Avoid exporting bogus (empty) data if empty selection is used

author Tomas Mraz <tomas@openssl.org>

Fri, 21 Jul 2023 14:26:12 +0000 (16:26 +0200)

committer Todd Short <todd.short@me.com>

Fri, 4 Aug 2023 14:13:40 +0000 (10:13 -0400)
author Tomas Mraz <tomas@openssl.org>
Fri, 21 Jul 2023 14:26:12 +0000 (16:26 +0200)
committer Todd Short <todd.short@me.com>
Fri, 4 Aug 2023 14:13:40 +0000 (10:13 -0400)
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c

index 9a7dde7c66273bf8a62cbe8ff42d89989d55d95f..4ca9c1a3fad8b9a60fdbec5820ee393fde7108d6 100644 (file)
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@@ -222,6 +222,9 @@ static int dh_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
      if (!ossl_prov_is_running() || dh == NULL)
          return 0;
  
+    if ((selection & DH_POSSIBLE_SELECTIONS) == 0)
+        return 0;
+
      tmpl = OSSL_PARAM_BLD_new();
      if (tmpl == NULL)
          return 0;
diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c

index cd8b4410b0db63d9507e1cd24b7382b9a7f50e5a..2f5742cfcc07ce6733c8e3c81d0c3b0c439e45d1 100644 (file)
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -223,6 +223,9 @@ static int dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
      if (!ossl_prov_is_running() || dsa == NULL)
          return 0;
  
+    if ((selection & DSA_POSSIBLE_SELECTIONS) == 0)
+        return 0;
+
      tmpl = OSSL_PARAM_BLD_new();
      if (tmpl == NULL)
          return 0;
diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c

index 2a7f867aa56b3bdf6399b98d3795f7b7f99348b3..831681412aec7730dd2ba21834bbd1e4a4f65a79 100644 (file)
--- a/providers/implementations/keymgmt/ecx_kmgmt.c
+++ b/providers/implementations/keymgmt/ecx_kmgmt.c
@@ -238,6 +238,9 @@ static int ecx_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
      if (!ossl_prov_is_running() || key == NULL)
          return 0;
  
+    if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0)
+        return 0;
+
      tmpl = OSSL_PARAM_BLD_new();
      if (tmpl == NULL)
          return 0;
diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c

index fd192893009f68f36c52a8195013c1321522fca1..a55dcb0320319f98c4d630f260db7c283d77e967 100644 (file)
--- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c
+++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c
@@ -281,6 +281,9 @@ static int mac_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
      if (!ossl_prov_is_running() || key == NULL)
          return 0;
  
+    if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) == 0)
+        return 0;
+
      tmpl = OSSL_PARAM_BLD_new();
      if (tmpl == NULL)
          return 0;
author	Tomas Mraz <tomas@openssl.org>
	Fri, 21 Jul 2023 14:26:12 +0000 (16:26 +0200)
committer	Todd Short <todd.short@me.com>
	Fri, 4 Aug 2023 14:13:40 +0000 (10:13 -0400)
providers/implementations/keymgmt/dh_kmgmt.c		patch \| blob \| history
providers/implementations/keymgmt/dsa_kmgmt.c		patch \| blob \| history
providers/implementations/keymgmt/ecx_kmgmt.c		patch \| blob \| history
providers/implementations/keymgmt/mac_legacy_kmgmt.c		patch \| blob \| history