diff options
author | Nicola Tuveri <nic.tuv@gmail.com> | 2016-10-04 09:17:11 +0300 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2016-11-17 00:36:23 -0500 |
commit | cc98e63938c6710fa3c79679adcffa754390ecaa (patch) | |
tree | 4485235da76b1c79ac700bf2366b70685d69bba6 | |
parent | dfdd45f72c03d19ba815a127cab1338eff8084e9 (diff) | |
download | openssl-cc98e63938c6710fa3c79679adcffa754390ecaa.tar.gz |
bugfix: calculate outlen for each curve
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1658)
-rw-r--r-- | apps/speed.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/apps/speed.c b/apps/speed.c index f40f9fa50c..160052097a 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -166,7 +166,7 @@ typedef struct loopargs_st { EVP_PKEY_CTX *ecdh_ctx[EC_NUM]; unsigned char *secret_a; unsigned char *secret_b; - size_t outlen; + size_t outlen[EC_NUM]; kdf_fn kdf; #endif EVP_CIPHER_CTX *ctx; @@ -1057,7 +1057,7 @@ static int ECDH_EVP_derive_key_loop(void *args) EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum]; unsigned char *derived_secret = tempargs->secret_a; int count; - size_t *outlen = &(tempargs->outlen); + size_t *outlen = &(tempargs->outlen[testnum]); for (count = 0; COND(ecdh_c[testnum][0]); count++) { if ( !ECDH_EVP_derive_key(derived_secret, outlen, ctx) ) @@ -2561,6 +2561,7 @@ int speed_main(int argc, char **argv) for (i = 0; i < loopargs_len; i++) { EVP_PKEY_CTX *kctx = NULL, *ctx = NULL; EVP_PKEY *key_A = NULL, *key_B = NULL; + size_t outlen; if (testnum == R_EC_X25519) { kctx = EVP_PKEY_CTX_new_id(test_curves[testnum], NULL); /* keygen ctx from NID */ @@ -2604,6 +2605,8 @@ int speed_main(int argc, char **argv) !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */ !EVP_PKEY_derive_init(ctx) || /* init derivation ctx */ !EVP_PKEY_derive_set_peer(ctx, key_B) || /* set peer pubkey in ctx */ + !EVP_PKEY_derive(ctx, NULL, &outlen) || /* determine max length */ + outlen > MAX_ECDH_SIZE || /* avoid buffer overflow */ 0) { ecdh_checks = 0; BIO_printf(bio_err, "ECDH key generation failure.\n"); @@ -2613,6 +2616,7 @@ int speed_main(int argc, char **argv) } loopargs[i].ecdh_ctx[testnum] = ctx; + loopargs[i].outlen[testnum] = outlen; EVP_PKEY_CTX_free(kctx); kctx = NULL; } |