X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fec%2Fec_asn1.c;h=36dcb969c44b23a7075141e20963bdff467d6e9c;hp=6ff94a356362e99d755efef3935f523377b23cdf;hb=2ace745022f5af0709297e96eb0b0829c87c4291;hpb=535bc8faf69dc4ff39e2ee99195b268cf99b9569

diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 6ff94a3563..36dcb969c4 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -317,10 +317,8 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field)
         return 0;
 
     /* clear the old values (if necessary) */
-    if (field->fieldType != NULL)
-        ASN1_OBJECT_free(field->fieldType);
-    if (field->p.other != NULL)
-        ASN1_TYPE_free(field->p.other);
+    ASN1_OBJECT_free(field->fieldType);
+    ASN1_TYPE_free(field->p.other);
 
     nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
     /* set OID for the field */
@@ -499,8 +497,8 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
     }
 
     /* set a and b */
-    if (!M_ASN1_OCTET_STRING_set(curve->a, a_buf, len_1) ||
-        !M_ASN1_OCTET_STRING_set(curve->b, b_buf, len_2)) {
+    if (!ASN1_OCTET_STRING_set(curve->a, a_buf, len_1) ||
+        !ASN1_OCTET_STRING_set(curve->b, b_buf, len_2)) {
         ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
         goto err;
     }
@@ -520,10 +518,8 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
             goto err;
         }
     } else {
-        if (curve->seed) {
-            ASN1_BIT_STRING_free(curve->seed);
-            curve->seed = NULL;
-        }
+        ASN1_BIT_STRING_free(curve->seed);
+        curve->seed = NULL;
     }
 
     ok = 1;
@@ -654,7 +650,7 @@ ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group,
             return NULL;
         }
     } else {
-        if (ret->type == 0 && ret->value.named_curve)
+        if (ret->type == 0)
             ASN1_OBJECT_free(ret->value.named_curve);
         else if (ret->type == 1 && ret->value.parameters)
             ECPARAMETERS_free(ret->value.parameters);
@@ -911,9 +907,9 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
 
     ok = 1;
 
- err:if (!ok) {
-        if (ret)
-            EC_GROUP_clear_free(ret);
+ err:
+    if (!ok) {
+        EC_GROUP_clear_free(ret);
         ret = NULL;
     }
 
@@ -923,8 +919,7 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
         BN_free(a);
     if (b)
         BN_free(b);
-    if (point)
-        EC_POINT_free(point);
+    EC_POINT_free(point);
     return (ret);
 }
 
@@ -983,10 +978,10 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
         return NULL;
     }
 
-    if (a && *a)
+    if (a) {
         EC_GROUP_clear_free(*a);
-    if (a)
         *a = group;
+    }
 
     ECPKPARAMETERS_free(params);
     return (group);
@@ -1031,8 +1026,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
         ret = *a;
 
     if (priv_key->parameters) {
-        if (ret->group)
-            EC_GROUP_clear_free(ret->group);
+        EC_GROUP_clear_free(ret->group);
         ret->group = ec_asn1_pkparameters2group(priv_key->parameters);
     }
 
@@ -1044,8 +1038,8 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
     ret->version = priv_key->version;
 
     if (priv_key->privateKey) {
-        ret->priv_key = BN_bin2bn(M_ASN1_STRING_data(priv_key->privateKey),
-                                  M_ASN1_STRING_length(priv_key->privateKey),
+        ret->priv_key = BN_bin2bn(ASN1_STRING_data(priv_key->privateKey),
+                                  ASN1_STRING_length(priv_key->privateKey),
                                   ret->priv_key);
         if (ret->priv_key == NULL) {
             ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_BN_LIB);
@@ -1056,8 +1050,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
         goto err;
     }
 
-    if (ret->pub_key)
-        EC_POINT_clear_free(ret->pub_key);
+    EC_POINT_clear_free(ret->pub_key);
     ret->pub_key = EC_POINT_new(ret->group);
     if (ret->pub_key == NULL) {
         ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
@@ -1068,8 +1061,8 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
         const unsigned char *pub_oct;
         int pub_oct_len;
 
-        pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
-        pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
+        pub_oct = ASN1_STRING_data(priv_key->publicKey);
+        pub_oct_len = ASN1_STRING_length(priv_key->publicKey);
         /*
          * The first byte - point conversion form - must be present.
          */
@@ -1099,7 +1092,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
     ok = 1;
  err:
     if (!ok) {
-        if (ret && (a == NULL || *a != ret))
+        if (a == NULL || *a != ret)
             EC_KEY_free(ret);
         ret = NULL;
     }
@@ -1114,7 +1107,7 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
 {
     int ret = 0, ok = 0;
     unsigned char *buffer = NULL;
-    size_t buf_len = 0, tmp_len;
+    size_t buf_len = 0, tmp_len, bn_len;
     EC_PRIVATEKEY *priv_key = NULL;
 
     if (a == NULL || a->group == NULL || a->priv_key == NULL ||
@@ -1130,19 +1123,33 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
 
     priv_key->version = a->version;
 
-    buf_len = (size_t)BN_num_bytes(a->priv_key);
+    bn_len = (size_t)BN_num_bytes(a->priv_key);
+
+    /* Octetstring may need leading zeros if BN is to short */
+
+    buf_len = (EC_GROUP_get_degree(a->group) + 7) / 8;
+
+    if (bn_len > buf_len) {
+        ECerr(EC_F_I2D_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL);
+        goto err;
+    }
+
     buffer = OPENSSL_malloc(buf_len);
     if (buffer == NULL) {
         ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
         goto err;
     }
 
-    if (!BN_bn2bin(a->priv_key, buffer)) {
+    if (!BN_bn2bin(a->priv_key, buffer + buf_len - bn_len)) {
         ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
         goto err;
     }
 
-    if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) {
+    if (buf_len - bn_len > 0) {
+        memset(buffer, 0, buf_len - bn_len);
+    }
+
+    if (!ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) {
         ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
         goto err;
     }
@@ -1157,7 +1164,7 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
     }
 
     if (!(a->enc_flag & EC_PKEY_NO_PUBKEY)) {
-        priv_key->publicKey = M_ASN1_BIT_STRING_new();
+        priv_key->publicKey = ASN1_BIT_STRING_new();
         if (priv_key->publicKey == NULL) {
             ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
             goto err;
@@ -1184,7 +1191,7 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
 
         priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
         priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-        if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) {
+        if (!ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) {
             ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
             goto err;
         }
@@ -1226,16 +1233,19 @@ EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len)
             ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
             return NULL;
         }
-        if (a)
-            *a = ret;
     } else
         ret = *a;
 
     if (!d2i_ECPKParameters(&ret->group, in, len)) {
         ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
+        if (a == NULL || *a != ret)
+             EC_KEY_free(ret);
         return NULL;
     }
 
+    if (a)
+        *a = ret;
+
     return ret;
 }