provider: return error if buf too small when getting ec pubkey param

Fixes #20889 There was an incorrect value passed to EC_POINT_point2oct() for the buffer size of the param passed-in. Added testcases. Signed-off-by: Yi Li <yi1.li@intel.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20890)
author: Yi Li <yi1.li@intel.com> 2023-05-05 11:30:05 +0800
committer: Tomas Mraz <tomas@openssl.org> 2023-05-12 10:32:06 +0200
commit: 91070877adb905f51eb4b19b730d42fc257bae13 (patch)
tree: 2c05344c445d57646e4bf03d790c5674deaa88ac
parent: 9a271795f84eb5402ce1ecfbcfd21392ad1560d0 (diff)
download: openssl-new-91070877adb905f51eb4b19b730d42fc257bae13.tar.gz
2 files changed, 23 insertions, 1 deletions
diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
index e79a50df42..d9c585cd3b 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -745,7 +745,7 @@ int common_get_params(void *key, OSSL_PARAM params[], int sm2)
         }
         p->return_size = EC_POINT_point2oct(ecg, ecp,
                                             POINT_CONVERSION_UNCOMPRESSED,
-                                            p->data, p->return_size, bnctx);
+                                            p->data, p->data_size, bnctx);
         if (p->return_size == 0)
             goto err;
     }
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index 1141d52666..72a6305d89 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -900,6 +900,8 @@ static int test_EC_priv_pub(void)
     BIGNUM *priv = NULL;
     int ret = 0;
     unsigned char *encoded = NULL;
+    size_t len = 0;
+    unsigned char buffer[128];
 
     /*
      * Setup the parameters for our pkey object. For our purposes they don't
@@ -1019,6 +1021,26 @@ static int test_EC_priv_pub(void)
         goto err;
     }
 
+    /* Positive and negative testcase for EVP_PKEY_get_octet_string_param */
+    if (!TEST_int_eq(EVP_PKEY_get_octet_string_param(params_and_pub,
+                                                     OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY,
+                                                     buffer, sizeof(buffer), &len), 1)
+        || !TEST_int_eq(len, 65))
+        goto err;
+
+    len = 0;
+    if (!TEST_int_eq(EVP_PKEY_get_octet_string_param(params_and_pub,
+                                                     OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY,
+                                                     NULL, 0, &len), 1)
+        || !TEST_int_eq(len, 65))
+        goto err;
+
+    /* too-short buffer len*/
+    if (!TEST_int_eq(EVP_PKEY_get_octet_string_param(params_and_pub,
+                                                     OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY,
+                                                     buffer, 10, &len), 0))
+        goto err;
+
     ret = 1;
  err:
     OSSL_PARAM_free(params);
author	Yi Li <yi1.li@intel.com>	2023-05-05 11:30:05 +0800
committer	Tomas Mraz <tomas@openssl.org>	2023-05-12 10:32:06 +0200
commit	91070877adb905f51eb4b19b730d42fc257bae13 (patch)
tree	2c05344c445d57646e4bf03d790c5674deaa88ac
parent	9a271795f84eb5402ce1ecfbcfd21392ad1560d0 (diff)
download	openssl-new-91070877adb905f51eb4b19b730d42fc257bae13.tar.gz