diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-06-07 11:54:04 +0200 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-06-08 22:01:34 +1000 |
commit | 92b835376a81ed310c9b365094ba670bc231f64c (patch) | |
tree | 7080552657604486248bab5e655675f3d2c8d37b /providers/implementations | |
parent | 907720f0644bf6b7ad4fa94f03ac29402ae597ab (diff) |
EVP_PKEY_new_raw_private_key: Allow zero length keys
Allocate at least one byte to distinguish a zero length key
from an unset key.
Fixes #15632
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15643)
Diffstat (limited to 'providers/implementations')
-rw-r--r-- | providers/implementations/keymgmt/mac_legacy_kmgmt.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index 3b378d38ff..e1e2609dfa 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -190,7 +190,8 @@ static int mac_key_fromdata(MAC_KEY *key, const OSSL_PARAM params[]) return 0; } OPENSSL_secure_clear_free(key->priv_key, key->priv_key_len); - key->priv_key = OPENSSL_secure_malloc(p->data_size); + /* allocate at least one byte to distinguish empty key from no key set */ + key->priv_key = OPENSSL_secure_malloc(p->data_size > 0 ? p->data_size : 1); if (key->priv_key == NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return 0; |