112 lines
3.4 KiB
Diff
112 lines
3.4 KiB
Diff
From 6ba22cd5ac33d740580dcbe8dae84d41cff26e47 Mon Sep 17 00:00:00 2001
|
|
From: Zhiqi Song <songzhiqi1@huawei.com>
|
|
Date: Sat, 17 Jun 2023 20:51:24 +0800
|
|
Subject: [PATCH 25/48] ecc: add openssl method null pointer judgement
|
|
|
|
Add openssl method null pointer judgement of ecc
|
|
algs to avoid null pointer access in abnornal cases.
|
|
And release the pkey method in error handling branch.
|
|
|
|
Signed-off-by: Zhiqi Song <songzhiqi1@huawei.com>
|
|
---
|
|
src/uadk_ec.c | 21 +++++++++++++++++++++
|
|
src/uadk_ecx.c | 2 ++
|
|
src/uadk_sm2.c | 1 +
|
|
3 files changed, 24 insertions(+)
|
|
|
|
diff --git a/src/uadk_ec.c b/src/uadk_ec.c
|
|
index 781e7f1..5852d04 100644
|
|
--- a/src/uadk_ec.c
|
|
+++ b/src/uadk_ec.c
|
|
@@ -405,6 +405,11 @@ static ECDSA_SIG *openssl_do_sign(const unsigned char *dgst, int dlen,
|
|
EC_KEY_METHOD *openssl_meth;
|
|
|
|
openssl_meth = (EC_KEY_METHOD *)EC_KEY_OpenSSL();
|
|
+ if (!openssl_meth) {
|
|
+ fprintf(stderr, "failed to get OpenSSL method\n");
|
|
+ return NULL;
|
|
+ }
|
|
+
|
|
EC_KEY_METHOD_get_sign(openssl_meth, NULL, NULL,
|
|
&sign_sig_pfunc);
|
|
if (!sign_sig_pfunc) {
|
|
@@ -647,6 +652,11 @@ static int openssl_do_verify(const unsigned char *dgst, int dlen,
|
|
EC_KEY_METHOD *openssl_meth;
|
|
|
|
openssl_meth = (EC_KEY_METHOD *)EC_KEY_OpenSSL();
|
|
+ if (!openssl_meth) {
|
|
+ fprintf(stderr, "failed to get OpenSSL method\n");
|
|
+ return -1;
|
|
+ }
|
|
+
|
|
EC_KEY_METHOD_get_verify(openssl_meth, NULL,
|
|
&verify_sig_pfunc);
|
|
if (!verify_sig_pfunc) {
|
|
@@ -814,6 +824,11 @@ static int openssl_do_generate(EC_KEY *eckey)
|
|
EC_KEY_METHOD *openssl_meth;
|
|
|
|
openssl_meth = (EC_KEY_METHOD *)EC_KEY_OpenSSL();
|
|
+ if (!openssl_meth) {
|
|
+ fprintf(stderr, "failed to get OpenSSL method\n");
|
|
+ return -1;
|
|
+ }
|
|
+
|
|
EC_KEY_METHOD_get_keygen(openssl_meth, &gen_key_pfunc);
|
|
if (!gen_key_pfunc) {
|
|
fprintf(stderr, "gen_key_pfunc is NULL\n");
|
|
@@ -1255,6 +1270,11 @@ static int openssl_do_compute(unsigned char **pout,
|
|
EC_KEY_METHOD *openssl_meth;
|
|
|
|
openssl_meth = (EC_KEY_METHOD *)EC_KEY_OpenSSL();
|
|
+ if (!openssl_meth) {
|
|
+ fprintf(stderr, "failed to get OpenSSL method\n");
|
|
+ return -1;
|
|
+ }
|
|
+
|
|
EC_KEY_METHOD_get_compute_key(openssl_meth, &comp_key_pfunc);
|
|
if (!comp_key_pfunc) {
|
|
fprintf(stderr, "comp_key_pfunc is NULL\n");
|
|
@@ -1420,6 +1440,7 @@ int uadk_ec_create_pmeth(struct uadk_pkey_meth *pkey_meth)
|
|
openssl_meth = get_openssl_pkey_meth(EVP_PKEY_EC);
|
|
if (!openssl_meth) {
|
|
fprintf(stderr, "failed to get ec pkey methods\n");
|
|
+ EVP_PKEY_meth_free(meth);
|
|
return 0;
|
|
}
|
|
|
|
diff --git a/src/uadk_ecx.c b/src/uadk_ecx.c
|
|
index aebd808..3eafdfb 100644
|
|
--- a/src/uadk_ecx.c
|
|
+++ b/src/uadk_ecx.c
|
|
@@ -813,6 +813,7 @@ int uadk_x25519_create_pmeth(struct uadk_pkey_meth *pkey_meth)
|
|
openssl_meth = get_openssl_pkey_meth(EVP_PKEY_X25519);
|
|
if (!openssl_meth) {
|
|
fprintf(stderr, "failed to get x25519 pkey methods\n");
|
|
+ EVP_PKEY_meth_free(meth);
|
|
return UADK_E_FAIL;
|
|
}
|
|
|
|
@@ -858,6 +859,7 @@ int uadk_x448_create_pmeth(struct uadk_pkey_meth *pkey_meth)
|
|
openssl_meth = get_openssl_pkey_meth(EVP_PKEY_X448);
|
|
if (!openssl_meth) {
|
|
fprintf(stderr, "failed to get x448 pkey methods\n");
|
|
+ EVP_PKEY_meth_free(meth);
|
|
return UADK_E_FAIL;
|
|
}
|
|
|
|
diff --git a/src/uadk_sm2.c b/src/uadk_sm2.c
|
|
index ba90f68..f393641 100644
|
|
--- a/src/uadk_sm2.c
|
|
+++ b/src/uadk_sm2.c
|
|
@@ -1643,6 +1643,7 @@ int uadk_sm2_create_pmeth(struct uadk_pkey_meth *pkey_meth)
|
|
openssl_meth = get_openssl_pkey_meth(EVP_PKEY_SM2);
|
|
if (!openssl_meth) {
|
|
fprintf(stderr, "failed to get sm2 pkey methods\n");
|
|
+ EVP_PKEY_meth_free(meth);
|
|
return -1;
|
|
}
|
|
|
|
--
|
|
2.25.1
|
|
|