Fix ASN1 bug when decoding OTHER type.

Various S/MIME DSA related fixes.

5 files changed, 26 insertions, 4 deletions

diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index 7237f7e93c..bd0a7d50a2 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -611,8 +611,13 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl
 	} else if(ret == -1) return -1;
 	/* SEQUENCE, SET and "OTHER" are left in encoded form */
 	if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
+		/* Clear context cache for type OTHER because the auto clear when
+		 * we have a exact match wont work
+		 */
+		if(utype == V_ASN1_OTHER) {
+			asn1_tlc_clear(ctx);
 		/* SEQUENCE and SET must be constructed */
-		if((utype != V_ASN1_OTHER) && !cst) {
+		} else if(!cst) {
 			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED);
 			return 0;
 		}
@@ -899,7 +904,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *i
 			}
 		}
 	}
-		
+
 	if(i & 0x80) {
 		ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
 		asn1_tlc_clear(ctx);
diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index c4a849aff1..9f28daf781 100644
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -198,7 +198,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
 	a=key->algor;
 	if (ret->type == EVP_PKEY_DSA)
 		{
-		if (a->parameter->type == V_ASN1_SEQUENCE)
+		if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
 			{
 			ret->pkey.dsa->write_params=0;
 			cp=p=a->parameter->value.sequence->data;
diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
index 739cef1cb7..58cf7b5c76 100644
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -229,6 +229,7 @@ DH *DSA_dup_DH(const DSA *r);
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+void ERR_load_DSA_strings(void);
 
 /* Error codes for the DSA functions. */
 
@@ -250,9 +251,9 @@ DH *DSA_dup_DH(const DSA *r);
 
 /* Reason codes. */
 #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
+#define DSA_R_MISSING_PARAMETERS			 101
 
 #ifdef  __cplusplus
 }
 #endif
 #endif
-
diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c
index 9f28db69ed..2956c36d63 100644
--- a/crypto/dsa/dsa_err.c
+++ b/crypto/dsa/dsa_err.c
@@ -86,6 +86,7 @@ static ERR_STRING_DATA DSA_str_functs[]=
 static ERR_STRING_DATA DSA_str_reasons[]=
 	{
 {DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
+{DSA_R_MISSING_PARAMETERS                ,"missing parameters"},
 {0,NULL}
 	};
 
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index 7346817337..f91a3a9959 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -106,6 +106,11 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	int i,reason=ERR_R_BN_LIB;
 	DSA_SIG *ret=NULL;
 
+	if (!dsa->p || !dsa->q || !dsa->g)
+		{
+		reason=DSA_R_MISSING_PARAMETERS;
+		goto err;
+		}
 	BN_init(&m);
 	BN_init(&xr);
 	s=BN_new();
@@ -168,6 +173,11 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	BIGNUM k,*kinv=NULL,*r=NULL;
 	int ret=0;
 
+	if (!dsa->p || !dsa->q || !dsa->g)
+		{
+		DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
+		return 0;
+		}
 	if (ctx_in == NULL)
 		{
 		if ((ctx=BN_CTX_new()) == NULL) goto err;
@@ -225,6 +235,11 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 	BIGNUM u1,u2,t1;
 	BN_MONT_CTX *mont=NULL;
 	int ret = -1;
+	if (!dsa->p || !dsa->q || !dsa->g)
+		{
+		DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MISSING_PARAMETERS);
+		return -1;
+		}
 
 	if ((ctx=BN_CTX_new()) == NULL) goto err;
 	BN_init(&u1);