diff options
| author | Viktor Dukhovni <openssl-users@dukhovni.org> | 2015-12-13 02:51:44 -0500 |
|---|---|---|
| committer | Viktor Dukhovni <openssl-users@dukhovni.org> | 2015-12-13 20:13:49 -0500 |
| commit | 7eff6aa0d627c2bdbce0493bdb029e477a8caf1e (patch) | |
| tree | ec211202a6ba2bc4079bef4a9b5168d2d83a7f86 | |
| parent | b9749432346f69b29d82070041e71b237d718ce7 (diff) | |
| download | openssl-7eff6aa0d627c2bdbce0493bdb029e477a8caf1e.tar.gz | |
Avoid erroneous "assert(private)" failures.
When processing a public key input via "-pubin", "private" was
sometimes erroneously set, or else not set and incorrectly asserted.
Reviewed-by: Rich salz <rsalz@openssl.org>
| -rw-r--r-- | apps/dsa.c | 9 | ||||
| -rw-r--r-- | apps/ec.c | 4 | ||||
| -rw-r--r-- | apps/pkey.c | 10 | ||||
| -rw-r--r-- | apps/rsa.c | 16 |
4 files changed, 26 insertions, 13 deletions
diff --git a/apps/dsa.c b/apps/dsa.c index 9dcc75e88a..992d4e4ff9 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -194,7 +194,7 @@ int dsa_main(int argc, char **argv) argc = opt_num_rest(); argv = opt_rest(); private = pubin || pubout ? 0 : 1; - if (text) + if (text && !pubin) private = 1; if (!app_passwd(passinarg, passoutarg, &passin, &passout)) { @@ -227,7 +227,7 @@ int dsa_main(int argc, char **argv) goto end; if (text) { - assert(private); + assert(pubin || private); if (!DSA_print(out, dsa, 0)) { perror(outfile); ERR_print_errors(bio_err); @@ -267,6 +267,11 @@ int dsa_main(int argc, char **argv) pk = EVP_PKEY_new(); EVP_PKEY_set1_DSA(pk, dsa); if (outformat == FORMAT_PVK) { + if (pubin) { + BIO_printf(bio_err, "PVK form impossible with public key input\n"); + EVP_PKEY_free(pk); + goto end; + } assert(private); i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout); } @@ -194,7 +194,7 @@ int ec_main(int argc, char **argv) argc = opt_num_rest(); argv = opt_rest(); private = param_out || pubin || pubout ? 0 : 1; - if (text) + if (text && !pubin) private = 1; if (!app_passwd(passinarg, passoutarg, &passin, &passout)) { @@ -237,7 +237,7 @@ int ec_main(int argc, char **argv) EC_KEY_set_asn1_flag(eckey, asn1_flag); if (text) { - assert(private); + assert(pubin || private); if (!EC_KEY_print(out, eckey, 0)) { perror(outfile); ERR_print_errors(bio_err); diff --git a/apps/pkey.c b/apps/pkey.c index 694cdd12c7..40db6f57f9 100644 --- a/apps/pkey.c +++ b/apps/pkey.c @@ -182,18 +182,20 @@ int pkey_main(int argc, char **argv) if (!noout) { if (outformat == FORMAT_PEM) { - assert(private); if (pubout) PEM_write_bio_PUBKEY(out, pkey); - else + else { + assert(private); PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0, NULL, passout); + } } else if (outformat == FORMAT_ASN1) { - assert(private); if (pubout) i2d_PUBKEY_bio(out, pkey); - else + else { + assert(private); i2d_PrivateKey_bio(out, pkey); + } } else { BIO_printf(bio_err, "Bad format specified for key\n"); goto end; diff --git a/apps/rsa.c b/apps/rsa.c index 0640ba4fad..cafa6f4617 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -250,7 +250,7 @@ int rsa_main(int argc, char **argv) } argc = opt_num_rest(); argv = opt_rest(); - private = text || (!pubout && !noout) ? 1 : 0; + private = (text && !pubin) || (!pubout && !noout) ? 1 : 0; if (!app_passwd(passinarg, passoutarg, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); @@ -293,7 +293,7 @@ int rsa_main(int argc, char **argv) goto end; if (text) { - assert(private); + assert(pubin || private); if (!RSA_print(out, rsa, 0)) { perror(outfile); ERR_print_errors(bio_err); @@ -364,11 +364,17 @@ int rsa_main(int argc, char **argv) EVP_PKEY *pk; pk = EVP_PKEY_new(); EVP_PKEY_set1_RSA(pk, rsa); - if (outformat == FORMAT_PVK) + if (outformat == FORMAT_PVK) { + if (pubin) { + BIO_printf(bio_err, "PVK form impossible with public key input\n"); + EVP_PKEY_free(pk); + goto end; + } + assert(private); i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout); - else if (pubin || pubout) + } else if (pubin || pubout) { i = i2b_PublicKey_bio(out, pk); - else { + } else { assert(private); i = i2b_PrivateKey_bio(out, pk); } |