ts/ts_rsp_sign.c: Add the check for the EVP_MD_CTX_get_size()

Add the check for the return value of EVP_MD_CTX_get_size() to avoid invalid negative numbers. Fixes: c7235be6e3 ("RFC 3161 compliant time stamp request creation, response generation and response verification.") Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23960)
author: Jiasheng Jiang <jiasheng@purdue.edu> 2024-03-23 16:09:01 +0000
committer: Tomas Mraz <tomas@openssl.org> 2024-04-09 20:47:00 +0200
commit: f5fde94c54a1ad49663391750fd1b2f47550a4b6 (patch)
tree: 69fdcd5a6930eaefdd82a4e514f4047ad478df50 /crypto
parent: f4174b6db41650363e41af42e82de9cc7ef09a5e (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index 79d3e67837..d3a4677292 100644
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -445,7 +445,7 @@ static int ts_RESP_check_request(TS_RESP_CTX *ctx)
     char md_alg_name[OSSL_MAX_NAME_SIZE];
     const ASN1_OCTET_STRING *digest;
     const EVP_MD *md = NULL;
-    int i;
+    int i, md_size;
 
     if (TS_REQ_get_version(request) != 1) {
         TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
@@ -470,6 +470,10 @@ static int ts_RESP_check_request(TS_RESP_CTX *ctx)
         return 0;
     }
 
+    md_size = EVP_MD_get_size(md);
+    if (md_size <= 0)
+        return 0;
+
     if (md_alg->parameter && ASN1_TYPE_get(md_alg->parameter) != V_ASN1_NULL) {
         TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
                                     "Superfluous message digest "
@@ -478,7 +482,7 @@ static int ts_RESP_check_request(TS_RESP_CTX *ctx)
         return 0;
     }
     digest = msg_imprint->hashed_msg;
-    if (digest->length != EVP_MD_get_size(md)) {
+    if (digest->length != md_size) {
         TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
                                     "Bad message digest.");
         TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
author	Jiasheng Jiang <jiasheng@purdue.edu>	2024-03-23 16:09:01 +0000
committer	Tomas Mraz <tomas@openssl.org>	2024-04-09 20:47:00 +0200
commit	f5fde94c54a1ad49663391750fd1b2f47550a4b6 (patch)
tree	69fdcd5a6930eaefdd82a4e514f4047ad478df50 /crypto
parent	f4174b6db41650363e41af42e82de9cc7ef09a5e (diff)