mirror of
https://github.com/openssl/openssl.git
synced 2025-01-30 14:01:55 +08:00
providers/implementations/keymgmt/rsa_kmgmt.c: refactor gen_init
There is risk to pass the gctx with NULL value to rsa_gen_set_params which dereference gctx directly. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17429)
This commit is contained in:
parent
6e98b7f153
commit
22778abad9
@ -454,19 +454,24 @@ static void *gen_init(void *provctx, int selection, int rsa_type,
|
||||
gctx->libctx = libctx;
|
||||
if ((gctx->pub_exp = BN_new()) == NULL
|
||||
|| !BN_set_word(gctx->pub_exp, RSA_F4)) {
|
||||
BN_free(gctx->pub_exp);
|
||||
OPENSSL_free(gctx);
|
||||
return NULL;
|
||||
goto err;
|
||||
}
|
||||
gctx->nbits = 2048;
|
||||
gctx->primes = RSA_DEFAULT_PRIME_NUM;
|
||||
gctx->rsa_type = rsa_type;
|
||||
} else {
|
||||
goto err;
|
||||
}
|
||||
if (!rsa_gen_set_params(gctx, params)) {
|
||||
OPENSSL_free(gctx);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (!rsa_gen_set_params(gctx, params))
|
||||
goto err;
|
||||
return gctx;
|
||||
|
||||
err:
|
||||
if (gctx != NULL)
|
||||
BN_free(gctx->pub_exp);
|
||||
OPENSSL_free(gctx);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
static void *rsa_gen_init(void *provctx, int selection,
|
||||
|
Loading…
Reference in New Issue
Block a user