leviathan
/
openssl
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Pass correct maximum output length to provider derive operation

Browse Source 
And improve error checking in EVP_PKEY_derive* calls.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13869)
master
Tomas Mraz 2 years ago committed by Tomas Mraz
parent 3d46c81a7d
commit 6d9a54c6e6
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File

16
crypto/evp/exchange.c
Unescape Escape View File

@ -183,7 +183,7 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
const char *supported_exch = NULL;
if (ctx == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
return -2;
}
@ -318,8 +318,8 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
void *provkey = NULL;
if (ctx == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
return -2;
ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
return -1;
}
if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx) || ctx->op.kex.exchprovctx == NULL)
@ -413,9 +413,9 @@ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
{
int ret;
if (ctx == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
return -2;
if (ctx == NULL || pkeylen == NULL) {
ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
return -1;
}
if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
@ -427,11 +427,11 @@ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
goto legacy;
ret = ctx->op.kex.exchange->derive(ctx->op.kex.exchprovctx, key, pkeylen,
SIZE_MAX);
key != NULL ? *pkeylen : 0);
return ret;
legacy:
if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
if (ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
return -2;
}

2
providers/fips/self_test_kats.c
Unescape Escape View File

@ -361,7 +361,7 @@ static int self_test_ka(const ST_KAT_KAS *t,
OSSL_PARAM *params = NULL;
OSSL_PARAM *params_peer = NULL;
unsigned char secret[256];
size_t secret_len;
size_t secret_len = sizeof(secret);
OSSL_PARAM_BLD *bld = NULL;
BN_CTX *bnctx = NULL;

Write Preview
Loading…
Cancel
Save