From: tb Date: Thu, 28 Dec 2023 22:10:33 +0000 (+0000) Subject: Rework pkey_dh_paramgen() X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=cb6b0a5e2bec6409da8e1668ede523e52bbdbeed;p=openbsd Rework pkey_dh_paramgen() Similar to pkey_rsa_paramgen() this function does some strange dances with the pkey_gencb and initialization plus missing error checks. Fix all that and use the idiom established in previous commits. ok jsing --- diff --git a/lib/libcrypto/dh/dh_pmeth.c b/lib/libcrypto/dh/dh_pmeth.c index 5a43acceffd..5b432144487 100644 --- a/lib/libcrypto/dh/dh_pmeth.c +++ b/lib/libcrypto/dh/dh_pmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_pmeth.c,v 1.14 2023/12/28 22:06:41 tb Exp $ */ +/* $OpenBSD: dh_pmeth.c,v 1.15 2023/12/28 22:10:33 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -189,25 +189,28 @@ out_of_range: static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { - DH *dh = NULL; + DH *dh; DH_PKEY_CTX *dctx = ctx->data; - BN_GENCB *pcb, cb; - int ret; + BN_GENCB *pcb = NULL; + BN_GENCB cb = {0}; + int ret = 0; - if (ctx->pkey_gencb) { + if ((dh = DH_new()) == NULL) + goto err; + if (ctx->pkey_gencb != NULL) { pcb = &cb; evp_pkey_set_cb_translate(pcb, ctx); - } else - pcb = NULL; - dh = DH_new(); - if (!dh) - return 0; - ret = DH_generate_parameters_ex(dh, dctx->prime_len, dctx->generator, - pcb); - if (ret) - EVP_PKEY_assign_DH(pkey, dh); - else - DH_free(dh); + } + if (!DH_generate_parameters_ex(dh, dctx->prime_len, dctx->generator, pcb)) + goto err; + if (!EVP_PKEY_assign_DH(pkey, dh)) + goto err; + dh = NULL; + + ret = 1; + err: + DH_free(dh); + return ret; }