return 0;
/* clear the old values (if necessary) */
- if (field->fieldType != NULL)
- ASN1_OBJECT_free(field->fieldType);
- if (field->p.other != NULL)
- ASN1_TYPE_free(field->p.other);
+ ASN1_OBJECT_free(field->fieldType);
+ ASN1_TYPE_free(field->p.other);
nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
/* set OID for the field */
ok = 1;
- err:if (tmp)
- BN_free(tmp);
+ err:
+ BN_free(tmp);
return (ok);
}
}
/* set a and b */
- if (!M_ASN1_OCTET_STRING_set(curve->a, a_buf, len_1) ||
- !M_ASN1_OCTET_STRING_set(curve->b, b_buf, len_2)) {
+ if (!ASN1_OCTET_STRING_set(curve->a, a_buf, len_1) ||
+ !ASN1_OCTET_STRING_set(curve->b, b_buf, len_2)) {
ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
goto err;
}
goto err;
}
} else {
- if (curve->seed) {
- ASN1_BIT_STRING_free(curve->seed);
- curve->seed = NULL;
- }
+ ASN1_BIT_STRING_free(curve->seed);
+ curve->seed = NULL;
}
ok = 1;
- err:if (buffer_1)
- OPENSSL_free(buffer_1);
- if (buffer_2)
- OPENSSL_free(buffer_2);
- if (tmp_1)
- BN_free(tmp_1);
- if (tmp_2)
- BN_free(tmp_2);
+ err:
+ OPENSSL_free(buffer_1);
+ OPENSSL_free(buffer_2);
+ BN_free(tmp_1);
+ BN_free(tmp_2);
return (ok);
}
static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group,
ECPARAMETERS *param)
{
- int ok = 0;
size_t len = 0;
ECPARAMETERS *ret = NULL;
BIGNUM *tmp = NULL;
}
}
- ok = 1;
+ return ret;
- err:if (!ok) {
- if (ret && !param)
- ECPARAMETERS_free(ret);
- ret = NULL;
- }
- if (tmp)
- BN_free(tmp);
- if (buffer)
- OPENSSL_free(buffer);
- return (ret);
+ err:
+ if (!param)
+ ECPARAMETERS_free(ret);
+ BN_free(tmp);
+ OPENSSL_free(buffer);
+ return NULL;
}
ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group,
return NULL;
}
} else {
- if (ret->type == 0 && ret->value.named_curve)
+ if (ret->type == 0)
ASN1_OBJECT_free(ret->value.named_curve);
else if (ret->type == 1 && ret->value.parameters)
ECPARAMETERS_free(ret->value.parameters);
/* extract seed (optional) */
if (params->curve->seed != NULL) {
- if (ret->seed != NULL)
- OPENSSL_free(ret->seed);
- if (!(ret->seed = OPENSSL_malloc(params->curve->seed->length))) {
+ OPENSSL_free(ret->seed);
+ if ((ret->seed = OPENSSL_malloc(params->curve->seed->length)) == NULL) {
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
goto err;
}
/* extract the cofactor (optional) */
if (params->cofactor == NULL) {
- if (b) {
- BN_free(b);
- b = NULL;
- }
+ BN_free(b);
+ b = NULL;
} else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) {
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
goto err;
ok = 1;
- err:if (!ok) {
- if (ret)
- EC_GROUP_clear_free(ret);
+ err:
+ if (!ok) {
+ EC_GROUP_clear_free(ret);
ret = NULL;
}
- if (p)
- BN_free(p);
- if (a)
- BN_free(a);
- if (b)
- BN_free(b);
- if (point)
- EC_POINT_free(point);
+ BN_free(p);
+ BN_free(a);
+ BN_free(b);
+ EC_POINT_free(point);
return (ret);
}
return NULL;
}
- if (a && *a)
+ if (a) {
EC_GROUP_clear_free(*a);
- if (a)
*a = group;
+ }
ECPKPARAMETERS_free(params);
return (group);
EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
{
- int ok = 0;
EC_KEY *ret = NULL;
EC_PRIVATEKEY *priv_key = NULL;
ret = *a;
if (priv_key->parameters) {
- if (ret->group)
- EC_GROUP_clear_free(ret->group);
+ EC_GROUP_clear_free(ret->group);
ret->group = ec_asn1_pkparameters2group(priv_key->parameters);
}
ret->version = priv_key->version;
if (priv_key->privateKey) {
- ret->priv_key = BN_bin2bn(M_ASN1_STRING_data(priv_key->privateKey),
- M_ASN1_STRING_length(priv_key->privateKey),
+ ret->priv_key = BN_bin2bn(ASN1_STRING_data(priv_key->privateKey),
+ ASN1_STRING_length(priv_key->privateKey),
ret->priv_key);
if (ret->priv_key == NULL) {
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_BN_LIB);
goto err;
}
- if (ret->pub_key)
- EC_POINT_clear_free(ret->pub_key);
+ EC_POINT_clear_free(ret->pub_key);
ret->pub_key = EC_POINT_new(ret->group);
if (ret->pub_key == NULL) {
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
const unsigned char *pub_oct;
int pub_oct_len;
- pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
- pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
+ pub_oct = ASN1_STRING_data(priv_key->publicKey);
+ pub_oct_len = ASN1_STRING_length(priv_key->publicKey);
/*
* The first byte - point conversion form - must be present.
*/
if (a)
*a = ret;
- ok = 1;
- err:
- if (!ok) {
- if (ret && (a == NULL || *a != ret))
- EC_KEY_free(ret);
- ret = NULL;
- }
-
- if (priv_key)
- EC_PRIVATEKEY_free(priv_key);
-
+ EC_PRIVATEKEY_free(priv_key);
return (ret);
+
+ err:
+ if (a == NULL || *a != ret)
+ EC_KEY_free(ret);
+ EC_PRIVATEKEY_free(priv_key);
+ return NULL;
}
int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
{
int ret = 0, ok = 0;
unsigned char *buffer = NULL;
- size_t buf_len = 0, tmp_len;
+ size_t buf_len = 0, tmp_len, bn_len;
EC_PRIVATEKEY *priv_key = NULL;
if (a == NULL || a->group == NULL || a->priv_key == NULL ||
priv_key->version = a->version;
- buf_len = (size_t)BN_num_bytes(a->priv_key);
+ bn_len = (size_t)BN_num_bytes(a->priv_key);
+
+ /* Octetstring may need leading zeros if BN is to short */
+
+ buf_len = (EC_GROUP_get_degree(a->group) + 7) / 8;
+
+ if (bn_len > buf_len) {
+ ECerr(EC_F_I2D_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL);
+ goto err;
+ }
+
buffer = OPENSSL_malloc(buf_len);
if (buffer == NULL) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!BN_bn2bin(a->priv_key, buffer)) {
+ if (!BN_bn2bin(a->priv_key, buffer + buf_len - bn_len)) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
goto err;
}
- if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) {
+ if (buf_len - bn_len > 0) {
+ memset(buffer, 0, buf_len - bn_len);
+ }
+
+ if (!ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
goto err;
}
}
if (!(a->enc_flag & EC_PKEY_NO_PUBKEY)) {
- priv_key->publicKey = M_ASN1_BIT_STRING_new();
+ priv_key->publicKey = ASN1_BIT_STRING_new();
if (priv_key->publicKey == NULL) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
goto err;
priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
- if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) {
+ if (!ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
goto err;
}
}
ok = 1;
err:
- if (buffer)
- OPENSSL_free(buffer);
- if (priv_key)
- EC_PRIVATEKEY_free(priv_key);
+ OPENSSL_free(buffer);
+ EC_PRIVATEKEY_free(priv_key);
return (ok ? ret : 0);
}
ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
return NULL;
}
- if (a)
- *a = ret;
} else
ret = *a;
if (!d2i_ECPKParameters(&ret->group, in, len)) {
ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
+ if (a == NULL || *a != ret)
+ EC_KEY_free(ret);
return NULL;
}
+ if (a)
+ *a = ret;
+
return ret;
}