diff options
author | Nicola Tuveri <nic.tuv@gmail.com> | 2019-11-01 22:38:21 +0200 |
---|---|---|
committer | Nicola Tuveri <nic.tuv@gmail.com> | 2019-11-13 18:11:50 +0200 |
commit | 6f6adf1d7bf44abfae96a52c791a69cf694fd7f8 (patch) | |
tree | a2ef38b8036cfaac19b21fbf202a2755493a7a3e /crypto | |
parent | bd2931bf45bf35f1b3a3eb6ec4b4bb64fcdfdbfa (diff) |
Fix EC_POINT_bn2point() for BN_zero()
EC_POINT_bn2point() rejected BIGNUMs with a zero value.
This behavior indirectly caused failures when converting a point
at infinity through EC_POINT_point2hex() and then back to a point with
EC_POINT_hex2point().
With this change such BIGNUMs are treated like any other and exported to
an octet buffer filled with zero.
It is then EC_POINT_oct2point() (either the default implementation or
the custom one in group->meth->oct2point) to determine if such encoding
maps to a valid point (generally the point at infinity is encoded as
0x00).
Fixes #10258
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10329)
(cherry picked from commit d47c10875656790d146f62ac3c437db54c58dbf7)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/ec/ec_print.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/ec/ec_print.c b/crypto/ec/ec_print.c index f2525cbaa6..660fc400fb 100644 --- a/crypto/ec/ec_print.c +++ b/crypto/ec/ec_print.c @@ -39,13 +39,13 @@ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, EC_POINT *ret; if ((buf_len = BN_num_bytes(bn)) == 0) - return NULL; + buf_len = 1; if ((buf = OPENSSL_malloc(buf_len)) == NULL) { ECerr(EC_F_EC_POINT_BN2POINT, ERR_R_MALLOC_FAILURE); return NULL; } - if (!BN_bn2bin(bn, buf)) { + if (!BN_bn2binpad(bn, buf, buf_len)) { OPENSSL_free(buf); return NULL; } |