From e3c1dd7076a51b72841ed695f4e5ef951ed13317 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Thu, 4 May 2023 13:51:59 +0000
Subject: Rewrite ECParameters_dup()

This should leak slightly less than the direct expansion of ASN1_dup_of().
Use freezero() since the DER could contain a private key.

ok jsing
---
 src/lib/libcrypto/ec/ec_lib.c | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index f560aa9991..308a0f0061 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.56 2023/04/25 19:53:30 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.57 2023/05/04 13:51:59 tb Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -1459,15 +1459,20 @@ ec_group_simple_order_bits(const EC_GROUP *group)
 EC_KEY *
 ECParameters_dup(EC_KEY *key)
 {
-	unsigned char *p = NULL;
-	EC_KEY *k = NULL;
+	const unsigned char *p;
+	unsigned char *der = NULL;
+	EC_KEY *dup = NULL;
 	int len;
 
 	if (key == NULL)
-		return (NULL);
+		return NULL;
+
+	if ((len = i2d_ECParameters(key, &der)) <= 0)
+		return NULL;
 
-	if ((len = i2d_ECParameters(key, &p)) > 0)
-		k = d2i_ECParameters(NULL, (const unsigned char **)&p, len);
+	p = der;
+	dup = d2i_ECParameters(NULL, &p, len);
+	freezero(der, len);
 
-	return (k);
+	return dup;
 }
-- 
cgit v1.2.3-55-g6feb