summaryrefslogtreecommitdiff
path: root/lib/libcrypto
diff options
context:
space:
mode:
authorTheo Buehler <tb@cvs.openbsd.org>2024-11-15 08:49:08 +0000
committerTheo Buehler <tb@cvs.openbsd.org>2024-11-15 08:49:08 +0000
commit7441a91517b2a793c77137605c7577f1da70f509 (patch)
treeae65e0fb0036bbff98680bc2fa5ca21e47cd694d /lib/libcrypto
parent22b896e31ab60c6e6fc6e99d6058e520fe60da74 (diff)
EC_KEY_copy() don't leave stale private keys in place
As most other objects, EC_KEYs can be as sparsely and invalidly populated as imagination permits and the competent designers of EC_KEY_copy() chose to just copy over what's available (yeah, what kind of copy is that?) and leave in place what happens to be there. In particular, if the dest EC key was used with a different group and has a private key, but the source key doesn't, the dest private key remains intact, as invalid, incompatible and unusable as it may be. Fix this by clearing said private key. ok jsing
Diffstat (limited to 'lib/libcrypto')
-rw-r--r--lib/libcrypto/ec/ec_key.c9
1 files changed, 3 insertions, 6 deletions
diff --git a/lib/libcrypto/ec/ec_key.c b/lib/libcrypto/ec/ec_key.c
index 1aef6343498..662a7c0f49a 100644
--- a/lib/libcrypto/ec/ec_key.c
+++ b/lib/libcrypto/ec/ec_key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_key.c,v 1.46 2024/11/08 22:10:18 tb Exp $ */
+/* $OpenBSD: ec_key.c,v 1.47 2024/11/15 08:49:07 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project.
*/
@@ -150,12 +150,9 @@ EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
}
}
- /*
- * XXX - if there's no priv_key on src, dest retains its probably
- * invalid priv_key. This makes no sense. Can we change this?
- */
+ BN_free(dest->priv_key);
+ dest->priv_key = NULL;
if (src->priv_key != NULL) {
- BN_free(dest->priv_key);
if ((dest->priv_key = BN_dup(src->priv_key)) == NULL)
return NULL;
}