diff options
| -rw-r--r-- | crypto/asn1/i2d_pr.c | 32 | ||||
| -rw-r--r-- | crypto/store/store_result.c | 10 | ||||
| -rw-r--r-- | crypto/x509/x_pubkey.c | 14 |
3 files changed, 19 insertions, 37 deletions
diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c index e35781f4bd..80cfde9a22 100644 --- a/crypto/asn1/i2d_pr.c +++ b/crypto/asn1/i2d_pr.c @@ -8,6 +8,7 @@ */ #include <stdio.h> +#include <limits.h> #include "internal/cryptlib.h" #include <openssl/evp.h> #include <openssl/encoder.h> @@ -30,35 +31,20 @@ int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp) } return ret; } - if (a->keymgmt != NULL) { + if (evp_pkey_is_provided(a)) { + /* |*pp| is unbounded, so we need an upper limit */ + size_t length = INT_MAX; /* The private key includes everything */ int selection = OSSL_KEYMGMT_SELECT_ALL_PARAMETERS | OSSL_KEYMGMT_SELECT_KEYPAIR; - OSSL_ENCODER_CTX *ctx = - OSSL_ENCODER_CTX_new_by_EVP_PKEY(a, "DER", selection, NULL, NULL); - BIO *out = BIO_new(BIO_s_mem()); - BUF_MEM *buf = NULL; int ret = -1; + OSSL_ENCODER_CTX *ctx; - if (ctx != NULL - && out != NULL + if ((ctx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(a, "DER", selection, + NULL, NULL)) != NULL && OSSL_ENCODER_CTX_get_num_encoders(ctx) != 0 - && OSSL_ENCODER_to_bio(ctx, out) - && BIO_get_mem_ptr(out, &buf) > 0) { - ret = buf->length; - - if (pp != NULL) { - if (*pp == NULL) { - *pp = (unsigned char *)buf->data; - buf->length = 0; - buf->data = NULL; - } else { - memcpy(*pp, buf->data, ret); - *pp += ret; - } - } - } - BIO_free(out); + && OSSL_ENCODER_to_data(ctx, pp, &length)) + ret = (int)length; OSSL_ENCODER_CTX_free(ctx); return ret; } diff --git a/crypto/store/store_result.c b/crypto/store/store_result.c index 8ba4f8880c..200544d72d 100644 --- a/crypto/store/store_result.c +++ b/crypto/store/store_result.c @@ -251,21 +251,17 @@ static EVP_PKEY *try_key_value(struct extracted_param_data_st *data, { EVP_PKEY *pk = NULL; OSSL_DECODER_CTX *decoderctx = NULL; - BIO *membio = - BIO_new_mem_buf(data->octet_data, (int)data->octet_data_size); - - if (membio == NULL) - return 0; + const unsigned char *pdata = data->octet_data; + size_t pdatalen = data->octet_data_size; decoderctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pk, "DER", NULL, libctx, propq); (void)OSSL_DECODER_CTX_set_passphrase_cb(decoderctx, cb, cbarg); /* No error if this couldn't be decoded */ - (void)OSSL_DECODER_from_bio(decoderctx, membio); + (void)OSSL_DECODER_from_data(decoderctx, &pdata, &pdatalen); OSSL_DECODER_CTX_free(decoderctx); - BIO_free(membio); return pk; } diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index d63a33e301..bd6a65e1c5 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -98,25 +98,25 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) X509err(X509_F_X509_PUBKEY_SET, X509_R_METHOD_NOT_SUPPORTED); goto error; } - } else if (pkey->keymgmt != NULL) { + } else if (evp_pkey_is_provided(pkey)) { const OSSL_PROVIDER *pkprov = EVP_KEYMGMT_provider(pkey->keymgmt); OPENSSL_CTX *libctx = ossl_provider_library_context(pkprov); - BIO *bmem = BIO_new(BIO_s_mem()); + unsigned char *der = NULL; + size_t derlen = 0; int selection = (OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS); OSSL_ENCODER_CTX *ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, "DER", selection, libctx, NULL); - if (OSSL_ENCODER_to_bio(ectx, bmem)) { - const unsigned char *der = NULL; - long derlen = BIO_get_mem_data(bmem, (char **)&der); + if (OSSL_ENCODER_to_data(ectx, &der, &derlen)) { + const unsigned char *pder = der; - pk = d2i_X509_PUBKEY(NULL, &der, derlen); + pk = d2i_X509_PUBKEY(NULL, &pder, (long)derlen); } OSSL_ENCODER_CTX_free(ectx); - BIO_free(bmem); + OPENSSL_free(der); } if (pk == NULL) |