diff options
author | Yi Li <yi1.li@intel.com> | 2023-05-05 11:30:05 +0800 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-05-12 10:32:06 +0200 |
commit | 91070877adb905f51eb4b19b730d42fc257bae13 (patch) | |
tree | 2c05344c445d57646e4bf03d790c5674deaa88ac | |
parent | 9a271795f84eb5402ce1ecfbcfd21392ad1560d0 (diff) |
provider: return error if buf too small when getting ec pubkey param
Fixes #20889
There was an incorrect value passed to EC_POINT_point2oct() for the
buffer size of the param passed-in.
Added testcases.
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20890)
-rw-r--r-- | providers/implementations/keymgmt/ec_kmgmt.c | 2 | ||||
-rw-r--r-- | test/evp_extra_test.c | 22 |
2 files changed, 23 insertions, 1 deletions
diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index e79a50df42..d9c585cd3b 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -745,7 +745,7 @@ int common_get_params(void *key, OSSL_PARAM params[], int sm2) } p->return_size = EC_POINT_point2oct(ecg, ecp, POINT_CONVERSION_UNCOMPRESSED, - p->data, p->return_size, bnctx); + p->data, p->data_size, bnctx); if (p->return_size == 0) goto err; } diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 1141d52666..72a6305d89 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -900,6 +900,8 @@ static int test_EC_priv_pub(void) BIGNUM *priv = NULL; int ret = 0; unsigned char *encoded = NULL; + size_t len = 0; + unsigned char buffer[128]; /* * Setup the parameters for our pkey object. For our purposes they don't @@ -1019,6 +1021,26 @@ static int test_EC_priv_pub(void) goto err; } + /* Positive and negative testcase for EVP_PKEY_get_octet_string_param */ + if (!TEST_int_eq(EVP_PKEY_get_octet_string_param(params_and_pub, + OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, + buffer, sizeof(buffer), &len), 1) + || !TEST_int_eq(len, 65)) + goto err; + + len = 0; + if (!TEST_int_eq(EVP_PKEY_get_octet_string_param(params_and_pub, + OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, + NULL, 0, &len), 1) + || !TEST_int_eq(len, 65)) + goto err; + + /* too-short buffer len*/ + if (!TEST_int_eq(EVP_PKEY_get_octet_string_param(params_and_pub, + OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, + buffer, 10, &len), 0)) + goto err; + ret = 1; err: OSSL_PARAM_free(params); |