[openssl] master update
Richard Levitte
levitte at openssl.org
Fri May 1 06:56:35 UTC 2020
The branch master has been updated
via 90113096186e185cd07ee1c4c7267d0e68e67793 (commit)
via 2fc2e37b282cb6570760e9c837599dd51f239ca1 (commit)
from 64e54bf5c6657bf423d3ba463f31095d598d94e7 (commit)
- Log -----------------------------------------------------------------
commit 90113096186e185cd07ee1c4c7267d0e68e67793
Author: Mat Berchtold <mberchtold at gmail.com>
Date: Tue Apr 21 19:30:40 2020 -0500
Add a test for EVP_PKEY_*_check functions for "DSA" keys
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11598)
commit 2fc2e37b282cb6570760e9c837599dd51f239ca1
Author: Mat Berchtold <mberchtold at gmail.com>
Date: Tue Apr 21 14:13:16 2020 -0500
When a private key is validated and there is no private key, return early.
Affected functions:
dsa_validate_public
dsa_validate_private
dh_validate_public
dh_validate_private
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11598)
-----------------------------------------------------------------------
Summary of changes:
providers/implementations/keymgmt/dh_kmgmt.c | 4 ++++
providers/implementations/keymgmt/dsa_kmgmt.c | 4 ++++
test/evp_pkey_provided_test.c | 20 ++++++++++++++++++++
3 files changed, 28 insertions(+)
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c
index f09654c048..a551a72d79 100644
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@@ -322,6 +322,8 @@ static int dh_validate_public(DH *dh)
const BIGNUM *pub_key = NULL;
DH_get0_key(dh, &pub_key, NULL);
+ if (pub_key == NULL)
+ return 0;
return DH_check_pub_key_ex(dh, pub_key);
}
@@ -331,6 +333,8 @@ static int dh_validate_private(DH *dh)
const BIGNUM *priv_key = NULL;
DH_get0_key(dh, NULL, &priv_key);
+ if (priv_key == NULL)
+ return 0;
return dh_check_priv_key(dh, priv_key, &status);;
}
diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c
index 1261035296..de54b9a3fd 100644
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -312,6 +312,8 @@ static int dsa_validate_public(DSA *dsa)
const BIGNUM *pub_key = NULL;
DSA_get0_key(dsa, &pub_key, NULL);
+ if (pub_key == NULL)
+ return 0;
return dsa_check_pub_key(dsa, pub_key, &status);
}
@@ -321,6 +323,8 @@ static int dsa_validate_private(DSA *dsa)
const BIGNUM *priv_key = NULL;
DSA_get0_key(dsa, NULL, &priv_key);
+ if (priv_key == NULL)
+ return 0;
return dsa_check_priv_key(dsa, priv_key, &status);
}
diff --git a/test/evp_pkey_provided_test.c b/test/evp_pkey_provided_test.c
index 1ded0d9f9e..2c07ed0282 100644
--- a/test/evp_pkey_provided_test.c
+++ b/test/evp_pkey_provided_test.c
@@ -1211,6 +1211,25 @@ static int test_fromdata_dsa_fips186_4(void)
return ret;
}
+
+static int test_check_dsa(void)
+{
+ int ret = 0;
+ EVP_PKEY_CTX *ctx = NULL;
+
+ if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
+ || !TEST_false(EVP_PKEY_check(ctx))
+ || !TEST_false(EVP_PKEY_public_check(ctx))
+ || !TEST_false(EVP_PKEY_private_check(ctx))
+ || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
+ goto err;
+
+ ret = 1;
+ err:
+ EVP_PKEY_CTX_free(ctx);
+
+ return ret;
+}
#endif /* OPENSSL_NO_DSA */
@@ -1231,6 +1250,7 @@ int setup_tests(void)
ADD_TEST(test_fromdata_dh_named_group);
#endif
#ifndef OPENSSL_NO_DSA
+ ADD_TEST(test_check_dsa);
ADD_TEST(test_fromdata_dsa_fips186_4);
#endif
#ifndef OPENSSL_NO_EC
More information about the openssl-commits
mailing list