||
481 | return ret; | ||
469 | } | 482 | } |
470 | 483 | ||
471 | static int | 484 | static int |
@@ -495,9 +508,10 @@ dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) | |||
495 | static int | 508 | static int |
496 | old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) | 509 | old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) |
497 | { | 510 | { |
498 | DSA *dsa; | 511 | DSA *dsa = NULL; |
499 | BN_CTX *ctx = NULL; | 512 | BN_CTX *ctx = NULL; |
500 | BIGNUM *result; | 513 | BIGNUM *result; |
514 | int ret = 0; | ||
501 | 515 | ||
502 | if ((dsa = d2i_DSAPrivateKey(NULL, pder, derlen)) == NULL) { | 516 | if ((dsa = d2i_DSAPrivateKey(NULL, pder, derlen)) == NULL) { |
503 | DSAerror(ERR_R_DSA_LIB); | 517 | DSAerror(ERR_R_DSA_LIB); |
@@ -551,17 +565,18 @@ old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) | |||
551 | goto err; | 565 | goto err; |
552 | } | 566 | } |
553 | 567 | ||
554 | BN_CTX_end(ctx); | 568 | if (!EVP_PKEY_assign_DSA(pkey, dsa)) |
555 | BN_CTX_free(ctx); | 569 | goto err; |
570 | dsa = NULL; | ||
556 | 571 | ||
557 | EVP_PKEY_assign_DSA(pkey, dsa); | 572 | ret = 1; |
558 | return 1; | ||
559 | 573 | ||
560 | err: | 574 | err: |
561 | BN_CTX_end(ctx); | 575 | BN_CTX_end(ctx); |
562 | BN_CTX_free(ctx); | 576 | BN_CTX_free(ctx); |
563 | DSA_free(dsa); | 577 | DSA_free(dsa); |
564 | return 0; | 578 | |
579 | return ret; | ||
565 | } | 580 | } |
566 | 581 | ||
567 | static int | 582 | static int |