diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-05-27 14:18:40 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-05-31 13:06:16 +0100 |
commit | f72f00d49549c6620d7101f5e9bf7963da6df9ee (patch) | |
tree | 81a4405a40070cff6a861591fd4a287147d0d6aa /crypto | |
parent | cc7113e8def99702ed59594e9eb7fea0bd1db518 (diff) |
Parameter copy sanity checks.
Don't copy parameters is they're already present in the destination.
Return error if an attempt is made to copy different parameters to
destination. Update documentation.
If key type is not initialised return missing parameters
RT#4149
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/dh/dh_ameth.c | 2 | ||||
-rw-r--r-- | crypto/dsa/dsa_ameth.c | 2 | ||||
-rw-r--r-- | crypto/ec/ec_ameth.c | 2 | ||||
-rw-r--r-- | crypto/evp/p_lib.c | 8 |
4 files changed, 11 insertions, 3 deletions
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 222cb20b42..b7b37177c1 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -437,7 +437,7 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) static int dh_missing_parameters(const EVP_PKEY *a) { - if (!a->pkey.dh->p || !a->pkey.dh->g) + if (a->pkey.dh == NULL || a->pkey.dh->p == NULL || a->pkey.dh->g == NULL) return 1; return 0; } diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 1bb11a9ed5..a53247c074 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -266,7 +266,7 @@ static int dsa_missing_parameters(const EVP_PKEY *pkey) { DSA *dsa; dsa = pkey->pkey.dsa; - if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL)) + if (dsa == NULL || dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) return 1; return 0; } diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 684da95ab2..6567a2f398 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -292,7 +292,7 @@ static int ec_security_bits(const EVP_PKEY *pkey) static int ec_missing_parameters(const EVP_PKEY *pkey) { - if (EC_KEY_get0_group(pkey->pkey.ec) == NULL) + if (pkey->pkey.ec == NULL || EC_KEY_get0_group(pkey->pkey.ec) == NULL) return 1; return 0; } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 0b7884f9e5..0b50d3210e 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -84,6 +84,14 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS); goto err; } + + if (!EVP_PKEY_missing_parameters(to)) { + if (EVP_PKEY_cmp_parameters(to, from) == 1) + return 1; + EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_PARAMETERS); + return 0; + } + if (from->ameth && from->ameth->param_copy) return from->ameth->param_copy(to, from); err: |