diff options
| author | Nicola Tuveri <nic.tuv@gmail.com> | 2020-06-29 00:53:46 +0300 |
|---|---|---|
| committer | Nicola Tuveri <nic.tuv@gmail.com> | 2020-07-06 19:15:36 +0300 |
| commit | e0137ca92b4abf65acde15b255ae58d7e76af22f (patch) | |
| tree | c12f559221429f52e08a5df2f6c167a1127aabcb /crypto/ec/ec_asn1.c | |
| parent | 8c330e1939d6b7db93a963116354ef80ca0babb3 (diff) | |
[EC][ASN1] Detect missing OID when serializing EC parameters and keys
The following built-in curves do not have an assigned OID:
- Oakley-EC2N-3
- Oakley-EC2N-4
In general we shouldn't assume that an OID is always available.
This commit detects such cases, raises an error and returns appropriate
return values so that the condition can be detected and correctly
handled by the callers, when serializing EC parameters or EC keys with
the default `ec_param_enc:named_curve`.
Fixes #12306
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12313)
Diffstat (limited to 'crypto/ec/ec_asn1.c')
| -rw-r--r-- | crypto/ec/ec_asn1.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index a53573cc92..654a12ad60 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -553,9 +553,16 @@ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, */ tmp = EC_GROUP_get_curve_name(group); if (tmp) { - ret->type = 0; - if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL) + ASN1_OBJECT *asn1obj = OBJ_nid2obj(tmp); + + if (asn1obj == NULL || OBJ_length(asn1obj) == 0) { + ASN1_OBJECT_free(asn1obj); + ECerr(EC_F_EC_GROUP_GET_ECPKPARAMETERS, EC_R_MISSING_OID); ok = 0; + } else { + ret->type = 0; + ret->value.named_curve = asn1obj; + } } else /* we don't know the nid => ERROR */ ok = 0; |