git.ipfire.org Git - thirdparty/openssl.git/commit

author	Bernd Edlinger <bernd.edlinger@hotmail.de>
	Thu, 8 Feb 2024 21:21:55 +0000 (22:21 +0100)
committer	Tomas Mraz <tomas@openssl.org>
	Tue, 2 Apr 2024 15:49:38 +0000 (17:49 +0200)
commit	2fe6c0fbb5ae7e2279e80d7cdff99a1bd2a45733
tree	0790a5ae5c11911bde149f1e0ebaede015c94276	tree \| snapshot
parent	845e6824098cd0845c85af0f19afc904b8f48111	commit \| diff

Fix handling of NULL sig parameter in ECDSA_sign and similar

The problem is, that it almost works to pass sig=NULL to the
ECDSA_sign, ECDSA_sign_ex and DSA_sign, to compute the necessary
space for the resulting signature.
But since the ECDSA signature is non-deterministic
(except when ECDSA_sign_setup/ECDSA_sign_ex are used)
the resulting length may be different when the API is called again.
This can easily cause random memory corruption.
Several internal APIs had the same issue, but since they are
never called with sig=NULL, it is better to make them return an
error in that case, instead of making the code more complex.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23529)

(cherry picked from commit 1fa2bf9b1885d2e87524421fea5041d40149cffa)

crypto/dsa/dsa_sign.c		diff \| blob \| blame \| history
crypto/ec/ecdsa_ossl.c		diff \| blob \| blame \| history
crypto/sm2/sm2_sign.c		diff \| blob \| blame \| history
test/dsatest.c		diff \| blob \| blame \| history
test/ecdsatest.c		diff \| blob \| blame \| history