Fix the PKCS#8 DSA code so it works again. All the

broken formats worked but the valid didn't :-(

CHANGES

@@ -4,6 +4,10 @@
 
  Changes between 0.9.5 and 0.9.5a  [XX XXX 2000]
 
+  *) Fix the PKCS#8 DSA private key code so it decodes keys again
+     and fix a memory leak.
+     [Steve Henson]
+
   *) In util/mkerr.pl (which implements 'make errors'), preserve
      reason strings from the previous version of the .c file, as
      the default to have only downcase letters (and digits) in

crypto/evp/evp_pkey.c

@@ -133,7 +133,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
 		     * SEQUENCE {parameters, priv_key}
 		     * SEQUENCE {pub_key, priv_key}
 		     */
-                     
+
 		    t1 = (ASN1_TYPE *)sk_value(ndsa, 0);
 		    t2 = (ASN1_TYPE *)sk_value(ndsa, 1);
 		    if(t1->type == V_ASN1_SEQUENCE) {
@@ -152,7 +152,14 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
 			goto dsaerr;
 		    }
 		    privkey = t2->value.integer;
-		} else if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
+		} else {
+			if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
+				EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
+				goto dsaerr;
+			}
+			param = p8->pkeyalg->parameter;
+		}
+		if (!param || (param->type != V_ASN1_SEQUENCE)) {
 			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
 			goto dsaerr;
 		}
@@ -186,7 +193,8 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
 
 		EVP_PKEY_assign_DSA(pkey, dsa);
 		BN_CTX_free (ctx);
-		sk_pop_free(ndsa, ASN1_TYPE_free);
+		if(ndsa) sk_pop_free(ndsa, ASN1_TYPE_free);
+		else ASN1_INTEGER_free(privkey);
 		break;
 		dsaerr:
 		BN_CTX_free (ctx);