1 files changed, 35 insertions, 24 deletions
diff --git a/src/lib/libcrypto/bn/bn_convert.c b/src/lib/libcrypto/bn/bn_convert.c
index d509a86c08..d38747e017 100644
--- a/src/lib/libcrypto/bn/bn_convert.c
+++ b/src/lib/libcrypto/bn/bn_convert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_convert.c,v 1.21 2024/04/17 21:55:43 tb Exp $ */
+/* $OpenBSD: bn_convert.c,v 1.22 2024/06/22 16:33:00 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -690,32 +690,43 @@ BN_hex2bn(BIGNUM **bnp, const char *s)
 LCRYPTO_ALIAS(BN_hex2bn);
 int
-BN_bn2mpi(const BIGNUM *a, unsigned char *d)
+BN_bn2mpi(const BIGNUM *bn, unsigned char *d)
 {
-        int bits;
+        uint8_t *out_bin;
-        int num = 0;
+        size_t out_len, out_bin_len;
-        int ext = 0;
+        int bits, bytes;
-        long l;
+        int extend;
+        CBB cbb, cbb_bin;
-        bits = BN_num_bits(a);
-        num = (bits + 7) / 8;
+        bits = BN_num_bits(bn);
-        if (bits > 0) {
+        bytes = (bits + 7) / 8;
-                ext = ((bits & 0x07) == 0);
+        extend = (bits != 0) && (bits % 8 == 0);
-        }
+        out_bin_len = extend + bytes;
+        out_len = 4 + out_bin_len;
        if (d == NULL)
-                return (num + 4 + ext);
+                return out_len;
-        l = num + ext;
+        if (!CBB_init_fixed(&cbb, d, out_len))
-        d[0] = (unsigned char)(l >> 24) & 0xff;
+                goto err;
-        d[1] = (unsigned char)(l >> 16) & 0xff;
+        if (!CBB_add_u32_length_prefixed(&cbb, &cbb_bin))
-        d[2] = (unsigned char)(l >> 8) & 0xff;
+                goto err;
-        d[3] = (unsigned char)(l) & 0xff;
+        if (!CBB_add_space(&cbb_bin, &out_bin, out_bin_len))
-        if (ext)
+                goto err;
-                d[4] = 0;
+        if (BN_bn2binpad(bn, out_bin, out_bin_len) != out_bin_len)
-        num = BN_bn2bin(a, &(d[4 + ext]));
+                goto err;
-        if (a->neg)
+        if (!CBB_finish(&cbb, NULL, NULL))
+                goto err;
+        if (bn->neg)
                d[4] |= 0x80;
-        return (num + 4 + ext);
+        return out_len;
+ err:
+        CBB_cleanup(&cbb);
+        return -1;
 }
 LCRYPTO_ALIAS(BN_bn2mpi);

diff --git a/src/lib/libcrypto/bn/bn_convert.c b/src/lib/libcrypto/bn/bn_convert.c index d509a86c08..d38747e017 100644 --- a/src/lib/libcrypto/bn/bn_convert.c +++ b/src/lib/libcrypto/bn/bn_convert.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_convert.c,v 1.21 2024/04/17 21:55:43 tb Exp $ */	1	/* $OpenBSD: bn_convert.c,v 1.22 2024/06/22 16:33:00 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -690,32 +690,43 @@ BN_hex2bn(BIGNUM *bnp, const char s)
690	LCRYPTO_ALIAS(BN_hex2bn);	690	LCRYPTO_ALIAS(BN_hex2bn);
691		691
692	int	692	int
693	BN_bn2mpi(const BIGNUM a, unsigned char d)	693	BN_bn2mpi(const BIGNUM bn, unsigned char d)
694	{	694	{
695	int bits;	695	uint8_t *out_bin;
696	int num = 0;	696	size_t out_len, out_bin_len;
697	int ext = 0;	697	int bits, bytes;
698	long l;	698	int extend;
699		699	CBB cbb, cbb_bin;
700	bits = BN_num_bits(a);	700
701	num = (bits + 7) / 8;	701	bits = BN_num_bits(bn);
702	if (bits > 0) {	702	bytes = (bits + 7) / 8;
703	ext = ((bits & 0x07) == 0);	703	extend = (bits != 0) && (bits % 8 == 0);
704	}	704	out_bin_len = extend + bytes;
		705	out_len = 4 + out_bin_len;
		706
705	if (d == NULL)	707	if (d == NULL)
706	return (num + 4 + ext);	708	return out_len;
707		709
708	l = num + ext;	710	if (!CBB_init_fixed(&cbb, d, out_len))
709	d[0] = (unsigned char)(l >> 24) & 0xff;	711	goto err;
710	d[1] = (unsigned char)(l >> 16) & 0xff;	712	if (!CBB_add_u32_length_prefixed(&cbb, &cbb_bin))
711	d[2] = (unsigned char)(l >> 8) & 0xff;	713	goto err;
712	d[3] = (unsigned char)(l) & 0xff;	714	if (!CBB_add_space(&cbb_bin, &out_bin, out_bin_len))
713	if (ext)	715	goto err;
714	d[4] = 0;	716	if (BN_bn2binpad(bn, out_bin, out_bin_len) != out_bin_len)
715	num = BN_bn2bin(a, &(d[4 + ext]));	717	goto err;
716	if (a->neg)	718	if (!CBB_finish(&cbb, NULL, NULL))
		719	goto err;
		720
		721	if (bn->neg)
717	d[4] \|= 0x80;	722	d[4] \|= 0x80;
718	return (num + 4 + ext);	723
		724	return out_len;
		725
		726	err:
		727	CBB_cleanup(&cbb);
		728
		729	return -1;
719	}	730	}
720	LCRYPTO_ALIAS(BN_bn2mpi);	731	LCRYPTO_ALIAS(BN_bn2mpi);
721		732