summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libcrypto/ecdh/ecdh.h3
-rw-r--r--src/lib/libcrypto/ecdh/ech_err.c3
-rw-r--r--src/lib/libcrypto/ecdh/ech_ossl.c16
-rw-r--r--src/lib/libssl/src/crypto/ecdh/ecdh.h3
-rw-r--r--src/lib/libssl/src/crypto/ecdh/ech_err.c3
-rw-r--r--src/lib/libssl/src/crypto/ecdh/ech_ossl.c16
6 files changed, 32 insertions, 12 deletions
diff --git a/src/lib/libcrypto/ecdh/ecdh.h b/src/lib/libcrypto/ecdh/ecdh.h
index 3bcb8b045e..e1cc8404d0 100644
--- a/src/lib/libcrypto/ecdh/ecdh.h
+++ b/src/lib/libcrypto/ecdh/ecdh.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecdh.h,v 1.3 2015/09/13 10:46:20 jsing Exp $ */ 1/* $OpenBSD: ecdh.h,v 1.4 2015/09/13 11:49:44 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -116,6 +116,7 @@ void ERR_load_ECDH_strings(void);
116 116
117/* Reason codes. */ 117/* Reason codes. */
118#define ECDH_R_KDF_FAILED 102 118#define ECDH_R_KDF_FAILED 102
119#define ECDH_R_KEY_TRUNCATION 104
119#define ECDH_R_NON_FIPS_METHOD 103 120#define ECDH_R_NON_FIPS_METHOD 103
120#define ECDH_R_NO_PRIVATE_VALUE 100 121#define ECDH_R_NO_PRIVATE_VALUE 100
121#define ECDH_R_POINT_ARITHMETIC_FAILURE 101 122#define ECDH_R_POINT_ARITHMETIC_FAILURE 101
diff --git a/src/lib/libcrypto/ecdh/ech_err.c b/src/lib/libcrypto/ecdh/ech_err.c
index 2899b573c3..afe5ff3af8 100644
--- a/src/lib/libcrypto/ecdh/ech_err.c
+++ b/src/lib/libcrypto/ecdh/ech_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_err.c,v 1.4 2015/09/13 10:46:20 jsing Exp $ */ 1/* $OpenBSD: ech_err.c,v 1.5 2015/09/13 11:49:44 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -80,6 +80,7 @@ static ERR_STRING_DATA ECDH_str_functs[]= {
80 80
81static ERR_STRING_DATA ECDH_str_reasons[]= { 81static ERR_STRING_DATA ECDH_str_reasons[]= {
82 {ERR_REASON(ECDH_R_KDF_FAILED) , "KDF failed"}, 82 {ERR_REASON(ECDH_R_KDF_FAILED) , "KDF failed"},
83 {ERR_REASON(ECDH_R_KEY_TRUNCATION), "key would be truncated"},
83 {ERR_REASON(ECDH_R_NON_FIPS_METHOD) , "non fips method"}, 84 {ERR_REASON(ECDH_R_NON_FIPS_METHOD) , "non fips method"},
84 {ERR_REASON(ECDH_R_NO_PRIVATE_VALUE) , "no private value"}, 85 {ERR_REASON(ECDH_R_NO_PRIVATE_VALUE) , "no private value"},
85 {ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"}, 86 {ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"},
diff --git a/src/lib/libcrypto/ecdh/ech_ossl.c b/src/lib/libcrypto/ecdh/ech_ossl.c
index f05db87f78..746eb12ea3 100644
--- a/src/lib/libcrypto/ecdh/ech_ossl.c
+++ b/src/lib/libcrypto/ecdh/ech_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_ossl.c,v 1.10 2015/09/13 10:46:20 jsing Exp $ */ 1/* $OpenBSD: ech_ossl.c,v 1.11 2015/09/13 11:49:44 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -115,7 +115,8 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
115 unsigned char *buf = NULL; 115 unsigned char *buf = NULL;
116 116
117 if (outlen > INT_MAX) { 117 if (outlen > INT_MAX) {
118 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */ 118 /* Sort of, anyway. */
119 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
119 return -1; 120 return -1;
120 } 121 }
121 122
@@ -171,6 +172,11 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
171 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR); 172 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR);
172 goto err; 173 goto err;
173 } 174 }
175 if (outlen < buflen) {
176 /* The resulting key would be truncated. */
177 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_KEY_TRUNCATION);
178 goto err;
179 }
174 if ((buf = malloc(buflen)) == NULL) { 180 if ((buf = malloc(buflen)) == NULL) {
175 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); 181 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
176 goto err; 182 goto err;
@@ -189,9 +195,11 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
189 } 195 }
190 ret = outlen; 196 ret = outlen;
191 } else { 197 } else {
192 /* no KDF, just copy as much as we can */ 198 /* No KDF, just copy as much as we can and zero the rest. */
193 if (outlen > buflen) 199 if (outlen > buflen) {
200 memset(out + buflen, 0, outlen - buflen);
194 outlen = buflen; 201 outlen = buflen;
202 }
195 memcpy(out, buf, outlen); 203 memcpy(out, buf, outlen);
196 ret = outlen; 204 ret = outlen;
197 } 205 }
diff --git a/src/lib/libssl/src/crypto/ecdh/ecdh.h b/src/lib/libssl/src/crypto/ecdh/ecdh.h
index 3bcb8b045e..e1cc8404d0 100644
--- a/src/lib/libssl/src/crypto/ecdh/ecdh.h
+++ b/src/lib/libssl/src/crypto/ecdh/ecdh.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecdh.h,v 1.3 2015/09/13 10:46:20 jsing Exp $ */ 1/* $OpenBSD: ecdh.h,v 1.4 2015/09/13 11:49:44 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -116,6 +116,7 @@ void ERR_load_ECDH_strings(void);
116 116
117/* Reason codes. */ 117/* Reason codes. */
118#define ECDH_R_KDF_FAILED 102 118#define ECDH_R_KDF_FAILED 102
119#define ECDH_R_KEY_TRUNCATION 104
119#define ECDH_R_NON_FIPS_METHOD 103 120#define ECDH_R_NON_FIPS_METHOD 103
120#define ECDH_R_NO_PRIVATE_VALUE 100 121#define ECDH_R_NO_PRIVATE_VALUE 100
121#define ECDH_R_POINT_ARITHMETIC_FAILURE 101 122#define ECDH_R_POINT_ARITHMETIC_FAILURE 101
diff --git a/src/lib/libssl/src/crypto/ecdh/ech_err.c b/src/lib/libssl/src/crypto/ecdh/ech_err.c
index 2899b573c3..afe5ff3af8 100644
--- a/src/lib/libssl/src/crypto/ecdh/ech_err.c
+++ b/src/lib/libssl/src/crypto/ecdh/ech_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_err.c,v 1.4 2015/09/13 10:46:20 jsing Exp $ */ 1/* $OpenBSD: ech_err.c,v 1.5 2015/09/13 11:49:44 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -80,6 +80,7 @@ static ERR_STRING_DATA ECDH_str_functs[]= {
80 80
81static ERR_STRING_DATA ECDH_str_reasons[]= { 81static ERR_STRING_DATA ECDH_str_reasons[]= {
82 {ERR_REASON(ECDH_R_KDF_FAILED) , "KDF failed"}, 82 {ERR_REASON(ECDH_R_KDF_FAILED) , "KDF failed"},
83 {ERR_REASON(ECDH_R_KEY_TRUNCATION), "key would be truncated"},
83 {ERR_REASON(ECDH_R_NON_FIPS_METHOD) , "non fips method"}, 84 {ERR_REASON(ECDH_R_NON_FIPS_METHOD) , "non fips method"},
84 {ERR_REASON(ECDH_R_NO_PRIVATE_VALUE) , "no private value"}, 85 {ERR_REASON(ECDH_R_NO_PRIVATE_VALUE) , "no private value"},
85 {ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"}, 86 {ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"},
diff --git a/src/lib/libssl/src/crypto/ecdh/ech_ossl.c b/src/lib/libssl/src/crypto/ecdh/ech_ossl.c
index f05db87f78..746eb12ea3 100644
--- a/src/lib/libssl/src/crypto/ecdh/ech_ossl.c
+++ b/src/lib/libssl/src/crypto/ecdh/ech_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ech_ossl.c,v 1.10 2015/09/13 10:46:20 jsing Exp $ */ 1/* $OpenBSD: ech_ossl.c,v 1.11 2015/09/13 11:49:44 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 * 4 *
@@ -115,7 +115,8 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
115 unsigned char *buf = NULL; 115 unsigned char *buf = NULL;
116 116
117 if (outlen > INT_MAX) { 117 if (outlen > INT_MAX) {
118 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */ 118 /* Sort of, anyway. */
119 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
119 return -1; 120 return -1;
120 } 121 }
121 122
@@ -171,6 +172,11 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
171 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR); 172 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR);
172 goto err; 173 goto err;
173 } 174 }
175 if (outlen < buflen) {
176 /* The resulting key would be truncated. */
177 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_KEY_TRUNCATION);
178 goto err;
179 }
174 if ((buf = malloc(buflen)) == NULL) { 180 if ((buf = malloc(buflen)) == NULL) {
175 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); 181 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
176 goto err; 182 goto err;
@@ -189,9 +195,11 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
189 } 195 }
190 ret = outlen; 196 ret = outlen;
191 } else { 197 } else {
192 /* no KDF, just copy as much as we can */ 198 /* No KDF, just copy as much as we can and zero the rest. */
193 if (outlen > buflen) 199 if (outlen > buflen) {
200 memset(out + buflen, 0, outlen - buflen);
194 outlen = buflen; 201 outlen = buflen;
202 }
195 memcpy(out, buf, outlen); 203 memcpy(out, buf, outlen);
196 ret = outlen; 204 ret = outlen;
197 } 205 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-25 07:17:34 +0000