mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-04 00:25:29 +00:00
Code Issues Releases Wiki Activity

Correctly update pointers to pubkey and privkey

Browse Source 
The functions 'load_pubkey_from_engine()' and
'load_privkey_from_engine()' did not correctly store the pointers.

Update both functions to add 'EC_KEY_set_public_key()' and
'EC_KEY_set_private_key()' respectively, so that the pointers to
the public and private keys survive the "load from engine" functions.
This commit is contained in:
Matthijs Mekking
2020-11-30 12:28:11 +01:00
parent 370285a62d
commit 01239691a1
1 changed files with 20 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
lib/dns/opensslecdsa_link.c
View File

@@ -618,57 +618,67 @@ load_privkey_from_privstruct(EC_KEY *eckey, dst_private_t *priv) {
#if !defined(OPENSSL_NO_ENGINE) #if !defined(OPENSSL_NO_ENGINE)
static isc_result_t static isc_result_t
load_pubkey_from_engine(EC_KEY *eckey, const char *engine, const char *label) { load_pubkey_from_engine(EC_KEY *eckey, const char *engine, const char *label) {
EC_KEY *key;
ENGINE *ep;
EVP_PKEY *pubkey;
if (engine == NULL || label == NULL) { if (engine == NULL || label == NULL) {
return (DST_R_NOENGINE); return (DST_R_NOENGINE);
} }
ENGINE *ep = dst__openssl_getengine(engine); ep = dst__openssl_getengine(engine);
;
if (ep == NULL) { if (ep == NULL) {
return (DST_R_NOENGINE); return (DST_R_NOENGINE);
} }
EVP_PKEY *pubkey = ENGINE_load_public_key(ep, label, NULL, NULL); pubkey = ENGINE_load_public_key(ep, label, NULL, NULL);
if (pubkey == NULL) { if (pubkey == NULL) {
return (dst__openssl_toresult2("ENGINE_load_public_key", return (dst__openssl_toresult2("ENGINE_load_public_key",
ISC_R_NOTFOUND)); ISC_R_NOTFOUND));
} }
eckey = EVP_PKEY_get1_EC_KEY(pubkey); key = EVP_PKEY_get1_EC_KEY(pubkey);
EVP_PKEY_free(pubkey); EVP_PKEY_free(pubkey);
if (eckey == NULL) { if (key == NULL) {
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
} }
EC_KEY_set_public_key(eckey, EC_KEY_get0_public_key(key));
return (ISC_R_SUCCESS); return (ISC_R_SUCCESS);
} }
static isc_result_t static isc_result_t
load_privkey_from_engine(EC_KEY *eckey, const char *engine, const char *label) { load_privkey_from_engine(EC_KEY *eckey, const char *engine, const char *label) {
EC_KEY *key;
ENGINE *ep;
EVP_PKEY *privkey;
if (engine == NULL || label == NULL) { if (engine == NULL || label == NULL) {
return (DST_R_NOENGINE); return (DST_R_NOENGINE);
} }
ENGINE *ep = dst__openssl_getengine(engine); ep = dst__openssl_getengine(engine);
;
if (ep == NULL) { if (ep == NULL) {
return (DST_R_NOENGINE); return (DST_R_NOENGINE);
} }
EVP_PKEY *privkey = ENGINE_load_private_key(ep, label, NULL, NULL); privkey = ENGINE_load_private_key(ep, label, NULL, NULL);
if (privkey == NULL) { if (privkey == NULL) {
return (dst__openssl_toresult2("ENGINE_load_private_key", return (dst__openssl_toresult2("ENGINE_load_private_key",
ISC_R_NOTFOUND)); ISC_R_NOTFOUND));
} }
eckey = EVP_PKEY_get1_EC_KEY(privkey); key = EVP_PKEY_get1_EC_KEY(privkey);
EVP_PKEY_free(privkey); EVP_PKEY_free(privkey);
if (eckey == NULL) { if (key == NULL) {
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
} }
EC_KEY_set_private_key(eckey, EC_KEY_get0_private_key(key));
return (ISC_R_SUCCESS); return (ISC_R_SUCCESS);
} }
#else #else