Avoid exporting bogus (empty) data if empty selection is used

author Tomas Mraz <tomas@openssl.org>

Fri, 21 Jul 2023 14:26:12 +0000 (16:26 +0200)

committer Todd Short <todd.short@me.com>

Fri, 4 Aug 2023 14:09:43 +0000 (10:09 -0400)
author Tomas Mraz <tomas@openssl.org>
Fri, 21 Jul 2023 14:26:12 +0000 (16:26 +0200)
committer Todd Short <todd.short@me.com>
Fri, 4 Aug 2023 14:09:43 +0000 (10:09 -0400)
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c

index d0a101ab3716a1b518da7956be6d1217de78008a..eaca876bb9d133f3de2671cbcf4312a87cc4dd6a 100644 (file)
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@@ -222,6 +222,9 @@ static int dh_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
      if (!ossl_prov_is_running() || dh == NULL)
          return 0;
  
+    if ((selection & DH_POSSIBLE_SELECTIONS) == 0)
+        return 0;
+
      tmpl = OSSL_PARAM_BLD_new();
      if (tmpl == NULL)
          return 0;
diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c

index 9aa699c28904392b67b3f4a9bbb1fa037fb33191..c2400e4602ddd860f984dd3827cfeb15acea6d0d 100644 (file)
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -223,6 +223,9 @@ static int dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
      if (!ossl_prov_is_running() || dsa == NULL)
          return 0;
  
+    if ((selection & DSA_POSSIBLE_SELECTIONS) == 0)
+        return 0;
+
      tmpl = OSSL_PARAM_BLD_new();
      if (tmpl == NULL)
          return 0;
diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c

index f79fe9fde7260279f0890c7bf068905230126700..0a354ea721d02aae89229d674d25713db0b6182b 100644 (file)
--- a/providers/implementations/keymgmt/ecx_kmgmt.c
+++ b/providers/implementations/keymgmt/ecx_kmgmt.c
@@ -241,6 +241,9 @@ static int ecx_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
      if (!ossl_prov_is_running() || key == NULL)
          return 0;
  
+    if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0)
+        return 0;
+
      tmpl = OSSL_PARAM_BLD_new();
      if (tmpl == NULL)
          return 0;
diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c

index babeba748dacda5113df529004391d05d6c31037..9b37027a966e7b15b6023f41efc0409a4a25a36c 100644 (file)
--- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c
+++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c
@@ -275,6 +275,9 @@ static int mac_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
      if (!ossl_prov_is_running() || key == NULL)
          return 0;
  
+    if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) == 0)
+        return 0;
+
      tmpl = OSSL_PARAM_BLD_new();
      if (tmpl == NULL)
          return 0;
author	Tomas Mraz <tomas@openssl.org>
	Fri, 21 Jul 2023 14:26:12 +0000 (16:26 +0200)
committer	Todd Short <todd.short@me.com>
	Fri, 4 Aug 2023 14:09:43 +0000 (10:09 -0400)
providers/implementations/keymgmt/dh_kmgmt.c		patch \| blob \| blame \| history
providers/implementations/keymgmt/dsa_kmgmt.c		patch \| blob \| blame \| history
providers/implementations/keymgmt/ecx_kmgmt.c		patch \| blob \| blame \| history
providers/implementations/keymgmt/mac_legacy_kmgmt.c		patch \| blob \| blame \| history