diff options
author | Nicola Tuveri <nic.tuv@gmail.com> | 2018-04-10 03:19:30 +0300 |
---|---|---|
committer | Nicola Tuveri <nic.tuv@gmail.com> | 2018-04-24 12:28:45 +0300 |
commit | b5a85f70d88215f62c971cd6364bded89aea9e0a (patch) | |
tree | c1b4fa7627e7294ce65f02039410f56ebd460631 /test | |
parent | 6862de63d469f3148a2ff5a04a6b9ab6413bd5ac (diff) |
[SM2_sign] fix double free and return value
Currently, critical bugs prevent using SM2 signatures through the
`EVP_PKEY` interface: any application that managed to satisfy the
requirement of forcing SM3 as the message digest – even if this is
currently not possible transparently through the `EVP_PKEY` interface
and requires manually forcing the MD selection – would crash with a
segmentation fault upon calling the `SM2_sign()` function.
This is easily verified using the OpenSSL CLI to execute this critical
code path under the right conditions:
`openssl dgst -sm3 -hex -sign sm2.eckey /path/to/file/to/sign`
The issue is caused by a double free at the end of `SM2_sign()` in
`crypto/sm2/sm2_sign.c` in case of successful signature generation.
In addition, even if the double free was not causing segfaults,
the function returns the wrong return value in case of success (it
would return 0 rather than 1).
This patch fixes both problems.
Diffstat (limited to 'test')
0 files changed, 0 insertions, 0 deletions