diff options
Diffstat (limited to 'src/lib/libcrypto/gost/gostr341001_pmeth.c')
-rw-r--r-- | src/lib/libcrypto/gost/gostr341001_pmeth.c | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/src/lib/libcrypto/gost/gostr341001_pmeth.c b/src/lib/libcrypto/gost/gostr341001_pmeth.c index 859c0884d6..c7d4dc10ae 100644 --- a/src/lib/libcrypto/gost/gostr341001_pmeth.c +++ b/src/lib/libcrypto/gost/gostr341001_pmeth.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: gostr341001_pmeth.c,v 1.6 2014/11/13 20:29:55 miod Exp $ */ | 1 | /* $OpenBSD: gostr341001_pmeth.c,v 1.7 2015/02/10 09:52:35 miod Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 3 | * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> |
4 | * Copyright (c) 2005-2006 Cryptocom LTD | 4 | * Copyright (c) 2005-2006 Cryptocom LTD |
@@ -248,7 +248,10 @@ pkey_gost01_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, | |||
248 | GOSTerr(GOST_F_PKEY_GOST01_SIGN, EC_R_BUFFER_TOO_SMALL); | 248 | GOSTerr(GOST_F_PKEY_GOST01_SIGN, EC_R_BUFFER_TOO_SMALL); |
249 | return 0; | 249 | return 0; |
250 | } | 250 | } |
251 | OPENSSL_assert(tbs_len == 32 || tbs_len == 64); | 251 | if (tbs_len != 32 && tbs_len != 64) { |
252 | GOSTerr(GOST_F_PKEY_GOST01_SIGN, EVP_R_BAD_BLOCK_LENGTH); | ||
253 | return 0; | ||
254 | } | ||
252 | md = GOST_le2bn(tbs, tbs_len, NULL); | 255 | md = GOST_le2bn(tbs, tbs_len, NULL); |
253 | if (md == NULL) | 256 | if (md == NULL) |
254 | return 0; | 257 | return 0; |
@@ -411,11 +414,23 @@ pkey_gost01_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len, | |||
411 | 414 | ||
412 | nid = OBJ_obj2nid(gkt->key_agreement_info->cipher); | 415 | nid = OBJ_obj2nid(gkt->key_agreement_info->cipher); |
413 | 416 | ||
414 | OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8); | 417 | if (gkt->key_agreement_info->eph_iv->length != 8) { |
418 | GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, | ||
419 | GOST_R_INVALID_IV_LENGTH); | ||
420 | goto err; | ||
421 | } | ||
415 | memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8); | 422 | memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8); |
416 | OPENSSL_assert(gkt->key_info->encrypted_key->length == 32); | 423 | if (gkt->key_info->encrypted_key->length != 32) { |
424 | GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, | ||
425 | EVP_R_BAD_KEY_LENGTH); | ||
426 | goto err; | ||
427 | } | ||
417 | memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32); | 428 | memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32); |
418 | OPENSSL_assert(gkt->key_info->imit->length == 4); | 429 | if (gkt->key_info->imit->length != 4) { |
430 | GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, | ||
431 | ERR_R_INTERNAL_ERROR); | ||
432 | goto err; | ||
433 | } | ||
419 | memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4); | 434 | memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4); |
420 | if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0) | 435 | if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0) |
421 | goto err; | 436 | goto err; |