Fix the PKCS#8 DSA code so it works again. All the

broken formats worked but the valid didn't :-(

Fix the PKCS#8 DSA code so it works again. All the
broken formats worked but the valid didn't :-(
48fe0eec · Dr. Stephen Henson · 4c4d87f9 · 48fe0eec · 48fe0eec
隐藏空白更改
内联并排

Showing with 15 addition and 3 deletion

CHANGES CHANGES +4 -0

crypto/evp/evp_pkey.c crypto/evp/evp_pkey.c +11 -3

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@

 Changes between 0.9.5 and 0.9.5a  [XX XXX 2000]

+  *) Fix the PKCS#8 DSA private key code so it decodes keys again
+     and fix a memory leak.
+     [Steve Henson]
+
  *) In util/mkerr.pl (which implements 'make errors'), preserve
     reason strings from the previous version of the .c file, as
     the default to have only downcase letters (and digits) in

--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -133,7 +133,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
 		     * SEQUENCE {parameters, priv_key}
 		     * SEQUENCE {pub_key, priv_key}
 		     */
-                     
+
 		    t1 = (ASN1_TYPE *)sk_value(ndsa, 0);
 		    t2 = (ASN1_TYPE *)sk_value(ndsa, 1);
 		    if(t1->type == V_ASN1_SEQUENCE) {
@@ -152,7 +152,14 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
 			goto dsaerr;
 		    }
 		    privkey = t2->value.integer;
-		} else if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
+		} else {
+			if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
+				EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
+				goto dsaerr;
+			}
+			param = p8->pkeyalg->parameter;
+		}
+		if (!param || (param->type != V_ASN1_SEQUENCE)) {
 			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
 			goto dsaerr;
 		}
@@ -186,7 +193,8 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)

 		EVP_PKEY_assign_DSA(pkey, dsa);
 		BN_CTX_free (ctx);
-		sk_pop_free(ndsa, ASN1_TYPE_free);
+		if(ndsa) sk_pop_free(ndsa, ASN1_TYPE_free);
+		else ASN1_INTEGER_free(privkey);
 		break;
 		dsaerr:
 		BN_CTX_free (ctx);