X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fasn1%2Fx_pubkey.c;h=13c753aff30e1b54625d759e7e51d15116eb7d7c;hb=458c29175ec2a7e9a76792fdf7324a20e04fdf08;hp=9fea31a8a5b5e6291e92c60be7c8098b79760a02;hpb=d0561b5c2da1404f542743054c2fa45affce7042;p=oweals%2Fopenssl.git diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index 9fea31a8a5..13c753aff3 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -85,7 +85,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) X509_PUBKEY *pk; X509_ALGOR *a; ASN1_OBJECT *o; - unsigned char *s,*p; + unsigned char *s,*p = NULL; int i; if (x == NULL) return(0); @@ -119,7 +119,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) dsa->write_params=0; ASN1_TYPE_free(a->parameter); i=i2d_DSAparams(dsa,NULL); - p=(unsigned char *)OPENSSL_malloc(i); + if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err; pp=p; i2d_DSAparams(dsa,&pp); a->parameter=ASN1_TYPE_new(); @@ -132,43 +132,55 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) #ifndef OPENSSL_NO_ECDSA else if (pkey->type == EVP_PKEY_ECDSA) { + int nid=0; unsigned char *pp; ECDSA *ecdsa; ecdsa = pkey->pkey.ecdsa; ASN1_TYPE_free(a->parameter); - if ((i = i2d_ECDSAParameters(ecdsa, NULL)) == 0) - { - X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB); - goto err; - } - if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) - { - X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE); - goto err; - } - pp = p; - if (!i2d_ECDSAParameters(ecdsa, &pp)) - { - X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB); - OPENSSL_free(p); - goto err; - } + if ((a->parameter = ASN1_TYPE_new()) == NULL) { X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB); - OPENSSL_free(p); goto err; } - a->parameter->type = V_ASN1_SEQUENCE; - if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL) + + if ((EC_GROUP_get_asn1_flag(ecdsa->group) & OPENSSL_EC_NAMED_CURVE) + && (nid = EC_GROUP_get_nid(ecdsa->group))) { - X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB); + /* just set the OID */ + a->parameter->type = V_ASN1_OBJECT; + a->parameter->value.object = OBJ_nid2obj(nid); + } + else /* explicit parameters */ + { + if ((i = i2d_ECDSAParameters(ecdsa, NULL)) == 0) + { + X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB); + goto err; + } + if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) + { + X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE); + goto err; + } + pp = p; + if (!i2d_ECDSAParameters(ecdsa, &pp)) + { + X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB); + OPENSSL_free(p); + goto err; + } + a->parameter->type = V_ASN1_SEQUENCE; + if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL) + { + X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB); + OPENSSL_free(p); + goto err; + } + ASN1_STRING_set(a->parameter->value.sequence, p, i); OPENSSL_free(p); - goto err; } - ASN1_STRING_set(a->parameter->value.sequence, p, i); - OPENSSL_free(p); } #endif else if (1) @@ -178,7 +190,11 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) } if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err; - if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) goto err; + if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) + { + X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); + goto err; + } p=s; i2d_PublicKey(pkey,&p); if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err; @@ -266,6 +282,9 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) { if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) { + /* type == V_ASN1_SEQUENCE => we have explicit parameters + * (e.g. parameters in the X9_62_EC_PARAMETERS-structure ) + */ if ((ret->pkey.ecdsa= ECDSA_new()) == NULL) { X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); @@ -279,6 +298,24 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) goto err; } } + else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT)) + { + /* type == V_ASN1_OBJECT => the parameters are given + * by an asn1 OID + */ + ECDSA *ecdsa; + if (ret->pkey.ecdsa == NULL) + ret->pkey.ecdsa = ECDSA_new(); + ecdsa = ret->pkey.ecdsa; + if (ecdsa->group) + EC_GROUP_free(ecdsa->group); + if ((ecdsa->group = EC_GROUP_new_by_name( + OBJ_obj2nid(a->parameter->value.object))) == NULL) + goto err; + EC_GROUP_set_asn1_flag(ecdsa->group, OPENSSL_EC_NAMED_CURVE | + (EC_GROUP_get_asn1_flag(ecdsa->group) & ~0x03)); + } + /* the case implicitlyCA is currently not implemented */ ret->save_parameters = 1; } #endif