Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
openssl-1_1.24606
CVE-2021-3711-1-Correctly-calculate-the-length-...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2021-3711-1-Correctly-calculate-the-length-of-SM2-plaintext-give.patch of Package openssl-1_1.24606
Index: openssl-1.1.1d/crypto/include/internal/sm2.h =================================================================== --- openssl-1.1.1d.orig/crypto/include/internal/sm2.h +++ openssl-1.1.1d/crypto/include/internal/sm2.h @@ -60,8 +60,7 @@ int sm2_verify(const unsigned char *dgst int sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, size_t *ct_size); -int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, - size_t *pt_size); +int sm2_plaintext_size(const unsigned char *ct, size_t ct_size, size_t *pt_size); int sm2_encrypt(const EC_KEY *key, const EVP_MD *digest, Index: openssl-1.1.1d/crypto/sm2/sm2_crypt.c =================================================================== --- openssl-1.1.1d.orig/crypto/sm2/sm2_crypt.c +++ openssl-1.1.1d/crypto/sm2/sm2_crypt.c @@ -61,29 +61,20 @@ static size_t ec_field_size(const EC_GRO return field_size; } -int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, - size_t *pt_size) +int sm2_plaintext_size(const unsigned char *ct, size_t ct_size, size_t *pt_size) { - const size_t field_size = ec_field_size(EC_KEY_get0_group(key)); - const int md_size = EVP_MD_size(digest); - size_t overhead; + struct SM2_Ciphertext_st *sm2_ctext = NULL; - if (md_size < 0) { - SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_DIGEST); - return 0; - } - if (field_size == 0) { - SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_FIELD); - return 0; - } + sm2_ctext = d2i_SM2_Ciphertext(NULL, &ct, ct_size); - overhead = 10 + 2 * field_size + (size_t)md_size; - if (msg_len <= overhead) { + if (sm2_ctext == NULL) { SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_ENCODING); return 0; } - *pt_size = msg_len - overhead; + *pt_size = sm2_ctext->C2->length; + SM2_Ciphertext_free(sm2_ctext); + return 1; } Index: openssl-1.1.1d/crypto/sm2/sm2_pmeth.c =================================================================== --- openssl-1.1.1d.orig/crypto/sm2/sm2_pmeth.c +++ openssl-1.1.1d/crypto/sm2/sm2_pmeth.c @@ -151,7 +151,7 @@ static int pkey_sm2_decrypt(EVP_PKEY_CTX const EVP_MD *md = (dctx->md == NULL) ? EVP_sm3() : dctx->md; if (out == NULL) { - if (!sm2_plaintext_size(ec, md, inlen, outlen)) + if (!sm2_plaintext_size(in, inlen, outlen)) return -1; else return 1; Index: openssl-1.1.1d/test/sm2_internal_test.c =================================================================== --- openssl-1.1.1d.orig/test/sm2_internal_test.c +++ openssl-1.1.1d/test/sm2_internal_test.c @@ -185,7 +185,7 @@ static int test_sm2_crypt(const EC_GROUP if (!TEST_mem_eq(ctext, ctext_len, expected, ctext_len)) goto done; - if (!TEST_true(sm2_plaintext_size(key, digest, ctext_len, &ptext_len)) + if (!TEST_true(sm2_plaintext_size(ctext, ctext_len, &ptext_len)) || !TEST_int_eq(ptext_len, msg_len)) goto done;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
