From 482e3c247688f68ef4ddaef55a6d62fb30dfe9b3 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 31 Mar 2022 11:01:33 +0200 Subject: [PATCH] Add error code for unsupported explicit parameters Reviewed-by: Nicola Tuveri Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17998) (cherry picked from commit 53137462f42f8673fbd5b0831f8ea051ddea509f) --- crypto/ec/ec_err.c | 4 +++- crypto/ec/ec_lib.c | 1 + crypto/err/openssl.txt | 1 + include/crypto/ecerr.h | 2 +- include/openssl/ecerr.h | 3 ++- 5 files changed, 8 insertions(+), 3 deletions(-) diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c index 9dc143c2ac..4d6f2a76ad 100644 --- a/crypto/ec/ec_err.c +++ b/crypto/ec/ec_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -35,6 +35,8 @@ static const ERR_STRING_DATA EC_str_reasons[] = { "discriminant is zero"}, {ERR_PACK(ERR_LIB_EC, 0, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE), "ec group new by name failure"}, + {ERR_PACK(ERR_LIB_EC, 0, EC_R_EXPLICIT_PARAMS_NOT_SUPPORTED), + "explicit params not supported"}, {ERR_PACK(ERR_LIB_EC, 0, EC_R_FAILED_MAKING_PUBLIC_KEY), "failed making public key"}, {ERR_PACK(ERR_LIB_EC, 0, EC_R_FIELD_TOO_LARGE), "field too large"}, diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 5366e2144b..745e014d8f 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -1567,6 +1567,7 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], return group; } #ifdef FIPS_MODULE + ERR_raise(ERR_LIB_EC, EC_R_EXPLICIT_PARAMS_NOT_SUPPORTED); return NULL; #else /* If it gets here then we are trying explicit parameters */ diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 6e75af9b8b..8fb0b16b60 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -537,6 +537,7 @@ EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING:159:curve does not support signing EC_R_DECODE_ERROR:142:decode error EC_R_DISCRIMINANT_IS_ZERO:118:discriminant is zero EC_R_EC_GROUP_NEW_BY_NAME_FAILURE:119:ec group new by name failure +EC_R_EXPLICIT_PARAMS_NOT_SUPPORTED:127:explicit params not supported EC_R_FAILED_MAKING_PUBLIC_KEY:166:failed making public key EC_R_FIELD_TOO_LARGE:143:field too large EC_R_GF2M_NOT_SUPPORTED:147:gf2m not supported diff --git a/include/crypto/ecerr.h b/include/crypto/ecerr.h index 07b6c7aa62..4658ae8fb2 100644 --- a/include/crypto/ecerr.h +++ b/include/crypto/ecerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/include/openssl/ecerr.h b/include/openssl/ecerr.h index 49088d208b..46405ac62d 100644 --- a/include/openssl/ecerr.h +++ b/include/openssl/ecerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -35,6 +35,7 @@ # define EC_R_DECODE_ERROR 142 # define EC_R_DISCRIMINANT_IS_ZERO 118 # define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119 +# define EC_R_EXPLICIT_PARAMS_NOT_SUPPORTED 127 # define EC_R_FAILED_MAKING_PUBLIC_KEY 166 # define EC_R_FIELD_TOO_LARGE 143 # define EC_R_GF2M_NOT_SUPPORTED 147 -- 2.34.1