diff options
| author | Matt Caswell <matt@openssl.org> | 2021-03-15 16:21:45 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2021-03-17 09:56:33 +0000 |
| commit | 19ad1e9d3737f48c0e1c5cc5397ff1827b6946b8 (patch) | |
| tree | 571d2603c99d18fbecd52ff258fcfad457faca2f /crypto/ec | |
| parent | d11f644ba5f5c7a6e925e625899589d0cdd2c84b (diff) | |
Remove a TODO(3.0) from EVP_PKEY_derive_set_peer()
The TODO described a case where a legacy derive operation is called, but
the peer key is provider based. In practice this will almost never be a
problem. We should never end up in our own legacy EVP_PKEY_METHOD
implementations if no ENGINE has been configured. If an ENGINE has been
configured then we we will be using a third party EVP_PKEY_METHOD
implementation and public APIs will be used to obtain the key data from the
peer key so there will be no "reaching inside" the pkey.
There is a theoretical case where a third party ENGINE wraps our own
internal EVP_PKEY_METHODs using EVP_PKEY_meth_find() or
EVP_PKEY_meth_get0(). For these cases we just ensure all our
EVP_PKEY_METHODs never reach "inside" the implementation of a peer key. We
can never assume that it is a legacy key.
Fixes #14399
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14555)
Diffstat (limited to 'crypto/ec')
| -rw-r--r-- | crypto/ec/ec_pmeth.c | 11 | ||||
| -rw-r--r-- | crypto/ec/ecx_meth.c | 2 |
2 files changed, 10 insertions, 3 deletions
diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index 2280189e28..e4f3549d30 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -161,8 +161,15 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) size_t outlen; const EC_POINT *pubkey = NULL; EC_KEY *eckey; + const EC_KEY *eckeypub; EC_PKEY_CTX *dctx = ctx->data; - if (!ctx->pkey || !ctx->peerkey) { + + if (ctx->pkey == NULL || ctx->peerkey == NULL) { + ERR_raise(ERR_LIB_EC, EC_R_KEYS_NOT_SET); + return 0; + } + eckeypub = EVP_PKEY_get0_EC_KEY(ctx->peerkey); + if (eckeypub == NULL) { ERR_raise(ERR_LIB_EC, EC_R_KEYS_NOT_SET); return 0; } @@ -178,7 +185,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) *keylen = (EC_GROUP_get_degree(group) + 7) / 8; return 1; } - pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec); + pubkey = EC_KEY_get0_public_key(eckeypub); /* * NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is not diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index cd73a15847..9a812c875b 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -766,7 +766,7 @@ static int validate_ecx_derive(EVP_PKEY_CTX *ctx, unsigned char *key, return 0; } ecxkey = ctx->pkey->pkey.ecx; - peerkey = ctx->peerkey->pkey.ecx; + peerkey = EVP_PKEY_get0(ctx->peerkey); if (ecxkey == NULL || ecxkey->privkey == NULL) { ERR_raise(ERR_LIB_EC, EC_R_INVALID_PRIVATE_KEY); return 0; |