summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/gost/gostr341001_pmeth.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/gost/gostr341001_pmeth.c')
-rw-r--r--src/lib/libcrypto/gost/gostr341001_pmeth.c25
1 files changed, 20 insertions, 5 deletions
diff --git a/src/lib/libcrypto/gost/gostr341001_pmeth.c b/src/lib/libcrypto/gost/gostr341001_pmeth.c
index 859c0884d6..c7d4dc10ae 100644
--- a/src/lib/libcrypto/gost/gostr341001_pmeth.c
+++ b/src/lib/libcrypto/gost/gostr341001_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341001_pmeth.c,v 1.6 2014/11/13 20:29:55 miod Exp $ */ 1/* $OpenBSD: gostr341001_pmeth.c,v 1.7 2015/02/10 09:52:35 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -248,7 +248,10 @@ pkey_gost01_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
248 GOSTerr(GOST_F_PKEY_GOST01_SIGN, EC_R_BUFFER_TOO_SMALL); 248 GOSTerr(GOST_F_PKEY_GOST01_SIGN, EC_R_BUFFER_TOO_SMALL);
249 return 0; 249 return 0;
250 } 250 }
251 OPENSSL_assert(tbs_len == 32 || tbs_len == 64); 251 if (tbs_len != 32 && tbs_len != 64) {
252 GOSTerr(GOST_F_PKEY_GOST01_SIGN, EVP_R_BAD_BLOCK_LENGTH);
253 return 0;
254 }
252 md = GOST_le2bn(tbs, tbs_len, NULL); 255 md = GOST_le2bn(tbs, tbs_len, NULL);
253 if (md == NULL) 256 if (md == NULL)
254 return 0; 257 return 0;
@@ -411,11 +414,23 @@ pkey_gost01_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len,
411 414
412 nid = OBJ_obj2nid(gkt->key_agreement_info->cipher); 415 nid = OBJ_obj2nid(gkt->key_agreement_info->cipher);
413 416
414 OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8); 417 if (gkt->key_agreement_info->eph_iv->length != 8) {
418 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
419 GOST_R_INVALID_IV_LENGTH);
420 goto err;
421 }
415 memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8); 422 memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8);
416 OPENSSL_assert(gkt->key_info->encrypted_key->length == 32); 423 if (gkt->key_info->encrypted_key->length != 32) {
424 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
425 EVP_R_BAD_KEY_LENGTH);
426 goto err;
427 }
417 memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32); 428 memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32);
418 OPENSSL_assert(gkt->key_info->imit->length == 4); 429 if (gkt->key_info->imit->length != 4) {
430 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
431 ERR_R_INTERNAL_ERROR);
432 goto err;
433 }
419 memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4); 434 memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4);
420 if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0) 435 if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0)
421 goto err; 436 goto err;