Avoid EVP_PKEY_cmp() crash on EC keys without public component (978ecbb0) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 978ecbb0 authored Sep 07, 2016 by

David Woodhouse Committed by Rich Salz Sep 07, 2016

Avoid EVP_PKEY_cmp() crash on EC keys without public component



Some hardware devices don't provide the public EC_POINT data. The only
way for X509_check_private_key() to validate that the key matches a
given certificate is to actually perform a sign operation and then
verify it using the public key in the certificate.

Maybe that can come later, as discussed in issue 1532. But for now let's
at least make it fail gracefully and not crash.

GH: 1532

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1547)
(cherry picked from commit 92ed7fa5)

parent 3e2dd30d

Hide whitespace changes

Inline Side-by-side

Please register or to comment