When a private key is validated and there is no private key, return early.
authorMat Berchtold <mberchtold@gmail.com>
Tue, 21 Apr 2020 19:13:16 +0000 (14:13 -0500)
committerRichard Levitte <levitte@openssl.org>
Fri, 1 May 2020 06:54:29 +0000 (08:54 +0200)
Affected functions:

dsa_validate_public
dsa_validate_private
dh_validate_public
dh_validate_private

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11598)

providers/implementations/keymgmt/dh_kmgmt.c
providers/implementations/keymgmt/dsa_kmgmt.c

index f09654c..a551a72 100644 (file)
@@ -322,6 +322,8 @@ static int dh_validate_public(DH *dh)
     const BIGNUM *pub_key = NULL;
 
     DH_get0_key(dh, &pub_key, NULL);
+    if (pub_key == NULL)
+        return 0;
     return DH_check_pub_key_ex(dh, pub_key);
 }
 
@@ -331,6 +333,8 @@ static int dh_validate_private(DH *dh)
     const BIGNUM *priv_key = NULL;
 
     DH_get0_key(dh, NULL, &priv_key);
+    if (priv_key == NULL)
+        return 0;
     return dh_check_priv_key(dh, priv_key, &status);;
 }
 
index 1261035..de54b9a 100644 (file)
@@ -312,6 +312,8 @@ static int dsa_validate_public(DSA *dsa)
     const BIGNUM *pub_key = NULL;
 
     DSA_get0_key(dsa, &pub_key, NULL);
+    if (pub_key == NULL)
+        return 0;
     return dsa_check_pub_key(dsa, pub_key, &status);
 }
 
@@ -321,6 +323,8 @@ static int dsa_validate_private(DSA *dsa)
     const BIGNUM *priv_key = NULL;
 
     DSA_get0_key(dsa, NULL, &priv_key);
+    if (priv_key == NULL)
+        return 0;
     return dsa_check_priv_key(dsa, priv_key, &status);
 }