From 74f1269e0cf9abe4f2b70a0ba26461fafac75cd2 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Wed, 11 Jan 2023 04:39:42 +0000
Subject: Clean up and simplify BIGNUM handling in DSA code.

This adds missing BN_CTX_start()/BN_CTX_end() calls, removes NULL checks
before BN_CTX_end()/BN_CTX_free() (since they're NULL safe) and calls
BN_free() instead of BN_clear_free() (which does the same thing).

Also replace stack allocated BIGNUMs with calls to BN_CTX_get(), using the
BN_CTX that is already available.

ok tb@
---
 src/lib/libcrypto/dsa/dsa_ameth.c | 33 ++++++++++++++++++++++-----------
 1 file changed, 22 insertions(+), 11 deletions(-)

(limited to 'src/lib/libcrypto/dsa/dsa_ameth.c')

diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c
index fb333dda0f..0d3333d92c 100644
--- a/src/lib/libcrypto/dsa/dsa_ameth.c
+++ b/src/lib/libcrypto/dsa/dsa_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_ameth.c,v 1.38 2022/11/26 16:08:52 tb Exp $ */
+/* $OpenBSD: dsa_ameth.c,v 1.39 2023/01/11 04:39:42 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -192,7 +192,6 @@ dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
 	ASN1_INTEGER *privkey = NULL;
 	BN_CTX *ctx = NULL;
 	DSA *dsa = NULL;
-
 	int ret = 0;
 
 	if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
@@ -221,11 +220,14 @@ dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
 		DSAerror(ERR_R_MALLOC_FAILURE);
 		goto dsaerr;
 	}
-	if (!(ctx = BN_CTX_new())) {
+
+	if ((ctx = BN_CTX_new()) == NULL) {
 		DSAerror(ERR_R_MALLOC_FAILURE);
 		goto dsaerr;
 	}
 
+	BN_CTX_start(ctx);
+
 	if (!BN_mod_exp_ct(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
 		DSAerror(DSA_R_BN_ERROR);
 		goto dsaerr;
@@ -242,8 +244,10 @@ decerr:
 dsaerr:
 	DSA_free(dsa);
 done:
+	BN_CTX_end(ctx);
 	BN_CTX_free(ctx);
 	ASN1_INTEGER_free(privkey);
+
 	return ret;
 }
 
@@ -511,26 +515,31 @@ old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
 		goto err;
 	}
 
-	ctx = BN_CTX_new();
-	if (ctx == NULL)
+	if ((ctx = BN_CTX_new()) == NULL)
 		goto err;
 
+	BN_CTX_start(ctx);
+
 	/*
 	 * Check that p and q are consistent with each other.
 	 */
-
-	j = BN_CTX_get(ctx);
-	p1 = BN_CTX_get(ctx);
-	newp1 = BN_CTX_get(ctx);
-	powg = BN_CTX_get(ctx);
-	if (j == NULL || p1 == NULL || newp1 == NULL || powg == NULL)
+	if ((j = BN_CTX_get(ctx)) == NULL)
 		goto err;
+	if ((p1 = BN_CTX_get(ctx)) == NULL)
+		goto err;
+	if ((newp1 = BN_CTX_get(ctx)) == NULL)
+		goto err;
+	if ((powg = BN_CTX_get(ctx)) == NULL)
+		goto err;
+
 	/* p1 = p - 1 */
 	if (BN_sub(p1, dsa->p, BN_value_one()) == 0)
 		goto err;
+
 	/* j = (p - 1) / q */
 	if (BN_div_ct(j, NULL, p1, dsa->q, ctx) == 0)
 		goto err;
+
 	/* q * j should == p - 1 */
 	if (BN_mul(newp1, dsa->q, j, ctx) == 0)
 		goto err;
@@ -561,12 +570,14 @@ old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
 		goto err;
 	}
 
+	BN_CTX_end(ctx);
 	BN_CTX_free(ctx);
 
 	EVP_PKEY_assign_DSA(pkey, dsa);
 	return 1;
 
  err:
+	BN_CTX_end(ctx);
 	BN_CTX_free(ctx);
 	DSA_free(dsa);
 	return 0;
-- 
cgit v1.2.3-55-g6feb