From 48fe0eec67d2c3b000fe845fd9a8160f3564b5b7 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 7 Mar 2000 01:03:33 +0000 Subject: [PATCH] Fix the PKCS#8 DSA code so it works again. All the broken formats worked but the valid didn't :-( --- CHANGES | 4 ++++ crypto/evp/evp_pkey.c | 14 +++++++++++--- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index b55eaffba..5dca9e0f4 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.5 and 0.9.5a [XX XXX 2000] + *) Fix the PKCS#8 DSA private key code so it decodes keys again + and fix a memory leak. + [Steve Henson] + *) In util/mkerr.pl (which implements 'make errors'), preserve reason strings from the previous version of the .c file, as the default to have only downcase letters (and digits) in diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index d5e6f5880..4ab091fa5 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -133,7 +133,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) * SEQUENCE {parameters, priv_key} * SEQUENCE {pub_key, priv_key} */ - + t1 = (ASN1_TYPE *)sk_value(ndsa, 0); t2 = (ASN1_TYPE *)sk_value(ndsa, 1); if(t1->type == V_ASN1_SEQUENCE) { @@ -152,7 +152,14 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) goto dsaerr; } privkey = t2->value.integer; - } else if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { + } else { + if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { + EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); + goto dsaerr; + } + param = p8->pkeyalg->parameter; + } + if (!param || (param->type != V_ASN1_SEQUENCE)) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } @@ -186,7 +193,8 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) EVP_PKEY_assign_DSA(pkey, dsa); BN_CTX_free (ctx); - sk_pop_free(ndsa, ASN1_TYPE_free); + if(ndsa) sk_pop_free(ndsa, ASN1_TYPE_free); + else ASN1_INTEGER_free(privkey); break; dsaerr: BN_CTX_free (ctx);