More EVP_PKEY patches for new functionality.

diff --git a/apps/ca.c b/apps/ca.c
index a66c872443abb82e8eed186340f01e43a7fa6c37..7a142853973d5fe99cc0a0be786b911af8868373 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1228,6 +1228,7 @@ int verbose;
                goto err;
                }
        i=X509_REQ_verify(req,pktmp);
+       EVP_PKEY_free(pktmp);
        if (i < 0)
                {
                ok=0;
@@ -1297,6 +1298,7 @@ int verbose;
                goto err;
                }
        i=X509_verify(req,pktmp);
+       EVP_PKEY_free(pktmp);
        if (i < 0)
                {
                ok=0;
@@ -1651,7 +1653,9 @@ again2:
        if (!X509_set_subject_name(ret,subject)) goto err;
 
        pktmp=X509_REQ_get_pubkey(req);
-       if (!X509_set_pubkey(ret,pktmp)) goto err;
+       i = X509_set_pubkey(ret,pktmp);
+       EVP_PKEY_free(pktmp);
+       if (!i) goto err;
 
        /* Lets add the extensions, if there are any */
        if ((extensions != NULL) && (sk_num(extensions) > 0))
@@ -1701,6 +1705,7 @@ again2:
         if (EVP_PKEY_missing_parameters(pktmp) &&
                !EVP_PKEY_missing_parameters(pkey))
                EVP_PKEY_copy_parameters(pktmp,pkey);
+       EVP_PKEY_free(pktmp);
 #endif
 
        if (!X509_sign(ret,pkey,dgst))
@@ -1953,6 +1958,7 @@ int verbose;
        BIO_printf(bio_err,"Signature ok\n");
 
        X509_REQ_set_pubkey(req,pktmp);
+       EVP_PKEY_free(pktmp);
        ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,
                days,1,verbose,req,extensions);
 err:

diff --git a/apps/req.c b/apps/req.c
index 525995dd51a3e44ce298339844aee4e6ff0f3bad..1c07c3cdc0ff3de722a99fe8b7c4e082bf9551e0 100644 (file)
--- a/apps/req.c
+++ b/apps/req.c
@@ -624,6 +624,7 @@ loop:
                        }
                if (x509)
                        {
+                       EVP_PKEY *tmppkey;
                        if ((x509ss=X509_new()) == NULL) goto end;
 
                        /* don't set the version number, for starters
@@ -639,7 +640,9 @@ loop:
                                (long)60*60*24*days);
                        X509_set_subject_name(x509ss,
                                X509_REQ_get_subject_name(req));
-                       X509_set_pubkey(x509ss,X509_REQ_get_pubkey(req));
+                       tmppkey = X509_REQ_get_pubkey(req);
+                       X509_set_pubkey(x509ss,tmppkey);
+                       EVP_PKEY_free(tmppkey);
 
                        if (!(i=X509_sign(x509ss,pkey,digest)))
                                goto end;

diff --git a/apps/x509.c b/apps/x509.c
index 71af49f7f53eee7a87f6415a181668af517e327a..58ccd939e7b89713aa6bb0e554b0940d94c1ed1d 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -402,7 +402,9 @@ bad:
                ci->key=req->req_info->pubkey;
                req->req_info->pubkey=NULL;
 #else
-               X509_set_pubkey(x,X509_REQ_get_pubkey(req));
+               pkey = X509_REQ_get_pubkey(req);
+               X509_set_pubkey(x,pkey);
+               EVP_PKEY_free(pkey);
 #endif
                }
        else
@@ -715,7 +717,9 @@ int days;
        X509_STORE_CTX xsc;
        EVP_PKEY *upkey;
 
-       EVP_PKEY_copy_parameters(X509_get_pubkey(xca),pkey);
+       upkey = X509_get_pubkey(xca);
+       EVP_PKEY_copy_parameters(upkey,pkey);
+       EVP_PKEY_free(upkey);
 
        X509_STORE_CTX_init(&xsc,ctx,x,NULL);
        buf=(char *)Malloc(EVP_PKEY_size(pkey)*2+
@@ -833,6 +837,7 @@ int days;
                /* Force a re-write */
                X509_set_pubkey(x,upkey);
                }
+       EVP_PKEY_free(upkey);
 
        if (!X509_sign(x,pkey,digest)) goto end;
        ret=1;
@@ -1033,8 +1038,12 @@ int days;
 EVP_MD *digest;
        {
 
-       EVP_PKEY_copy_parameters(X509_get_pubkey(x),pkey);
-       EVP_PKEY_save_parameters(X509_get_pubkey(x),1);
+       EVP_PKEY *pktmp;
+
+       pktmp = X509_get_pubkey(x);
+       EVP_PKEY_copy_parameters(pktmp,pkey);
+       EVP_PKEY_save_parameters(pktmp,1);
+       EVP_PKEY_free(pktmp);
 
        if (!X509_set_issuer_name(x,X509_get_subject_name(x))) goto err;
        if (X509_gmtime_adj(X509_get_notBefore(x),0) == NULL) goto err;

diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index ea6a65d2a198dc9ed01a5f7860d728eaa9fb2a4a..039a9f49f09fb07f1d05f513afbce239be7d48bb 100644 (file)
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -297,5 +297,6 @@ EVP_PKEY *k;
 
        ok=1;
 err:
+       EVP_PKEY_free(xk);
        return(ok);
        }

diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index 5004365bad4f53aacc81fd932b7fced944f4995b..ce699bfa8d8d24fbc6c58931273903bc0beef719 100644 (file)
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -74,6 +74,7 @@ EVP_MD *md;
        X509_REQ *ret;
        X509_REQ_INFO *ri;
        int i;
+       EVP_PKEY *pktmp;
 
        ret=X509_REQ_new();
        if (ret == NULL)
@@ -92,7 +93,9 @@ EVP_MD *md;
        if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x)))
                goto err;
 
-       i=X509_REQ_set_pubkey(ret,X509_get_pubkey(x));
+       pktmp = X509_get_pubkey(x);
+       i=X509_REQ_set_pubkey(ret,pktmp);
+       EVP_PKEY_free(pktmp);
        if (!i) goto err;
 
        if (pkey != NULL)