pullup:

1160.   [bug]           Generating Diffie-Hellman keys longer than 1024
                        bits could fail. [RT #2241]

diff --git a/CHANGES b/CHANGES
index f8de60ed5dea97125de0b7a9227f82c6eeebc8a1..bf7776042350eed4ea666e119da0302dab3e6f27 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+1160.  [bug]           Generating Diffie-Hellman keys longer than 1024
+                       bits could fail. [RT #2241]
+
 1156.  [port]          The configure test for strsep() incorrectly
                        succeeded on certain patched versions of
                        AIX 4.3.3. [RT #2190]

diff --git a/lib/dns/sec/dst/openssldh_link.c b/lib/dns/sec/dst/openssldh_link.c
index 88e4081eb3778813ae709be0af4b65c8b4110063..6e127e8d3219b07336341d9d42b871fbc07f86c7 100644 (file)
--- a/lib/dns/sec/dst/openssldh_link.c
+++ b/lib/dns/sec/dst/openssldh_link.c
@@ -19,7 +19,7 @@
 
 /*
  * Principal Author: Brian Wellington
- * $Id: openssldh_link.c,v 1.38 2001/07/10 04:01:16 bwelling Exp $
+ * $Id: openssldh_link.c,v 1.38.2.1 2001/12/12 17:05:18 marka Exp $
  */
 
 #ifdef OPENSSL
@@ -28,6 +28,7 @@
 
 #include <ctype.h>
 
+#include <isc/mem.h>
 #include <isc/string.h>
 #include <isc/util.h>
 
@@ -374,42 +375,60 @@ openssldh_fromdns(dst_key_t *key, isc_buffer_t *data) {
 
 static isc_result_t
 openssldh_tofile(const dst_key_t *key, const char *directory) {
-       int cnt = 0;
+       int i;
        DH *dh;
        dst_private_t priv;
-       unsigned char bufs[4][128];
+       unsigned char *bufs[4];
+       isc_result_t result;
 
        if (key->opaque == NULL)
                return (DST_R_NULLKEY);
 
        dh = (DH *) key->opaque;
 
-       priv.elements[cnt].tag = TAG_DH_PRIME;
-       priv.elements[cnt].length = BN_num_bytes(dh->p);
-       BN_bn2bin(dh->p, bufs[cnt]);
-       priv.elements[cnt].data = bufs[cnt];
-       cnt++;
-
-       priv.elements[cnt].tag = TAG_DH_GENERATOR;
-       priv.elements[cnt].length = BN_num_bytes(dh->g);
-       BN_bn2bin(dh->g, bufs[cnt]);
-       priv.elements[cnt].data = bufs[cnt];
-       cnt++;
-
-       priv.elements[cnt].tag = TAG_DH_PRIVATE;
-       priv.elements[cnt].length = BN_num_bytes(dh->priv_key);
-       BN_bn2bin(dh->priv_key, bufs[cnt]);
-       priv.elements[cnt].data = bufs[cnt];
-       cnt++;
-
-       priv.elements[cnt].tag = TAG_DH_PUBLIC;
-       priv.elements[cnt].length = BN_num_bytes(dh->pub_key);
-       BN_bn2bin(dh->pub_key, bufs[cnt]);
-       priv.elements[cnt].data = bufs[cnt];
-       cnt++;
-
-       priv.nelements = cnt;
-       return (dst__privstruct_writefile(key, &priv, directory));
+       for (i = 0; i < 4; i++) {
+               bufs[i] = isc_mem_get(key->mctx, BN_num_bytes(dh->p));
+               if (bufs[i] == NULL) {
+                       result = ISC_R_NOMEMORY;
+                       goto fail;
+               }
+       }
+
+        i = 0;
+
+       priv.elements[i].tag = TAG_DH_PRIME;
+       priv.elements[i].length = BN_num_bytes(dh->p);
+       BN_bn2bin(dh->p, bufs[i]);
+       priv.elements[i].data = bufs[i];
+       i++;
+
+       priv.elements[i].tag = TAG_DH_GENERATOR;
+       priv.elements[i].length = BN_num_bytes(dh->g);
+       BN_bn2bin(dh->g, bufs[i]);
+       priv.elements[i].data = bufs[i];
+       i++;
+
+       priv.elements[i].tag = TAG_DH_PRIVATE;
+       priv.elements[i].length = BN_num_bytes(dh->priv_key);
+       BN_bn2bin(dh->priv_key, bufs[i]);
+       priv.elements[i].data = bufs[i];
+       i++;
+
+       priv.elements[i].tag = TAG_DH_PUBLIC;
+       priv.elements[i].length = BN_num_bytes(dh->pub_key);
+       BN_bn2bin(dh->pub_key, bufs[i]);
+       priv.elements[i].data = bufs[i];
+       i++;
+
+       priv.nelements = i;
+       result = dst__privstruct_writefile(key, &priv, directory);
+ fail:
+       for (i = 0; i < 4; i++) {
+               if (bufs[i] == NULL)
+                       break;
+               isc_mem_put(key->mctx, bufs[i], BN_num_bytes(dh->p));
+       }
+       return (result);
 }
 
 static isc_result_t

diff --git a/lib/dns/sec/dst/opensslrsa_link.c b/lib/dns/sec/dst/opensslrsa_link.c
index dc1989139963e3f431ea65526f2e938213e0430c..e4cc4c188050a0f8f6aa5b27bec38d023db198be 100644 (file)
--- a/lib/dns/sec/dst/opensslrsa_link.c
+++ b/lib/dns/sec/dst/opensslrsa_link.c
@@ -17,7 +17,7 @@
 
 /*
  * Principal Author: Brian Wellington
- * $Id: opensslrsa_link.c,v 1.12.2.1 2001/11/06 20:44:26 gson Exp $
+ * $Id: opensslrsa_link.c,v 1.12.2.2 2001/12/12 17:05:20 marka Exp $
  */
 #ifdef OPENSSL
 
@@ -408,9 +408,11 @@ opensslrsa_tofile(const dst_key_t *key, const char *directory) {
        priv.nelements = i;
        result =  dst__privstruct_writefile(key, &priv, directory);
  fail:
-       for (i = 0; i < 8; i++)
-               if (bufs[i] != NULL)
-                       isc_mem_put(key->mctx, bufs[i], BN_num_bytes(rsa->n));
+       for (i = 0; i < 8; i++) {
+               if (bufs[i] == NULL)
+                       break;
+               isc_mem_put(key->mctx, bufs[i], BN_num_bytes(rsa->n));
+       }
        return (result);
 }