diff options
| author | doug <> | 2015-07-20 21:55:13 +0000 |
|---|---|---|
| committer | doug <> | 2015-07-20 21:55:13 +0000 |
| commit | 4110bba1b380615e51f07e2247b3b3d4bc6a589a (patch) | |
| tree | dd702402bcd84fbbe1f8d287f01e7f5044d8f1c4 /src | |
| parent | 49bea04901394b7ad6f18aa6bd81b574fd5637c5 (diff) | |
| download | openbsd-4110bba1b380615e51f07e2247b3b3d4bc6a589a.tar.gz openbsd-4110bba1b380615e51f07e2247b3b3d4bc6a589a.tar.bz2 openbsd-4110bba1b380615e51f07e2247b3b3d4bc6a589a.zip | |
Don't try to run ECDH if ecdh_checks fails in openssl(1) speed.
Coverity 72744 noticed that rsa_count was overwitten. The underlying
issue is that this code is supposed to be in an else block.
ok bcook@
Diffstat (limited to 'src')
| -rw-r--r-- | src/usr.bin/openssl/speed.c | 40 |
1 files changed, 23 insertions, 17 deletions
diff --git a/src/usr.bin/openssl/speed.c b/src/usr.bin/openssl/speed.c index bf5f946375..d637eecd49 100644 --- a/src/usr.bin/openssl/speed.c +++ b/src/usr.bin/openssl/speed.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: speed.c,v 1.7 2015/07/03 21:45:10 miod Exp $ */ | 1 | /* $OpenBSD: speed.c,v 1.8 2015/07/20 21:55:13 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1707,25 +1707,31 @@ speed_main(int argc, char **argv) | |||
| 1707 | } | 1707 | } |
| 1708 | 1708 | ||
| 1709 | if (ecdh_checks == 0) { | 1709 | if (ecdh_checks == 0) { |
| 1710 | BIO_printf(bio_err, "ECDH computations don't match.\n"); | 1710 | BIO_printf(bio_err, |
| 1711 | "ECDH computations don't match.\n"); | ||
| 1711 | ERR_print_errors(bio_err); | 1712 | ERR_print_errors(bio_err); |
| 1712 | rsa_count = 1; | 1713 | rsa_count = 1; |
| 1714 | } else { | ||
| 1715 | pkey_print_message("", "ecdh", | ||
| 1716 | ecdh_c[j][0], | ||
| 1717 | test_curves_bits[j], | ||
| 1718 | ECDH_SECONDS); | ||
| 1719 | Time_F(START); | ||
| 1720 | for (count = 0, run = 1; | ||
| 1721 | COND(ecdh_c[j][0]); count++) { | ||
| 1722 | ECDH_compute_key(secret_a, | ||
| 1723 | outlen, | ||
| 1724 | EC_KEY_get0_public_key(ecdh_b[j]), | ||
| 1725 | ecdh_a[j], kdf); | ||
| 1726 | } | ||
| 1727 | d = Time_F(STOP); | ||
| 1728 | BIO_printf(bio_err, mr | ||
| 1729 | ? "+R7:%ld:%d:%.2f\n" | ||
| 1730 | : "%ld %d-bit ECDH ops in %.2fs\n", | ||
| 1731 | count, test_curves_bits[j], d); | ||
| 1732 | ecdh_results[j][0] = d / (double) count; | ||
| 1733 | rsa_count = count; | ||
| 1713 | } | 1734 | } |
| 1714 | pkey_print_message("", "ecdh", | ||
| 1715 | ecdh_c[j][0], | ||
| 1716 | test_curves_bits[j], | ||
| 1717 | ECDH_SECONDS); | ||
| 1718 | Time_F(START); | ||
| 1719 | for (count = 0, run = 1; COND(ecdh_c[j][0]); count++) { | ||
| 1720 | ECDH_compute_key(secret_a, outlen, | ||
| 1721 | EC_KEY_get0_public_key(ecdh_b[j]), | ||
| 1722 | ecdh_a[j], kdf); | ||
| 1723 | } | ||
| 1724 | d = Time_F(STOP); | ||
| 1725 | BIO_printf(bio_err, mr ? "+R7:%ld:%d:%.2f\n" : "%ld %d-bit ECDH ops in %.2fs\n", | ||
| 1726 | count, test_curves_bits[j], d); | ||
| 1727 | ecdh_results[j][0] = d / (double) count; | ||
| 1728 | rsa_count = count; | ||
| 1729 | } | 1735 | } |
| 1730 | } | 1736 | } |
| 1731 | 1737 | ||