Have OSSL_PARAM_allocate_from_text() raise error on unexpected neg number

When the parameter definition has the data type OSSL_PARAM_UNSIGNED_INTEGER, negative input values should not be accepted. Fixes #17103 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17104) (cherry picked from commit 8585b5bc62d0bf394ca6adf24f8590e9b9b18402)
author: Richard Levitte <levitte@openssl.org> 2021-11-22 17:08:19 +0100
committer: Richard Levitte <levitte@openssl.org> 2021-11-24 19:21:41 +0100
commit: de54b77ec35c47d4b8da40eeeecc84ab4ea17058 (patch)
tree: 329a5ab7d8a928c254320185972bc47c34cf63ec /crypto/params_from_text.c
parent: b4175902ffa8cd9c971f650f03c0f48eb418a0ad (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/crypto/params_from_text.c b/crypto/params_from_text.c
index 50f48fdb7e..024c1dc6d3 100644
--- a/crypto/params_from_text.c
+++ b/crypto/params_from_text.c
@@ -57,6 +57,12 @@ static int prepare_from_text(const OSSL_PARAM *paramdefs, const char *key,
         if (r == 0 || *tmpbn == NULL)
             return 0;
 
+        if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER
+            && BN_is_negative(*tmpbn)) {
+            ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_INVALID_NEGATIVE_VALUE);
+            return 0;
+        }
+
         /*
          * 2s complement negate, part 1
          *
author	Richard Levitte <levitte@openssl.org>	2021-11-22 17:08:19 +0100
committer	Richard Levitte <levitte@openssl.org>	2021-11-24 19:21:41 +0100
commit	de54b77ec35c47d4b8da40eeeecc84ab4ea17058 (patch)
tree	329a5ab7d8a928c254320185972bc47c34cf63ec /crypto/params_from_text.c
parent	b4175902ffa8cd9c971f650f03c0f48eb418a0ad (diff)