Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DH_set0_key wrongly checks for non-NULL arguments #92

Closed
oerdnj opened this issue May 2, 2018 · 2 comments
Closed

DH_set0_key wrongly checks for non-NULL arguments #92

oerdnj opened this issue May 2, 2018 · 2 comments
Assignees
@botovq
Labels
bug

Comments

@oerdnj
Copy link

oerdnj commented May 2, 2018

The compatibility function DH_set0_key added in LibreSSL 2.7.0 has a different (possibly unwanted) behaviour from OpenSSL 1.1.0. In OpenSSL, it is perfectly OK to add just add pub_key to otherwise empty DH structure, e.g. this is OK:

dh = DH_new();
BIGNUM pub_key;
BN_hex2bn(pub_key, "02");
DH_set0_key(dh, pub_key, NULL);

In LibreSSL, this would fail to set the internal structures because dh->priv_key == NULL.

I don't think having quirks like this is desirable for users of both libraries.
@4a6f656c
Copy link

4a6f656c commented May 2, 2018

Thanks for the report - this is a bug and will be addressed shortly.

@4a6f656c 4a6f656c added the bug label May 2, 2018
@4a6f656c 4a6f656c assigned 4a6f656c and botovq and unassigned 4a6f656c May 2, 2018
busterb pushed a commit that referenced this issue May 2, 2018
MFC:
44408c1 
Remove incorrect NULL checks in DH_set0_key().
Reported by Ondrej Sury, LibreSSL-portable issue #92.

ok inoguchi, jsing
busterb pushed a commit that referenced this issue May 2, 2018
Remove incorrect NULL checks in DH_set0_key().
f1d2136 
Reported by Ondřej Surý, LibreSSL-portable issue #92.

ok inoguchi, jsing
@botovq
Copy link

botovq commented May 5, 2018

Fixed in LibreSSL 2.7.3 that was released a few hours ago. Thanks again for the report.

@botovq botovq closed this as completed May 5, 2018
busterb pushed a commit that referenced this issue Feb 7, 2022
MFC:
00f6bcd 
Remove incorrect NULL checks in DH_set0_key().
Reported by Ondrej Sury, LibreSSL-portable issue #92.

ok inoguchi, jsing
busterb pushed a commit that referenced this issue Feb 9, 2022
MFC:
c4f4ba8 
Remove incorrect NULL checks in DH_set0_key().
Reported by Ondrej Sury, LibreSSL-portable issue #92.

ok inoguchi, jsing
busterb pushed a commit that referenced this issue Feb 9, 2022
MFC:
cdd39cd 
Remove incorrect NULL checks in DH_set0_key().
Reported by Ondrej Sury, LibreSSL-portable issue #92.

ok inoguchi, jsing
botovq pushed a commit that referenced this issue Sep 19, 2022
MFC:
6dc8e96 
Remove incorrect NULL checks in DH_set0_key().
Reported by Ondrej Sury, LibreSSL-portable issue #92.

ok inoguchi, jsing
botovq pushed a commit that referenced this issue Aug 9, 2023
MFC:
31be7a8 
Remove incorrect NULL checks in DH_set0_key().
Reported by Ondrej Sury, LibreSSL-portable issue #92.

ok inoguchi, jsing
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@botovq botovq

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@oerdnj @4a6f656c @botovq