Error check X509_ALGOR_set0() in {dsa,ec}_pkey_ctrl()

These are four versions of near identical code: PKCS#7 and CMS controls
for DSA and EC. The checks are rather incomplete and should probably be
merged somehow (see the Ed25519 version in ecx_methods(). For now, only
replace X509_ALGOR_set0() with its internal by_nid() version and, while
there, spell NULL correctly.

ok jca

diff --git a/lib/libcrypto/dsa/dsa_ameth.c b/lib/libcrypto/dsa/dsa_ameth.c
index 2fb8010..866e5ec 100644 (file)
--- a/lib/libcrypto/dsa/dsa_ameth.c
+++ b/lib/libcrypto/dsa/dsa_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_ameth.c,v 1.58 2024/04/13 13:57:54 tb Exp $ */
+/* $OpenBSD: dsa_ameth.c,v 1.59 2024/04/13 14:02:51 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -71,6 +71,7 @@
 #include "bn_local.h"
 #include "dsa_local.h"
 #include "evp_local.h"
+#include "x509_local.h"
 
 static int
 dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
@@ -636,8 +637,9 @@ dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
                                return -1;
                        if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
                                return -1;
-                       X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF,
-                           0);
+                       if (!X509_ALGOR_set0_by_nid(alg2, snid, V_ASN1_UNDEF,
+                           NULL))
+                               return -1;
                }
                return 1;
 
@@ -655,7 +657,9 @@ dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
                                return -1;
                        if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
                                return -1;
-                       X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+                       if (!X509_ALGOR_set0_by_nid(alg2, snid, V_ASN1_UNDEF,
+                           NULL))
+                               return -1;
                }
                return 1;
 

diff --git a/lib/libcrypto/ec/ec_ameth.c b/lib/libcrypto/ec/ec_ameth.c
index 7ca5b18..ebedab3 100644 (file)
--- a/lib/libcrypto/ec/ec_ameth.c
+++ b/lib/libcrypto/ec/ec_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_ameth.c,v 1.51 2024/01/04 17:01:26 tb Exp $ */
+/* $OpenBSD: ec_ameth.c,v 1.52 2024/04/13 14:02:51 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -69,6 +69,7 @@
 #include "asn1_local.h"
 #include "ec_local.h"
 #include "evp_local.h"
+#include "x509_local.h"
 
 #ifndef OPENSSL_NO_CMS
 static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
@@ -637,7 +638,9 @@ ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
                                return -1;
                        if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
                                return -1;
-                       X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+                       if (!X509_ALGOR_set0_by_nid(alg2, snid, V_ASN1_UNDEF,
+                           NULL))
+                           return -1;
                }
                return 1;
 
@@ -655,7 +658,9 @@ ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
                                return -1;
                        if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
                                return -1;
-                       X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+                       if (!X509_ALGOR_set0_by_nid(alg2, snid, V_ASN1_UNDEF,
+                           NULL))
+                           return -1;
                }
                return 1;