Fix bug in scrypt KDF provider dup method #17873
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The scrypt KDF provider's dup method calls kdf_scrypt_new passing a libctx, but a provider context is expected. Since the provider context is passed as void *, this was not caught.
hlandau
added
branch: master
mattcaswell
approved these changes
Mar 11, 2022
mattcaswell
removed
the
approval: otc review pending
t8m
approved these changes
Mar 11, 2022
t8m
added
approval: done
|
@t8m I was just thinking about this. The dup operation is actually already exercised in test_evp and it's thanks to that that this was caught; refactoring libctx somehow caused this to be exposed in the test suite. Maybe the struct layouts of the different structures happened to align that it somehow worked. Since dup is already tested I'm not sure adding more tests for it would have helped. |
|
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
paulidale
approved these changes
Mar 13, 2022
t8m
added
approval: ready to merge
openssl-machine
pushed a commit
that referenced
this pull request
Mar 14, 2022
The scrypt KDF provider's dup method calls kdf_scrypt_new passing a libctx, but a provider context is expected. Since the provider context is passed as void *, this was not caught. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #17873)
|
It seems this has been merged, so closing. |
t8m
pushed a commit
to t8m/openssl
that referenced
this pull request
Nov 4, 2022
The scrypt KDF provider's dup method calls kdf_scrypt_new passing a libctx, but a provider context is expected. Since the provider context is passed as void *, this was not caught. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#17873) (cherry picked from commit e04c2c0)
t8m
pushed a commit
to t8m/openssl
that referenced
this pull request
Nov 4, 2022
The scrypt KDF provider's dup method calls kdf_scrypt_new passing a libctx, but a provider context is expected. Since the provider context is passed as void *, this was not caught. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#17873) (cherry picked from commit e04c2c0)
t8m
pushed a commit
to t8m/openssl
that referenced
this pull request
Nov 9, 2022
The scrypt KDF provider's dup method calls kdf_scrypt_new passing a libctx, but a provider context is expected. Since the provider context is passed as void *, this was not caught. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#17873) (cherry picked from commit e04c2c0)
openssl-machine
pushed a commit
that referenced
this pull request
Nov 11, 2022
The scrypt KDF provider's dup method calls kdf_scrypt_new passing a libctx, but a provider context is expected. Since the provider context is passed as void *, this was not caught. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #17873) (cherry picked from commit e04c2c0)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The scrypt KDF provider's dup method calls kdf_scrypt_new passing a libctx, but a provider context is expected. Since the provider context is passed as void *, this was not caught.
Discovered while refactoring libctx.
This method was not implemented for scrypt in 3.0, so not applicable to it.