Missing RSA_free call in opensslrsa_verify2

If e == NULL then we should be freeing rsa. I don't believe that there is a path where we construct a rsa key without e and thereby trigger this path but marking confidential until that review is done. This was reported by Seth Arnold seth.arnold@canonical.com.

#if OPENSSL_VERSION_NUMBER < 0x30000000L
        rsa = EVP_PKEY_get1_RSA(pkey);
        if (rsa == NULL) {
                return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
        }
        RSA_get0_key(rsa, NULL, &e, NULL);
        if (e == NULL) {
                return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
        }
        bits = BN_num_bits(e);
        RSA_free(rsa);
#else

Edited Sep 21, 2022 by Mark Andrews

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information