diff options
author | Daiki Ueno <dueno@redhat.com> | 2023-10-16 14:42:12 +0900 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-10-18 16:26:07 +0200 |
commit | a6ed37c2e2c50e93937e4ea3271a8af96e0303de (patch) | |
tree | 729a12e119f06c7362b6a56ad9cd5a8c8e52ccd5 /crypto | |
parent | f4bc5568a973e640a70f416da37a030c25a38ebc (diff) |
rsa: Accept NULL OAEP label for backward compatibility
According to the manual page, EVP_PKEY_CTX_set0_rsa_oaep_label()
should accept NULL as the label argument, though the function
currently rejects it while setting the corresponding octet string
parameter with OSSL_PARAM_construct_octet_string, which expects
non-NULL input. This adds a workaround to the caller for backward
compatibility.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22397)
(cherry picked from commit 21b98da9d80c561b6273b0c51c259196d6740e70)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/rsa/rsa_lib.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 9588a75964..6db837d04d 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -1084,6 +1084,12 @@ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md) int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label, int llen) { OSSL_PARAM rsa_params[2], *p = rsa_params; + const char *empty = ""; + /* + * Needed as we swap label with empty if it is NULL, and label is + * freed at the end of this function. + */ + void *plabel = label; int ret; if (ctx == NULL || !EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)) { @@ -1096,9 +1102,13 @@ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label, int llen) if (!EVP_PKEY_CTX_is_a(ctx, "RSA")) return -1; + /* Accept NULL for backward compatibility */ + if (label == NULL && llen == 0) + plabel = (void *)empty; + /* Cast away the const. This is read only so should be safe */ *p++ = OSSL_PARAM_construct_octet_string(OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, - (void *)label, (size_t)llen); + (void *)plabel, (size_t)llen); *p++ = OSSL_PARAM_construct_end(); ret = evp_pkey_ctx_set_params_strict(ctx, rsa_params); |