From f6b6cc33007e6d3d1d9d24955ba7783b71bb73c4 Mon Sep 17 00:00:00 2001 From: jsing Date: Wed, 11 Jan 2023 04:35:26 +0000 Subject: [PATCH] Simplify BIGNUM handling in dsa_builtin_keygen(). Rather than having complicated "attempt to reuse" dances, always allocate priv_key/pub_key, then free and assign on success. ok tb@ --- lib/libcrypto/dsa/dsa_key.c | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/lib/libcrypto/dsa/dsa_key.c b/lib/libcrypto/dsa/dsa_key.c index 051c8127811..890f991df9f 100644 --- a/lib/libcrypto/dsa/dsa_key.c +++ b/lib/libcrypto/dsa/dsa_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_key.c,v 1.32 2022/11/26 16:08:52 tb Exp $ */ +/* $OpenBSD: dsa_key.c,v 1.33 2023/01/11 04:35:26 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -82,39 +82,38 @@ DSA_generate_key(DSA *dsa) static int dsa_builtin_keygen(DSA *dsa) { - int ok = 0; - BN_CTX *ctx = NULL; BIGNUM *pub_key = NULL, *priv_key = NULL; + BN_CTX *ctx = NULL; + int ok = 0; - if ((ctx = BN_CTX_new()) == NULL) + if ((priv_key = BN_new()) == NULL) + goto err; + if ((pub_key = BN_new()) == NULL) goto err; - if ((priv_key = dsa->priv_key) == NULL) { - if ((priv_key = BN_new()) == NULL) - goto err; - } + if ((ctx = BN_CTX_new()) == NULL) + goto err; if (!bn_rand_interval(priv_key, BN_value_one(), dsa->q)) goto err; - - if ((pub_key = dsa->pub_key) == NULL) { - if ((pub_key = BN_new()) == NULL) - goto err; - } - if (!BN_mod_exp_ct(pub_key, dsa->g, priv_key, dsa->p, ctx)) goto err; + BN_free(dsa->priv_key); dsa->priv_key = priv_key; + priv_key = NULL; + + BN_free(dsa->pub_key); dsa->pub_key = pub_key; + pub_key = NULL; + ok = 1; err: - if (dsa->pub_key == NULL) - BN_free(pub_key); - if (dsa->priv_key == NULL) - BN_free(priv_key); + BN_free(pub_key); + BN_free(priv_key); BN_CTX_free(ctx); + return ok; } #endif -- 2.20.1