[openssl] openssl-3.0 update

Mon Oct 11 08:46:25 UTC 2021

The branch openssl-3.0 has been updated
       via  fa885e4ba153b6be3e446c8f323762482cef92ae (commit)
      from  6e463bcd53fedbb4ec277a5eb885619e32adcdd2 (commit)


- Log -----------------------------------------------------------------
commit fa885e4ba153b6be3e446c8f323762482cef92ae
Author: PW Hu <jlu.hpw at foxmail.com>
Date:   Fri Oct 8 17:01:47 2021 +0800

    Bugfix: unsafe return check of EVP_PKEY_fromdata
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16783)
    
    (cherry picked from commit d11cab47810715ba472070300b180944a1d93633)

-----------------------------------------------------------------------

Summary of changes:
 apps/dhparam.c                     | 2 +-
 crypto/evp/p_lib.c                 | 2 +-
 test/helpers/predefined_dhparams.c | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/apps/dhparam.c b/apps/dhparam.c
index 6b8546e93b..db9e964cf0 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -384,7 +384,7 @@ static EVP_PKEY *dsa_to_dh(EVP_PKEY *dh)
     ctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL);
     if (ctx == NULL
             || EVP_PKEY_fromdata_init(ctx) <= 0
-            || !EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params)) {
+            || EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) {
         BIO_printf(bio_err, "Error, failed to set DH parameters\n");
         goto err;
     }
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 424d11b259..61cfe1efb9 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -649,7 +649,7 @@ static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len,
 #  endif
     *p = OSSL_PARAM_construct_end();
 
-    if (!EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params)) {
+    if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) {
         ERR_raise(ERR_LIB_EVP, EVP_R_KEY_SETUP_FAILED);
         goto err;
     }
diff --git a/test/helpers/predefined_dhparams.c b/test/helpers/predefined_dhparams.c
index b2f6601188..ebb9c8891d 100644
--- a/test/helpers/predefined_dhparams.c
+++ b/test/helpers/predefined_dhparams.c
@@ -35,7 +35,7 @@ static EVP_PKEY *get_dh_from_pg_bn(OSSL_LIB_CTX *libctx, const char *type,
 
     params = OSSL_PARAM_BLD_to_param(tmpl);
     if (params == NULL
-        || !EVP_PKEY_fromdata(pctx, &dhpkey, EVP_PKEY_KEY_PARAMETERS, params))
+        || EVP_PKEY_fromdata(pctx, &dhpkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0)
         goto err;
 
  err:
