mlkem_public_to_private: fix overread/information leak

After the guts of MLKEM_public_key were changed from a union to a struct, the aligner grew the struct, leaking as many bytes of private key data as the struct grew (on normal platforms that would be 2). Ideally this would all be a bit more robust. CID 621603 621604 ok jsing kenjiro
author: tb <> 2025-09-14 16:47:37 +0000
committer: tb <> 2025-09-14 16:47:37 +0000
commit: 4c3431c42271c25d676afc9be6b449390cc67152 (patch)
tree: ef369c8b7066de03d590c0e529f066bc872be488 /src/lib/libcrypto/mlkem/mlkem_internal.c
parent: c24a0a63998841e19c89184824b08a4a3accee00 (diff)
download: openbsd-4c3431c42271c25d676afc9be6b449390cc67152.tar.gz
openbsd-4c3431c42271c25d676afc9be6b449390cc67152.tar.bz2
openbsd-4c3431c42271c25d676afc9be6b449390cc67152.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libcrypto/mlkem/mlkem_internal.c b/src/lib/libcrypto/mlkem/mlkem_internal.c
index 653b2f332d..19dd22e036 100644
--- a/src/lib/libcrypto/mlkem/mlkem_internal.c
+++ b/src/lib/libcrypto/mlkem/mlkem_internal.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mlkem_internal.c,v 1.1 2025/09/05 23:30:12 beck Exp $ */
+/* $OpenBSD: mlkem_internal.c,v 1.2 2025/09/14 16:47:37 tb Exp $ */
 /*
 * Copyright (c) 2024, Google Inc.
 * Copyright (c) 2024, 2025 Bob Beck <beck@obtuse.com>
@@ -990,12 +990,12 @@ mlkem_public_from_private(const MLKEM_private_key *private_key,
        case RANK768:
                memcpy(out_public_key->key_768->bytes,
                    private_key->key_768->bytes,
-                    sizeof(struct MLKEM768_public_key));
+                    sizeof(out_public_key->key_768->bytes));
                break;
        case RANK1024:
                memcpy(out_public_key->key_1024->bytes,
                    private_key->key_1024->bytes,
-                    sizeof(struct MLKEM1024_public_key));
+                    sizeof(out_public_key->key_1024->bytes));
                break;
        }
 }
author	tb <>	2025-09-14 16:47:37 +0000
committer	tb <>	2025-09-14 16:47:37 +0000
commit	4c3431c42271c25d676afc9be6b449390cc67152 (patch)
tree	ef369c8b7066de03d590c0e529f066bc872be488 /src/lib/libcrypto/mlkem/mlkem_internal.c
parent	c24a0a63998841e19c89184824b08a4a3accee00 (diff)
download	openbsd-4c3431c42271c25d676afc9be6b449390cc67152.tar.gz openbsd-4c3431c42271c25d676afc9be6b449390cc67152.tar.bz2 openbsd-4c3431c42271c25d676afc9be6b449390cc67152.zip

diff --git a/src/lib/libcrypto/mlkem/mlkem_internal.c b/src/lib/libcrypto/mlkem/mlkem_internal.c index 653b2f332d..19dd22e036 100644 --- a/src/lib/libcrypto/mlkem/mlkem_internal.c +++ b/src/lib/libcrypto/mlkem/mlkem_internal.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: mlkem_internal.c,v 1.1 2025/09/05 23:30:12 beck Exp $ */	1	/* $OpenBSD: mlkem_internal.c,v 1.2 2025/09/14 16:47:37 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2024, Google Inc.	3	* Copyright (c) 2024, Google Inc.
4	* Copyright (c) 2024, 2025 Bob Beck <beck@obtuse.com>	4	* Copyright (c) 2024, 2025 Bob Beck <beck@obtuse.com>
@@ -990,12 +990,12 @@ mlkem_public_from_private(const MLKEM_private_key *private_key,
990	case RANK768:	990	case RANK768:
991	memcpy(out_public_key->key_768->bytes,	991	memcpy(out_public_key->key_768->bytes,
992	private_key->key_768->bytes,	992	private_key->key_768->bytes,
993	sizeof(struct MLKEM768_public_key));	993	sizeof(out_public_key->key_768->bytes));
994	break;	994	break;
995	case RANK1024:	995	case RANK1024:
996	memcpy(out_public_key->key_1024->bytes,	996	memcpy(out_public_key->key_1024->bytes,
997	private_key->key_1024->bytes,	997	private_key->key_1024->bytes,
998	sizeof(struct MLKEM1024_public_key));	998	sizeof(out_public_key->key_1024->bytes));
999	break;	999	break;
1000	}	1000	}
1001	}	1001	}