From 46c1c2d7fa9153da4eb5e1aefd7b0139dc507c00 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 9 Jun 2022 12:02:37 +0100 Subject: [PATCH] Fix the export routines to not return success if param alloc failed We fix the dsa, dh, ec and rsa export routines so that they are consistent with each other and do not report success if the allocation of parameters failed. This is essentially the same fix as applied in #18483 but applied to all relevant key types. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18507) --- providers/implementations/keymgmt/dh_kmgmt.c | 4 ++-- providers/implementations/keymgmt/dsa_kmgmt.c | 5 +++-- providers/implementations/keymgmt/ec_kmgmt.c | 10 ++++++---- providers/implementations/keymgmt/rsa_kmgmt.c | 5 +++-- 4 files changed, 14 insertions(+), 10 deletions(-) diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index 83246fe2ab..695ab5f669 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -236,11 +236,11 @@ static int dh_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, ok = ok && ossl_dh_key_todata(dh, tmpl, NULL, include_private); } - if (!ok - || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) { + if (!ok || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) { ok = 0; goto err; } + ok = param_cb(params, cbarg); OSSL_PARAM_free(params); err: diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index 2ab69f5f32..100e917167 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -235,9 +235,10 @@ static int dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, ok = ok && dsa_key_todata(dsa, tmpl, NULL, include_private); } - if (!ok - || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) + if (!ok || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) { + ok = 0; goto err; + } ok = param_cb(params, cbarg); OSSL_PARAM_free(params); diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index 6f8638a898..9260d4bf36 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -496,12 +496,14 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) ok = ok && otherparams_to_params(ec, tmpl, NULL); - if (ok && (params = OSSL_PARAM_BLD_to_param(tmpl)) != NULL) - ok = param_cb(params, cbarg); - else + if (!ok || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) { ok = 0; -end: + goto end; + } + + ok = param_cb(params, cbarg); OSSL_PARAM_free(params); +end: OSSL_PARAM_BLD_free(tmpl); OPENSSL_free(pub_key); OPENSSL_free(genbuf); diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index 1528e43adb..b76835ccc4 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -229,9 +229,10 @@ static int rsa_export(void *keydata, int selection, ok = ok && ossl_rsa_todata(rsa, tmpl, NULL, include_private); } - if (!ok - || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) + if (!ok || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) { + ok = 0; goto err; + } ok = param_callback(params, cbarg); OSSL_PARAM_free(params); -- 2.34.1