From: Dr. Stephen Henson Date: Tue, 7 Mar 2000 01:03:33 +0000 (+0000) Subject: Fix the PKCS#8 DSA code so it works again. All the X-Git-Tag: OpenSSL_0_9_5a-beta1~90 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=48fe0eec67d2c3b000fe845fd9a8160f3564b5b7 Fix the PKCS#8 DSA code so it works again. All the broken formats worked but the valid didn't :-( --- diff --git a/CHANGES b/CHANGES index b55eaffba5..5dca9e0f4e 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.5 and 0.9.5a [XX XXX 2000] + *) Fix the PKCS#8 DSA private key code so it decodes keys again + and fix a memory leak. + [Steve Henson] + *) In util/mkerr.pl (which implements 'make errors'), preserve reason strings from the previous version of the .c file, as the default to have only downcase letters (and digits) in diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index d5e6f5880f..4ab091fa56 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -133,7 +133,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) * SEQUENCE {parameters, priv_key} * SEQUENCE {pub_key, priv_key} */ - + t1 = (ASN1_TYPE *)sk_value(ndsa, 0); t2 = (ASN1_TYPE *)sk_value(ndsa, 1); if(t1->type == V_ASN1_SEQUENCE) { @@ -152,7 +152,14 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) goto dsaerr; } privkey = t2->value.integer; - } else if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { + } else { + if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { + EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); + goto dsaerr; + } + param = p8->pkeyalg->parameter; + } + if (!param || (param->type != V_ASN1_SEQUENCE)) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } @@ -186,7 +193,8 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) EVP_PKEY_assign_DSA(pkey, dsa); BN_CTX_free (ctx); - sk_pop_free(ndsa, ASN1_TYPE_free); + if(ndsa) sk_pop_free(ndsa, ASN1_TYPE_free); + else ASN1_INTEGER_free(privkey); break; dsaerr: BN_CTX_free (ctx);