Commit fd785ca8 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Parameter copy sanity checks. 



Don't copy parameters is they're already present in the destination.
Return error if an attempt is made to copy different parameters to
destination. Update documentation.

If key type is not initialised return missing parameters

RT#4149

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(cherry picked from commit f72f00d4)
parent 8e0a94a5

crypto/dh/dh_ameth.c

+1 −1
Original line number Diff line number Diff line
@@ -519,7 +519,7 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 


static int dh_missing_parameters(const EVP_PKEY *a)

{

    if (!a->pkey.dh->p || !a->pkey.dh->g)

    if (a->pkey.dh == NULL || a->pkey.dh->p == NULL || a->pkey.dh->g == NULL)

        return 1;

    return 0;

}

crypto/dsa/dsa_ameth.c

+1 −1
Original line number Diff line number Diff line
@@ -350,7 +350,7 @@ static int dsa_missing_parameters(const EVP_PKEY *pkey) 
{

    DSA *dsa;

    dsa = pkey->pkey.dsa;

    if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))

    if (dsa == NULL || dsa->p == NULL || dsa->q == NULL || dsa->g == NULL)

        return 1;

    return 0;

}

crypto/ec/ec_ameth.c

+1 −1
Original line number Diff line number Diff line
@@ -378,7 +378,7 @@ static int ec_bits(const EVP_PKEY *pkey) 


static int ec_missing_parameters(const EVP_PKEY *pkey)

{

    if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)

    if (pkey->pkey.ec == NULL || EC_KEY_get0_group(pkey->pkey.ec) == NULL)

        return 1;

    return 0;

}

crypto/evp/p_lib.c

+8 −0
Original line number Diff line number Diff line
@@ -130,6 +130,14 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 
        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS);

        goto err;

    }



    if (!EVP_PKEY_missing_parameters(to)) {

        if (EVP_PKEY_cmp_parameters(to, from) == 1)

            return 1;

        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_PARAMETERS);

        return 0;

    }



    if (from->ameth && from->ameth->param_copy)

        return from->ameth->param_copy(to, from);

 err:

doc/crypto/EVP_PKEY_cmp.pod

+3 −1
Original line number Diff line number Diff line
@@ -21,7 +21,9 @@ parameters of B<pkey> are missing and 0 if they are present or the algorithm 
doesn't use parameters.



The function EVP_PKEY_copy_parameters() copies the parameters from key

B<from> to key B<to>.

B<from> to key B<to>. An error is returned if the parameters are missing in

B<from> or present in both B<from> and B<to> and mismatch. If the parameters

in B<from> and B<to> are both present and match this function has no effect.



The function EVP_PKEY_cmp_parameters() compares the parameters of keys

B<a> and B<b>.