Reject excessively large primes in DH key generation.

[openssl.git] / engines / e_chil.c

diff --git a/engines/e_chil.c b/engines/e_chil.c
index 5dfab5134527611490b7da3070e6309d78910d88..d5e4cb67c44077349740c74ab61afa36aea56cb6 100644 (file)
--- a/engines/e_chil.c
+++ b/engines/e_chil.c
@@ -810,9 +810,17 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
 #  endif
 #  ifndef OPENSSL_NO_RSA
     rtmp = RSA_new_method(eng);
+    if (rtmp == NULL) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
     RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr);
     rtmp->e = BN_new();
     rtmp->n = BN_new();
+    if (rtmp->e == NULL || rtmp->n == NULL) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
     rtmp->flags |= RSA_FLAG_EXT_PKEY;
     MPI2BN(rtmp->e, e);
     MPI2BN(rtmp->n, n);
@@ -823,8 +831,14 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
         goto err;
     }
 
-    bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG));
-    bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG));
+    if (bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG)) == NULL) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG)) == NULL) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
     MPI2BN(rtmp->e, e);
     MPI2BN(rtmp->n, n);
 
@@ -923,7 +937,10 @@ static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         goto err;
     }
     /* Prepare the params */
-    bn_expand2(r, m->top);      /* Check for error !! */
+    if (bn_expand2(r, m->top) == NULL) {     /* Check for error !! */
+        HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
     BN2MPI(m_a, a);
     BN2MPI(m_p, p);
     BN2MPI(m_n, m);
@@ -989,7 +1006,10 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
         }
 
         /* Prepare the params */
-        bn_expand2(r, rsa->n->top); /* Check for error !! */
+        if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */
+            HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
         BN2MPI(m_a, I);
         MPI2BN(r, m_r);
 
@@ -1026,7 +1046,10 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
         }
 
         /* Prepare the params */
-        bn_expand2(r, rsa->n->top); /* Check for error !! */
+        if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */
+            HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
         BN2MPI(m_a, I);
         BN2MPI(m_p, rsa->p);
         BN2MPI(m_q, rsa->q);
@@ -1272,7 +1295,7 @@ static int hwcrhk_insert_card(const char *prompt_info,
     ui = UI_new_method(ui_method);
 
     if (ui) {
-        char answer;
+        char answer = '\0';
         char buf[BUFSIZ];
         /*
          * Despite what the documentation says wrong_info can be an empty