diff options
author | Tomas Mraz <tomas@openssl.org> | 2023-07-21 16:26:12 +0200 |
---|---|---|
committer | Todd Short <todd.short@me.com> | 2023-08-04 10:09:43 -0400 |
commit | 1ae4678cebaa13604c0f31bdf2c64cd28bdaf287 (patch) | |
tree | d50ea623491566f1363589298715212964015f3e /providers | |
parent | cb8e64131e7ce230a9268bdd7cc4664868ff0dc9 (diff) |
Avoid exporting bogus (empty) data if empty selection is used
This is already correct in the rsa_kmgmt.c but other
implementations are wrong.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21519)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/implementations/keymgmt/dh_kmgmt.c | 3 | ||||
-rw-r--r-- | providers/implementations/keymgmt/dsa_kmgmt.c | 3 | ||||
-rw-r--r-- | providers/implementations/keymgmt/ecx_kmgmt.c | 3 | ||||
-rw-r--r-- | providers/implementations/keymgmt/mac_legacy_kmgmt.c | 3 |
4 files changed, 12 insertions, 0 deletions
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index d0a101ab37..eaca876bb9 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -222,6 +222,9 @@ static int dh_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, if (!ossl_prov_is_running() || dh == NULL) return 0; + if ((selection & DH_POSSIBLE_SELECTIONS) == 0) + return 0; + tmpl = OSSL_PARAM_BLD_new(); if (tmpl == NULL) return 0; diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index 9aa699c289..c2400e4602 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -223,6 +223,9 @@ static int dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, if (!ossl_prov_is_running() || dsa == NULL) return 0; + if ((selection & DSA_POSSIBLE_SELECTIONS) == 0) + return 0; + tmpl = OSSL_PARAM_BLD_new(); if (tmpl == NULL) return 0; diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c index f79fe9fde7..0a354ea721 100644 --- a/providers/implementations/keymgmt/ecx_kmgmt.c +++ b/providers/implementations/keymgmt/ecx_kmgmt.c @@ -241,6 +241,9 @@ static int ecx_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, if (!ossl_prov_is_running() || key == NULL) return 0; + if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0) + return 0; + tmpl = OSSL_PARAM_BLD_new(); if (tmpl == NULL) return 0; diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index babeba748d..9b37027a96 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -275,6 +275,9 @@ static int mac_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, if (!ossl_prov_is_running() || key == NULL) return 0; + if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) == 0) + return 0; + tmpl = OSSL_PARAM_BLD_new(); if (tmpl == NULL) return 0; |