summaryrefslogtreecommitdiff
path: root/lib/libcrypto/gost
diff options
context:
space:
mode:
authorMiod Vallat <miod@cvs.openbsd.org>2015-02-10 09:52:36 +0000
committerMiod Vallat <miod@cvs.openbsd.org>2015-02-10 09:52:36 +0000
commit935f03f76968db2c0995f02b41a6492af33d2bb7 (patch)
treedcfcece8bb55f1dd0d507cd28fc0b2d7e521cbb5 /lib/libcrypto/gost
parent4d1e129bc35db3808a66758bef982d7f8be0f5bf (diff)
Replace assert() and OPENSSL_assert() calls with proper error return paths.
Careful review, feedback & ok doug@ jsing@
Diffstat (limited to 'lib/libcrypto/gost')
-rw-r--r--lib/libcrypto/gost/gostr341001_pmeth.c25
1 files changed, 20 insertions, 5 deletions
diff --git a/lib/libcrypto/gost/gostr341001_pmeth.c b/lib/libcrypto/gost/gostr341001_pmeth.c
index 859c0884d68..c7d4dc10aed 100644
--- a/lib/libcrypto/gost/gostr341001_pmeth.c
+++ b/lib/libcrypto/gost/gostr341001_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gostr341001_pmeth.c,v 1.6 2014/11/13 20:29:55 miod Exp $ */
+/* $OpenBSD: gostr341001_pmeth.c,v 1.7 2015/02/10 09:52:35 miod Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
@@ -248,7 +248,10 @@ pkey_gost01_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
GOSTerr(GOST_F_PKEY_GOST01_SIGN, EC_R_BUFFER_TOO_SMALL);
return 0;
}
- OPENSSL_assert(tbs_len == 32 || tbs_len == 64);
+ if (tbs_len != 32 && tbs_len != 64) {
+ GOSTerr(GOST_F_PKEY_GOST01_SIGN, EVP_R_BAD_BLOCK_LENGTH);
+ return 0;
+ }
md = GOST_le2bn(tbs, tbs_len, NULL);
if (md == NULL)
return 0;
@@ -411,11 +414,23 @@ pkey_gost01_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len,
nid = OBJ_obj2nid(gkt->key_agreement_info->cipher);
- OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8);
+ if (gkt->key_agreement_info->eph_iv->length != 8) {
+ GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
+ GOST_R_INVALID_IV_LENGTH);
+ goto err;
+ }
memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8);
- OPENSSL_assert(gkt->key_info->encrypted_key->length == 32);
+ if (gkt->key_info->encrypted_key->length != 32) {
+ GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
+ EVP_R_BAD_KEY_LENGTH);
+ goto err;
+ }
memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32);
- OPENSSL_assert(gkt->key_info->imit->length == 4);
+ if (gkt->key_info->imit->length != 4) {
+ GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4);
if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0)
goto err;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 01:47:35 +0000