diff options
| author | Pauli <pauli@openssl.org> | 2021-05-31 16:31:18 +1000 |
|---|---|---|
| committer | Pauli <pauli@openssl.org> | 2021-06-01 18:13:56 +1000 |
| commit | 28cab20916731c188180628330de27f6ce5f684e (patch) | |
| tree | f85f272ab8aba403ab10401af29deeda217f0138 /crypto/ec | |
| parent | dfefa4c16424cb3628b2a75b53c11e0be5247baa (diff) | |
crypto: updates to pass size_t to RAND_bytes_ex()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15540)
Diffstat (limited to 'crypto/ec')
| -rw-r--r-- | crypto/ec/ec_err.c | 3 | ||||
| -rw-r--r-- | crypto/ec/ecp_s390x_nistp.c | 6 |
2 files changed, 7 insertions, 2 deletions
diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c index 9e21968499..9dc143c2ac 100644 --- a/crypto/ec/ec_err.c +++ b/crypto/ec/ec_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -62,6 +62,7 @@ static const ERR_STRING_DATA EC_str_reasons[] = { {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_GENERATOR), "invalid generator"}, {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_GROUP_ORDER), "invalid group order"}, {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_KEY), "invalid key"}, + {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_LENGTH), "invalid length"}, {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_NAMED_GROUP_CONVERSION), "invalid named group conversion"}, {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_OUTPUT_LENGTH), diff --git a/crypto/ec/ecp_s390x_nistp.c b/crypto/ec/ecp_s390x_nistp.c index 4a676c37ad..5c70b2d678 100644 --- a/crypto/ec/ecp_s390x_nistp.c +++ b/crypto/ec/ecp_s390x_nistp.c @@ -173,6 +173,10 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign_sig(const unsigned char *dgst, } if (r == NULL || kinv == NULL) { + if (len < 0) { + ERR_raise(ERR_LIB_EC, EC_R_INVALID_LENGTH); + goto ret; + } /* * Generate random k and copy to param param block. RAND_priv_bytes_ex * is used instead of BN_priv_rand_range or BN_generate_dsa_nonce @@ -180,7 +184,7 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign_sig(const unsigned char *dgst, * internally implementing counter-measures for RNG weakness. */ if (RAND_priv_bytes_ex(eckey->libctx, param + S390X_OFF_RN(len), - len, 0) != 1) { + (size_t)len, 0) != 1) { ERR_raise(ERR_LIB_EC, EC_R_RANDOM_NUMBER_GENERATION_FAILED); goto ret; } |