diff options
author | lan1120 <lanming@huawei.com> | 2023-12-13 19:02:29 +0800 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-01-16 11:29:50 +0100 |
commit | 9ff970674b296f6b53f41e77d81beac7e8526cac (patch) | |
tree | b914dc79a7e49b81d0beab7e4e01f242203d1ce7 | |
parent | fc82a8f086470e00e6119a820c617337ed7de0e9 (diff) |
Check whether the pubkey exists in ossl_ecx_key_dup
Signed-off-by: lan1120 <lanming@huawei.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22984)
(cherry picked from commit aac531e5daa2edec5d47e702a7f115cf77fe07f9)
-rw-r--r-- | crypto/ec/ecx_backend.c | 7 | ||||
-rw-r--r-- | test/evp_pkey_provided_test.c | 6 |
2 files changed, 11 insertions, 2 deletions
diff --git a/crypto/ec/ecx_backend.c b/crypto/ec/ecx_backend.c index 2ab7611be9..142569aba4 100644 --- a/crypto/ec/ecx_backend.c +++ b/crypto/ec/ecx_backend.c @@ -122,7 +122,7 @@ ECX_KEY *ossl_ecx_key_dup(const ECX_KEY *key, int selection) } ret->libctx = key->libctx; - ret->haspubkey = key->haspubkey; + ret->haspubkey = 0; ret->keylen = key->keylen; ret->type = key->type; ret->references = 1; @@ -133,8 +133,11 @@ ECX_KEY *ossl_ecx_key_dup(const ECX_KEY *key, int selection) goto err; } - if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0 + && key->haspubkey == 1) { memcpy(ret->pubkey, key->pubkey, sizeof(ret->pubkey)); + ret->haspubkey = 1; + } if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0 && key->privkey != NULL) { diff --git a/test/evp_pkey_provided_test.c b/test/evp_pkey_provided_test.c index 3f490954ab..1f42959529 100644 --- a/test/evp_pkey_provided_test.c +++ b/test/evp_pkey_provided_test.c @@ -1130,6 +1130,12 @@ static int test_fromdata_ecx(int tst) /* This should succeed because there are no parameters to copy */ || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk))) goto err; + if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, copy_pk, NULL)) + /* This should fail because copy_pk has no pubkey */ + || !TEST_int_le(EVP_PKEY_public_check(ctx2), 0)) + goto err; + EVP_PKEY_CTX_free(ctx2); + ctx2 = NULL; EVP_PKEY_free(copy_pk); copy_pk = NULL; |