From: Tomas Mraz <tomas@openssl.org>
Date: Mon, 25 Jan 2021 18:12:43 +0000 (+0100)
Subject: dh_cms_set_peerkey: Pad the public key to p size
X-Git-Tag: openssl-3.0.0-alpha12~155
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6a1a6498ac4ecfb95331e30fc52d6e25cafbba43;p=thirdparty%2Fopenssl.git

dh_cms_set_peerkey: Pad the public key to p size

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13958)
---

diff --git a/crypto/cms/cms_dh.c b/crypto/cms/cms_dh.c
index 52bce12c73d..e55b4a062f3 100644
--- a/crypto/cms/cms_dh.c
+++ b/crypto/cms/cms_dh.c
@@ -48,7 +48,11 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
 
     if ((public_key = d2i_ASN1_INTEGER(NULL, &p, plen)) == NULL)
         goto err;
-    plen = ASN1_STRING_length((ASN1_STRING *)public_key);
+    /*
+     * Pad to full p parameter size as that is checked by
+     * EVP_PKEY_set1_encoded_public_key()
+     */
+    plen = EVP_PKEY_size(pk);
     if ((bnpub = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL)
         goto err;
     if ((buf = OPENSSL_malloc(plen)) == NULL)